cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1063
Views
0
Helpful
17
Replies

2950 VLAN Problem

dunn
Level 1
Level 1

I have a 2950 that is running the same configuration as three other 2950s in my data center. All are running the same IOS, 12.1(9)EA1. This switch does not seem to be learning the management VLAN that I have created for all of my cisco devices. The configuration running on this switch is similar to this config, with a different hostname and VLAN2 IP address. I am unable to remotely manage this device or ping it by the IP address that is assigned to VLAN2. There is communication over the trunk port though, and I am able to connect devices to this switch and they connect to my network without any issues. Any idea how I can resolve this? please let me know if I can provide any additional information. Thanks.

Current configuration : 3356 bytes

!

version 12.1

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname cisco2950DC3

!

logging buffered 10000 debugging

!

ip subnet-zero

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/2

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/24

switchport access vlan 100

!

interface GigabitEthernet0/1

description Trunk to 3550

switchport mode trunk

!

interface GigabitEthernet0/2

description Trunk to cisco2950dc4

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan2

ip address 10.1.2.24 255.255.254.0

no ip route-cache

!

ip default-gateway 10.1.2.1

ip http server

!

logging trap debugging

logging 192.168.1.10

snmp-server engineID local xxx

!

line con 0

login local

stopbits 1

line vty 0 4

exec-timeout 15 0

login local

line vty 5 15

exec-timeout 15 0

login

!

!

monitor session 1 source interface Fa0/1 - 23 rx

monitor session 1 destination interface Fa0/24

end

17 Replies 17

froggy3132000
Level 3
Level 3

So what you are saying is certain vlan's are not being propagated to this switch?

Can you print the output of "show vtp status"?

gpulos
Level 8
Level 8

the G0/2 interface shown above does not have a trunk defined. (although it states in the description it is a trunk)

you'll need a trunk to the 2950 if it's connected to G0/2 in order to get vtp updates across that link.

glen.grant
VIP Alumni
VIP Alumni

Verify the trunk is working correctly, "show int trunk" . Are you running client server or transparent . If just running transparent I don't see where you created the layer 2 vlan for vlan 2 which should show up in the config if running transparent . Verify with the show vlan command and see if vlan 2 is created and in a active state , if not just do a conf t , vlan 2 , enter and recheck and see if you can get to the switch after about 35 seconds.

John Burnham
Level 1
Level 1

Which port is connected to the rest of your network?

Upgrade to 12.1(22)EA8.

Run "show vlan"? VLAN 2 may not be set-up on the switch. I have seen VLAN's not coming up if you do not specify VLAN ID in an interface.

If you want your switches to update each other for VLAN you need to create a VTP domain, otherwise to be safe use VTP transparent to avoid a test switch crashing your network.

I ran a few of the diagnostic commands that were suggested, the results are listed below. I have also included the config from the switch that I cannot remotely manage. The config that I previously included was from a similar switch in my data center. G0/1 is connected by a crossover cable to G0/2 on the other switch. The other switch port that it connects to does not have switchport mode trunk set on the port. I have tried adding this and I lose all connection to the switch on the other side.

sh int

Vlan1 is administratively down, line protocol is down

Hardware is CPU Interface, address is 000f.90c2.e1c0 (bia 000f.90c2.e1c0)

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 4000 bits/sec, 8 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

18955503 packets input, 1366709181 bytes, 0 no buffer

Received 0 broadcasts (0 IP multicast)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

20585097 packets output, 0 bytes, 0 underruns

0 output errors, 2 interface resets

0 output buffer failures, 0 output buffers swapped out

Vlan2 is down, line protocol is down

Hardware is CPU Interface, address is 000f.90c2.e1c0 (bia 000f.90c2.e1c0)

Description: Managment VLAN

Internet address is 10.1.2.25/23

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts (0 IP multicast)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 packets output, 0 bytes, 0 underruns

0 output errors, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

----------------------------------------------------

sh vtp stat

VTP Version : 2

Configuration Revision : 5

Maximum VLANs supported locally : 250

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : hlvtp

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x25 0x8D 0x94 0x90 0x1F 0x33 0xE3 0xD7

Configuration last modified by 192.168.1.190 at 3-2-93 07:22:28

cisco2950dc4#sh int trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi0/1 1-2,100-110,200-205,1002-1005

Port Vlans allowed and active in management domain

Gi0/1 1,100-101

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1,100-101

------------------------------------------------------------------------------------------------------

cisco2950dc4(config)#vlan 2

VTP VLAN configuration not allowed when device is in CLIENT mode.

cisco2950dc4(config)#

Here is the config:

cisco2950dc4#sh run

Building configuration...

