Communication btw different Vlan between 2 L2 Switches... Can anyone understand me how it works

dilnaazhum · ‎03-23-2014

Hi all,

I went through one interesting question which is asked by my colleague, but i given wrong info to him.. :) Same i have simulated in GNS3 and found to be working fine.

I have attached the diagram for reference: Communincation between 2 differnce Vlan between 2 L2 switches..

Interface connected between 2 L2 switches are part of dieeferencet Vlan (access-mode) and switches throwing %CDP-4-NATIVE_VLAN_MISMATCH error, which is expeted.

*Mar 1 00:08:15.635: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet1/1 (10), with R4-SW FastEthernet1/1 (20).

But tried to ping machine (Router with no ip routing) which of differnt Vlan 10, 20 (Vlan 10 --> 10.0.0.1, and Vlan 20 --> 20.0.0.1)..and it is successfull.

R1#ping 20.0.0.1 rep 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 20.0.0.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 12/30/52 ms

R3-SW#sh cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability Platform Port ID
R4-SW            Fas 1/1            131          S I      3725      Fas 1/1
R1               Fas 1/0            121          S I      3725      Fas 0/0
R5               Fas 1/2            176          S I      3725      Fas 0/0
R3-SW#sh run int fa1/0
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet1/0
switchport access vlan 10
duplex full
speed 100
end

R3-SW#sh run int fa1/1
Building configuration...

Current configuration : 94 bytes
!
interface FastEthernet1/1
switchport access vlan 10
shutdown
duplex full
speed 100

R1#sh run int fa0/0
Building configuration...

Current configuration : 111 bytes
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
no ip route-cache
speed 100
full-duplex
end

R4-SW#sh cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability Platform Port ID
R3-SW            Fas 1/1            179          S I      3725      Fas 1/1
R6-SW            Fas 1/2            145          S I      3725      Fas 1/1
R2               Fas 1/0            166          S I      3725      Fas 0/0
R4-SW#sh run int Fas 1/0
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet1/0
switchport access vlan 20
duplex full
speed 100
end

R4-SW#sh run int fa1/1
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet1/1
switchport access vlan 20
duplex full
speed 100

R2#sh run int fa0/0
Building configuration...

Current configuration : 111 bytes
!
interface FastEthernet0/0
ip address 20.0.0.1 255.255.255.0
no ip route-cache
speed 100
full-duplex
end

----------------------------------------------------------------------------------------------------------

If interface between 2 switches are Trunk, as expected it wil not allow communincation till the presence of L3 device.

R1#ping 20.0.0.1 rep 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 20.0.0.1, timeout is 2 seconds:
...............................................................
Success rate is 0 percent (0/63)

DimaL · ‎03-23-2014

I think, that access port removes VLAN tag when traffic leaves it. So when traffic comes from SW1 to SW2 or viceversa it is not tagged with any VLAN and succesfully reaches the destination.. In case trunk configured, we would receive marked frames and it would be dropped due to VLAN mismatch. That's my thoughts..

dilnaazhum · ‎03-23-2014

Hi D,

Again if tag is removed while frame coming out from egress interface (if we configured switch port mode access) then is it take default vlan and communincate each other ????If it so then in both switches i have configured to match the packet of Vlan10 and Vlan20 respectively while entering the switch ingress interface, which may cause for packet drop, but here i am able to ping.

One observation : if I extend Vlan 10 to other end switch (second switch) interface it wont ping and i do have Vlan10 in database which make sense, were in a single L2 switch we can have max of one active SVI..

R4-SW#sh run int fa1/1
Building configuration...

Current configuration : 84 bytes
!
interface FastEthernet1/1
switchport access vlan 10
duplex full
speed 100
end

R1#ping 20.0.0.1 rep 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 20.0.0.1, timeout is 2 seconds:
.......
Success rate is 0 percent (0/7)

.

DimaL · ‎03-23-2014

DimaL · ‎03-23-2014

"then is it take default vlan and communincate each other ????" - not sure about this

"One observation : if I extend Vlan 10 to other end switch (second switch) interface it wont ping and i do have Vlan10 in database which make sense, were in a single L2 switch we can have max of one active SVI.". - PING will fail because while going back it comes from access port VLAN20 and it is still tagged with VLAN 20 but port fa 1/1 (VLAN 10) on same switch #4 will drop it due to VLAN mismatch