Hi,

I issue command sh cdp neigbors detail on the L3 of cat. 4003 and it shows the IP address of the cat. 2950 (e.g 10.10.2.1), the names and others details on it. But when i'm in the switch OS of catalyst 4003 and issue command sh cdp neighbors detail, pls. see the captured sh cdp. I can't see the peer ip address of cat. 2950 (10.10.2.1).

cat4003 (enable) sh cdp neighbors detail

Port (Our Port): 2/1

Device-ID: Cat4003Router

Device Addresses:

IP Address: 127.0.0.3

Holdtime: 165 sec

Capabilities: ROUTER

Version:

Cisco Internetwork Operating System Software

IOS (tm) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(14)W5(20) REL

EASE SOFTWARE

Copyright (c) 1986-2001 by cisco Systems, Inc.

Compiled Thu 01-Mar-01 18:18 by integ

Platform: cisco Cat4232L3

Port-ID (Port on Neighbors's Device): GigabitEthernet3

____________________________________________________

Port (Our Port): 2/1

Device-ID: Cat4003Router

Device Addresses:

IP Address: 192.168.34.3

Holdtime: 165 sec

Capabilities: ROUTER

Version:

Cisco Internetwork Operating System Software

IOS (tm) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(14)W5(20) REL

EASE SOFTWARE

Copyright (c) 1986-2001 by cisco Systems, Inc.

Compiled Thu 01-Mar-01 18:18 by integ

Platform: cisco Cat4232L3

Port-ID (Port on Neighbors's Device): Port-channel1.1

_____________________________________________________

Port (Our Port): 2/2

Device-ID: Cat4003Router

Device Addresses:

IP Address: 127.0.0.3

Holdtime: 165 sec

Capabilities: ROUTER

Version:

Cisco Internetwork Operating System Software

IOS (tm) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(14)W5(20) REL

EASE SOFTWARE

Copyright (c) 1986-2001 by cisco Systems, Inc.

Compiled Thu 01-Mar-01 18:18 by integ

Platform: cisco Cat4232L3

Port-ID (Port on Neighbors's Device): GigabitEthernet4

_____________________________________________________

Port (Our Port): 2/3

Device-ID: wmnl139

Device Addresses:

IP Address: 192.168.24.1

Holdtime: 172 sec

Capabilities: ROUTER

Version:

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-IS-M), Version 12.0(4), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1999 by cisco Systems, Inc.

Compiled Wed 14-Apr-99 21:19 by ccai

Platform: cisco 2610

Port-ID (Port on Neighbors's Device): Ethernet0/0

____________________________________________________

Port (Our Port): 2/27

Device-ID: Router_3640

Device Addresses:

IP Address: 192.168.26.1

Holdtime: 131 sec

Capabilities: ROUTER

Version:

Cisco Internetwork Operating System Software

IOS (tm) 3600 Software (C3640-IS-M), Version 12.0(7)XK2, EARLY DEPLOYMENT RELE

ASE SOFTWARE (fc1)

TAC:Home:SW:IOS:Specials for info

Copyright (c) 1986-2000 by cisco Systems, Inc.

Compiled Tue 31-Oct-00 22:14 by kpma

Platform: cisco 3640

Port-ID (Port on Neighbors's Device): FastEthernet1/0

From the cat. 2950, i issue command sh cdp neighbors detail and it shows me the name of the catalyst 4003, the ip address is 127.0.0.3 trunk connected to gigabit 2 (outgoing) gigabit 0/2 (this is gigabit of catalyst 2950). Why i can't see the IP address of catalyst here?

My config on catalyst 4003

set the 2 gigabit port 2/1-2 to trunk on WS-X4232-L3 module

set trunk 2/1-2 desirable dot1q

and create port-channel 1 for 2/1-2

What other configuration that i need to add here?

My gigabit configuration on cat. 2950.

I created port-channel 1

port-channel 1

switchport mode trunk

switchport trunk allowed vlan 3

On Gigabit port, here is my config.

Gigabit ethernet 0/2

switchport mode trunk

switchport trunk allowed vlan 3

channel-group 1 mode desirable

no shut!

Hope you can help me on this..

Thanks

Ok, first, I believe the 4003 with a L3 services engine is similar to a Cat 6500 running in Hybrid mode. That would mean that the GBIC ports are actually on the CatOS side of the unit, not the IOS side. Have you tried issuing a CDP neighbor from the 4003 CatOS/L2 side? Is this how the 4003 with L3 engine works?

Now, I'm getting very confused about your IP Addressing... What are the IP addresses and subnet masks of the various players involved here. Why am I seeing IP addresses that are obviously in different subnet ranges? So far I have seen

192.168.24.X, 192.168.26.X, 192.168.34.X (could be in same subnet possibly? Probably not though?)

10.10.2.X

127.0.0.3? (Is this an actual assigned IP to a device? 127.0.0.X is reserved for loopback addresses)

If they are on different subnets, that would make an easy explanation why they can't ping eachother. But as far as CDP, is there a L2 side of the 4003? Can you do a CDP from there?

More importantly, what are the IP addresses/subnets of the various devices?

Hi Craig,

Actually, i had configured diff. subnets/24 on catalyst 4003. The 127.0.0.3 is actually the automatic assigned by the system CatOS. That's what i saw when i issue CDP neighbor details on the catOS. I can't see the peer switch (cat. 2950) ip address on the catOS of 4003 but on the IOS side I can see it, weird? Is there a configuration that i should do on the L2 of cat4003? or also have reconfigure the peer switch (cat.2950)?

Here's the ip address configured on my cat.4003

ip add of sc0 interface is on 192.168.15.x/24

Vlan 1 ip 192.168.15.x/24 - this subnet is where the server connected and some users. also this subnet where i plan to connect the cat2950.

Vlan 2 ip 192.168.16.x/24 - also for users here.

Vlan 3 ip 192.168.24.x/24 - subnet where our branches connected

Vlan 4 ip 192.168.26.x/24 - also for branches

Vlan 5 ip 192.168.34.x/24 - this subnet for our users here in the ofc. Also plan to install cat2950.

There's another vlan 77 that i set to native (no users/ports configured)

On L3 of cat4003.

It was configured to a port-channel

configured sub port-channel 1.15 for Vlan 1

configured sub port-channel 1.16 for Vlan 2

configured sub port-channel 1.24 for Vlan 3

configured sub port-channel 1.26 for Vlan 4

configured sub port-channel 1.34 for Vlan 5

RIP is my configured Routing Protocol

Configured Gigabit 3(g3) for channel-group 1. G3 is handling the interVlan routing.

I'm really having trouble configuring trunks on cat4003. I can't make it to work ;( grrrrrr...

What do you thinks seems to be the problem?

Cheers,

Randy

Hmm... I'm still a bit confused, this appears to operate quite a bit differently than what I'm used to on the catalysts we have here or your definitely doing something wrong.. Can you get the config's on the various components (4003, both catos and ios side) and 2950 and put them up here? I can probably figure out what your talking about from there.

Hi Craig,

Here's my CatOS 4003 config.

begin

!

# ***** NON-DEFAULT CONFIGURATION *****

!

!

#time: Sat Mar 6 2004, 08:24:51

!

#version 7.1(2)

!

!

#system web interface version(s)

!

#test

!

#frame distribution method

set port channel all distribution mac both

!

#vtp

set vtp domain HQ

set vlan 1 name default type ethernet mtu 1500 said 100001 state active

set vlan 2 name HRDBldg type ethernet mtu 1500 said 100002 state active

set vlan 3 name MainBldg. type ethernet mtu 1500 said 100003 state active

set vlan 4 name Branch01 type ethernet mtu 1500 said 100004 state active

set vlan 5 name Branch02 type ethernet mtu 1500 said 10005 state active

set vlan 77 name dummy type ethernet mtu 1500 said 100077 state active

set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active

set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee

set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm

set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off

!

#ip

set interface sc0 1 192.168.15.252/255.255.255.0 192.168.15.255

set interface sl0 down

set interface me1 down

set ip route 0.0.0.0/0.0.0.0 192.168.15.3

!

#spantree

#vlan

!

#syslog

set logging level cops 2 default

!

#set boot command

set boot config-register 0x2

set boot system flash bootflash:cat4000-k8.7-1-2.bin

!

#port channel

set port channel 2/1-4 127

!

#multicast filter

set igmp filter disable

!

#module 1 : 0-port Switching Supervisor

!

#module 2 : 34-port Router Switch Card

set vlan 1 2/3-6,2/9-18

set vlan 2 2/19-26,2/34

set vlan 3 2/27-33

set vlan 4 2/7

set vlan 5 2/8

set vlan 77 2/1-2

set trunk 2/1 nonegotiate dot1q 1-1005

set trunk 2/2 nonegotiate dot1q 1-1005

set spantree portfast 2/3,2/14,2/19,2/22,2/25,2/29 disable

set spantree portfast 2/4-13,2/15-18,2/20-21,2/23-24,2/26,2/28,2/30-34 enable

set spantree portinstancecost 2/3 cost 19999 mst

set spantree portinstancecost 2/4 cost 19999 mst

set spantree portinstancecost 2/5 cost 19999 mst

set spantree portinstancecost 2/6 cost 19999 mst

set spantree portinstancecost 2/7 cost 19999 mst

set spantree portinstancecost 2/8 cost 19999 mst

set spantree portinstancecost 2/9 cost 19999 mst

set spantree portinstancecost 2/10 cost 19999 mst

set spantree portinstancecost 2/11 cost 19999 mst

set spantree portinstancecost 2/12 cost 19999 mst

set spantree portinstancecost 2/13 cost 19999 mst

set spantree portinstancecost 2/14 cost 19999 mst

set spantree portinstancecost 2/15 cost 19999 mst

set spantree portinstancecost 2/16 cost 19999 mst

set spantree portinstancecost 2/17 cost 19999 mst

set spantree portinstancecost 2/18 cost 19999 mst

set spantree portinstancecost 2/19 cost 19999 mst

set spantree portinstancecost 2/20 cost 19999 mst

set spantree portinstancecost 2/21 cost 19999 mst

set spantree portinstancecost 2/22 cost 19999 mst

set spantree portinstancecost 2/23 cost 19999 mst

set spantree portinstancecost 2/24 cost 19999 mst

set spantree portinstancecost 2/25 cost 19999 mst

set spantree portinstancecost 2/26 cost 19999 mst

set spantree portinstancecost 2/27 cost 19999 mst

set spantree portinstancecost 2/28 cost 19999 mst

set spantree portinstancecost 2/29 cost 19999 mst

set spantree portinstancecost 2/30 cost 19999 mst

set spantree portinstancecost 2/31 cost 19999 mst

set spantree portinstancecost 2/32 cost 19999 mst

set spantree portinstancecost 2/33 cost 19999 mst

set spantree portinstancecost 2/34 cost 19999 mst

!

#module 3 empty

end

Hi Craig,

My Cat4003 IOS

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cat4003Router

!

!

ip subnet-zero

!

!

!

interface Port-channel1

no ip address

no ip directed-broadcast

hold-queue 300 in

!

interface Port-channel1.1

encapsulation dot1Q 1

ip address 192.168.15.3 255.255.255.0

ip helper-address 192.168.15.10

ip helper-address 192.168.15.8

ip helper-address 192.168.15.7

ip helper-address 192.168.15.13

ip helper-address 192.168.15.14

ip helper-address 192.168.15.16

ip helper-address 192.168.15.20

ip helper-address 192.168.15.2

ip helper-address 192.168.15.6

ip helper-address 192.168.16.8

ip helper-address 192.168.34.8

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.2

encapsulation dot1Q 2

ip address 192.168.16.3 255.255.255.0

ip helper-address 192.168.15.10

ip helper-address 192.168.15.8

ip helper-address 192.168.15.7

ip helper-address 192.168.15.13

ip helper-address 192.168.15.14

ip helper-address 192.168.15.16

ip helper-address 192.168.15.20

ip helper-address 192.168.15.2

ip helper-address 192.168.15.6

ip helper-address 192.168.16.8

ip helper-address 192.168.34.8

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.3

encapsulation dot1Q 2

ip address 192.168.24.3 255.255.255.0

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.4

encapsulation dot1Q 2

ip address 192.168.26.3 255.255.255.0

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.5

encapsulation dot1Q 3

ip address 192.168.34.3 255.255.255.0

ip helper-address 192.168.15.10

ip helper-address 192.168.15.8

ip helper-address 192.168.15.7

ip helper-address 192.168.15.13

ip helper-address 192.168.15.14

ip helper-address 192.168.15.16

ip helper-address 192.168.15.20

ip helper-address 192.168.15.2

ip helper-address 192.168.15.6

ip helper-address 192.168.16.8

ip helper-address 192.168.34.8

no ip redirects

no ip directed-broadcast

!

interface Port-channel1.77

encapsulation dot1Q 77 native

no ip directed-broadcast

!

interface FastEthernet1

no ip address

no ip directed-broadcast

shutdown

!

interface GigabitEthernet1

no ip address

no ip directed-broadcast

no shutdown

!

interface GigabitEthernet2

no ip address

no ip directed-broadcast

no shutdown

!

interface GigabitEthernet3

no ip address

no ip directed-broadcast

no negotiation auto

channel-group 1

!

interface GigabitEthernet4

no ip address

no ip directed-broadcast

no negotiation auto

!

router rip

passive-interface FastEthernet1

network 192.168.15.0

network 192.168.16.0

network 192.168.24.0

network 192.168.26.0

network 192.168.34.0

!

ip classless

!

line con 0

transport input none

line aux 0

line vty 0 4

login

password cisco

!

end

My 2950 config.

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cat2950HRDSW

!

enable secret xxxxxx

!

ip subnet-zero

!

vtp domain HQ

vtp mode transparent

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

vlan 2

!

interface Port-channel1

switchport trunk allowed vlan 2

switchport mode trunk

!

interface FastEthernet0/1

switchport access vlan 2

switchport mode access

duplex half

speed 100

!

interface FastEthernet0/2

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/3

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/5

switchport access vlan 2

switchport mode access

duplex half

speed 100

!

interface FastEthernet0/6

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/7

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/8

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/9

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/10

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/11

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/12

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/13

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/14

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/15

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/16

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/17

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/18

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/19

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/20

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/21

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/22

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/23

switchport access vlan 2

switchport mode access

!

interface FastEthernet0/24

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet0/1

switchport trunk allowed vlan 2

switchport mode trunk

channel-group 1 mode desirable

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan2

ip address 192.168.16.252 255.255.255.0

no ip route-cache

!

ip http server

!

!

line con 0

line vty 0 2

password c1sc0

login

line vty 3 4

login

line vty 5 15

login

!

end

My another 2950 switch.

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cat2950MainSW

!

enable secret xxxxx

!

ip subnet-zero

!

vtp domain HQ

vtp mode transparent

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

vlan 3

!

interface Port-channel1

switchport trunk allowed vlan 3

switchport mode trunk

!

interface FastEthernet0/1

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/2

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/3

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/5

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/6

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/7

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/8

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/9

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/10

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/11

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/12

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/13

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/14

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/15

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/16

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/17

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/18

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/19

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/20

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/21

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/22

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/23

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/24

switchport access vlan 3

switchport mode access

!

interface GigabitEthernet0/1

switchport trunk allowed vlan 3

switchport mode trunk

channel-group 1 mode on

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

interface Vlan3

ip address 192.168.34.252 255.255.255.0

no ip route-cache

!

ip http server

!

!

line con 0

line vty 0 2

password xxx

login

line vty 3 4

login

line vty 5 15

login

!

end

I guess I'm a bit confused still... It doesn't look as if any of the gigabit ports that are in the l3 engine show up on the l2 side, on the cat6500 MSFC's you only see the "VLAN" interfaces, not the "Gigabit" interfaces.

Even with these, I'm still not completely sure where your 2950's are plugging into on the 4003, I'm assuming that one of them is going to Gigabit3 on the L3 engine for your 4003. Is that correct?

First, why are you using port-channels everywhere? Are you planning on moving to greater-than 1Gb links to the different switches? port-channel's (or etherchannel) is used to combine two or more links together to form one link. Absolutely everything about each port in the channel needs to be the same at both ends for this to work and can cause some problems in diagnosing connectivity problems. If your not doing this, or planning to do it in the very near future, I would stop doing this. In order to do so, you would have to change your "Portchannel1.1's" and such on your 4003 to be "Gigabit3.1" and moving the config's to there. I would recommend this.

Also, in order to help you keep things straight in your head, set your subinterface # to be equal to your vlan number. So, if you're using vlan 4 on a subinterface, make the sub-interface # "portchannel1.4" or "gigabit3.4" or whatever.

I did notice that you have things quite confused in your Portchannels on your L3 engine. Note below from your configs that channel 1.2, 1.3, 1.4 are all on vlan 2 (dot1q 2), not to mention they're all on different subnets. You should have 1 VLAN per sub-interface and have each vlan its own subnet.

interface Port-channel1.1

encapsulation dot1Q 1

ip address 192.168.15.3 255.255.255.0

!

interface Port-channel1.2

encapsulation dot1Q 2

ip address 192.168.16.3 255.255.255.0

!

interface Port-channel1.3

encapsulation dot1Q 2

ip address 192.168.24.3 255.255.255.0

!

interface Port-channel1.4

encapsulation dot1Q 2

ip address 192.168.26.3 255.255.255.0

!

interface Port-channel1.5

encapsulation dot1Q 3

ip address 192.168.34.3 255.255.255.0

!

interface Port-channel1.77

encapsulation dot1Q 77 native

Now, on each switch, you have it trunked to the switch, but you're only allowing 1 VLAN to be on that trunk, a bit odd use of trunking. If this is really what you want to do, why not just on each side of the link, put the "uplink" port into the VLAN you want the switch to be on, then put all the ports in that switch onto that VLAN. You avoid the potential problems associated with trunking.

If you want to have multiple VLAN's go to each switch, that's fine too, but then I would take advantage of it and designate 1 VLAN to be your "management VLAN". Then, allow the management VLAN to go to every switch (ie: put it in its vlan database) and put the management address for each switch into this VLAN. The devices that connect into the switch could be on another VLAN, but all the switches would be in a single subnet for management. Personally I'd make the management VLAN the "native" VLAN on your switches, and there are some arguments to use VLAN 1 for this (as well as some against). I noticed on your 2950's that you don't have VLAN77 on them even though it is the native VLAN on the 4003, which I don't like.

Either approach will work, but try and simplify your configurations a bit. Get everything working without your etherchannels first, then work at putting them back in if desired. I think you're trying to accomplish too much all at one time. Go back to the basics and get it working, then implement the features you want one step at a time... Spend time documenting what your doing in your configurations (ie: in the interfaces configuration put a "description" in saying what its connecting too). You will be happy for doing so in the long run. For one, asking people on this forum gets to be very confusing for us not having this stuff documented...

Good luck!