Current configuration : 4629 bytes

!

version 12.1

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname cisco2950dc4

!

logging buffered 10000 debugging

!

ip subnet-zero

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

switchport access vlan 100

no ip address

spanning-tree portfast

!

interface FastEthernet0/24

description IDS Monitor

switchport access vlan 100

no ip address

!

interface GigabitEthernet0/1

switchport trunk allowed vlan 1,2,100-110,200-205,1002-1005

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

switchport trunk allowed vlan 1,2,100-110,200-205,1002-1005

switchport mode trunk

no ip address

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan2

description Managment VLAN

ip address 10.1.2.25 255.255.254.0

no ip route-cache

!

ip default-gateway 10.1.2.1

no ip http server

!

logging trap debugging

logging 192.168.1.118

snmp-server engineID local 000000090200000820FD0000

!

line con 0

login local

stopbits 1

line vty 0 4

exec-timeout 15 0

login local

line vty 5 15

exec-timeout 15 0

login

!

!

monitor session 1 source interface Fa0/1 - 23 rx

monitor session 1 destination interface Fa0/24

end

Hi,

Being in the client mode, this switch should get vlan info from server. But ur diag results shows that the particular vlan is in down state. It looks like that this switch not getting info for vlan 2.

Pls.see the show vlan command result that whether the vlan 2 shows active or not and also check the connected port of neighboring switch whether they are passing vlan 2 to this switch or not.

Rate if it does,

Rgs

Make sure vlan 2 is defined and being allowed across trunk on the far end . Also make sure vtp domain name matches exactly on all your switches...

The switch which is configured as VTP server mode must include VLAN2. However, if you want to have a quick test. You can try to remove the VLAN2 IP address and add it back to VLAN1 to determine the connectivity. If it works, it is VTP mode issue. If it isn't there may be another issue.

I have about 10 devices connected to this switch. Is this a safe change to make during business hours?

Here is the show vlan. VLAN 2 is not showing up, so it is doesn;t look like it is being learned from the connected switch. How can I fix this?

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Gi0/2

5 VLAN0005 active

100 VLAN0100 active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

101 VLAN0101 active

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

5 enet 100005 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

101 enet 100101 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1003 tr 101003 1500 - - - - - 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

cisco2950dc4#

Please post the far end switch config , along with the "show vlAn", and sh int trunk command . Verify the far end is really running as a server adn not as transparent . Verify vtp domain names are the same . This should be a simple problem just need configs from both ends...

This is the config for the far end switch.

Current configuration : 3356 bytes

!

version 12.1

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname cisco2950DC3

!

logging buffered 10000 debugging

ip subnet-zero

!

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/24

switchport access vlan 100

!

interface GigabitEthernet0/1

description Trunk to 3550

switchport mode trunk

!

interface GigabitEthernet0/2

description Trunk to cisco2950dc4

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan2

ip address 10.1.2.24 255.255.254.0

no ip route-cache

!

ip default-gateway 10.1.2.1

ip http server

!

!

line con 0

login local

stopbits 1

line vty 0 4

exec-timeout 15 0

login local

line vty 5 15

exec-timeout 15 0

login

!

!

monitor session 1 source interface Fa0/1 - 23 rx

monitor session 1 destination interface Fa0/24

end

Here are the diag commands from the far end 2950 switch. This 2950 is also configured as a VTP client. The only VTP server on my network is a 3550 that we have setup a the core.

cisco2950DC3#sh vlan

VLAN Name Status Ports

---- -------------------------------- --------- -----

1 default active

2 LAN_Mgmt active

3 VLAN0003 active

10 VLAN0010 active

11 VLAN0011 active

100 VLAN0100 active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

101 VLAN0101 active

102 VLAN0102 active

103 VLAN0103 active

104 VLAN0104 active

110 VLAN0110 active

200 VLAN0200 active

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

2 enet 100002 1500 - - - - - 0 0

3 enet 100003 1500 - - - - - 0 0

10 enet 100010 1500 - - - - - 0 0

11 enet 100011 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

101 enet 100101 1500 - - - - - 0 0

102 enet 100102 1500 - - - - - 0 0

103 enet 100103 1500 - - - - - 0 0

104 enet 100104 1500 - - - - - 0 0

110 enet 100110 1500 - - - - - 0 0

200 enet 100200 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

1003 tr 101003 1500 - - - - srb 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trnet 101005 1500 - - - ibm - 0 0

cisco2950DC3#sh int trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 1

Gi0/2 desirable 802.1q trunking 1

Port Vlans allowed on trunk

Gi0/1 1-4094

Gi0/2 1-4094

Port Vlans allowed and active in management domain

Gi0/1 1-3,10-11,100-104,110,200

Gi0/2 1-3,10-11,100-104,110,200

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1-3,10-11,100-104,110,200

Gi0/2 1-3,10-11,100-104,110,200

---------------------------

cisco2950DC3#sh vtp status

VTP Version : 2

Configuration Revision : 4

Maximum VLANs supported locally : 250

Number of existing VLANs : 16

VTP Operating Mode : Client

VTP Domain Name : hlvtp

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x3B 0x4D 0x4D 0x4A 0x03 0xF5 0x15 0x9E

Configuration last modified by 10.1.2.1 at 8-14-94 04:35:44

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: