AM6_Networks_AdamL
asked on
Foundry VLAN Trunk Not Working
I'm trying to run a VLAN trunk between a Cisco 6509 and a Foundry BigIron in order to provision VLANs connected to copper FE ports on the Foundry to reach VLANs for Internet access up on the Cisco. I've got a million configs on the Cisco that work fine and I've setup a fiber gig port to be switchport trunk as shown:
interface GigabitEthernet2/1
description
mtu 9216
no ip address
logging event link-status
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
On the other end is the Foundry BI8 management card with 8 fiber gig ports. I attempt to search through the configs and I cant find any syntax about creating the port as a "switchport trunk" or any type of 802.1q trunking port. I found documentation that talks about configuring a port as a "trunk" but the commands within this syntax sound more like etherchannel commands used for connecting two switches for load balancing ports.
I have a Fast Ethernet connection on the Foundry that's apart of VLAN 44, set to tag traffic coming from the FE port. To do this I simply went into config mode, created VLAN 44, said: "tag eth 2/1" and I was done.
After doing that I technically have my VLAN but haven't got a clue on how to make the "backbone" connection talk like a trunk. It'd defaulted into VLAN 1, both VLANS are running spanning tree and that's about all I got.
Anyone know how to do this? ..makes me hate foundry.
interface GigabitEthernet2/1
description
mtu 9216
no ip address
logging event link-status
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
On the other end is the Foundry BI8 management card with 8 fiber gig ports. I attempt to search through the configs and I cant find any syntax about creating the port as a "switchport trunk" or any type of 802.1q trunking port. I found documentation that talks about configuring a port as a "trunk" but the commands within this syntax sound more like etherchannel commands used for connecting two switches for load balancing ports.
I have a Fast Ethernet connection on the Foundry that's apart of VLAN 44, set to tag traffic coming from the FE port. To do this I simply went into config mode, created VLAN 44, said: "tag eth 2/1" and I was done.
After doing that I technically have my VLAN but haven't got a clue on how to make the "backbone" connection talk like a trunk. It'd defaulted into VLAN 1, both VLANS are running spanning tree and that's about all I got.
Anyone know how to do this? ..makes me hate foundry.
giltjr
Which model is the Big Iron?
ASKER
I believe its the bi8gm management card with the standard 24 port fe card in slot 2
I did find that Foundry does use the term trunking to do the same function as Cisco uses the term Etherchannel for.
I think you mean a BIMG8, which is a big box. It does support 802.1q VLAN's. I don't have acces to the Foundry documentation, but I have found reference to VLAN aggregation and VLAN grouping. Wish I could be of more help.
I think you mean a BIMG8, which is a big box. It does support 802.1q VLAN's. I don't have acces to the Foundry documentation, but I have found reference to VLAN aggregation and VLAN grouping. Wish I could be of more help.
ASKER
yeah it's certainly not a limited box, it supports L3 routing with features such as BGP and OSPF, etc.
In exploring this I've essentially googled every topic I could imagine to no avail. When viewing all the possible syntax commands there isn't anything remotely close to setting a switchport to trunk mode like you do on a Cisco.
To top it off I checked out Oreily's documentation which seems to lack anything close to books on Foundry... how do these guys stay in business!
In exploring this I've essentially googled every topic I could imagine to no avail. When viewing all the possible syntax commands there isn't anything remotely close to setting a switchport to trunk mode like you do on a Cisco.
To top it off I checked out Oreily's documentation which seems to lack anything close to books on Foundry... how do these guys stay in business!
I have not clue. What I have found seems to imply that the ports are in "trunk" (Cisco term for trunk) mode unless they are specifically set in "access" mode for a specific VLAN.
Do you have access to:
"Foundry Switch and Router Installation and Basic Configuration Guide"
I found:
http://www.foundrynet.com/services/documentation/mg8/BIMG8_Config_Basic%20Features.html#wp46918
and there is a section that talks about how to enable port based VLANs. Again the way I read this, until this is enabled, every port is a "trunk" port. It also talks about how to configure a port for 802.1q VLAN tagging.
After reading a bit more, it almost like it ignores VLAN's until you tell it otherwise.
"Foundry Switch and Router Installation and Basic Configuration Guide"
I found:
http://www.foundrynet.com/services/documentation/mg8/BIMG8_Config_Basic%20Features.html#wp46918
and there is a section that talks about how to enable port based VLANs. Again the way I read this, until this is enabled, every port is a "trunk" port. It also talks about how to configure a port for 802.1q VLAN tagging.
After reading a bit more, it almost like it ignores VLAN's until you tell it otherwise.
From the document link above, :
EXAMPLE:
Suppose you want to make port 4 on module 1 a member of port-based VLAN 4, a tagged port. To do so, enter the following:
MG8 Router(config)# vlan 4
MG8 Router(config-vlan-4)# tagged ethernet 1/4
Syntax: tagged ethernet <port> [to <port> [ethernet <port>]]
EXAMPLE:
Suppose you want to make port 4 on module 1 a member of port-based VLAN 4, a tagged port. To do so, enter the following:
MG8 Router(config)# vlan 4
MG8 Router(config-vlan-4)# tagged ethernet 1/4
Syntax: tagged ethernet <port> [to <port> [ethernet <port>]]
Foundry uses different naming convention for VLANs & Etherchannel
I do agree with pseudocyber,
Cisco Foundry
TRUNK -- VLANS TRUNK ----------- Etherchannel
I do agree with pseudocyber,
Cisco Foundry
TRUNK -- VLANS TRUNK ----------- Etherchannel
Foundry uses different naming convention for VLANs & Etherchannel
I do agree with pseudocyber,
Cisco Foundry
TRUNK -- VLANS TRUNK ----------- Etherchannel
trunk tagged ------------VLANS = trunk (Cisco
access port untagged
sample configuration
Foundry
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
You need to configure the vlan ip in foundry switch as cisco switch uses VTP protocol but FOundry won't support VTP
Cheers
Yasir
I do agree with pseudocyber,
Cisco Foundry
TRUNK -- VLANS TRUNK ----------- Etherchannel
trunk tagged ------------VLANS = trunk (Cisco
access port untagged
sample configuration
Foundry
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
You need to configure the vlan ip in foundry switch as cisco switch uses VTP protocol but FOundry won't support VTP
Cheers
Yasir
What pseudocyber posted is how to limit a single port to a single VLAN.
What AM6_Networks_AdamL wanted to know is how do you create a "Cisco defined TRUNK" on a Foundry box. Which from what I have read is all the ports are in "Cisco defined TRUNK" mode unless you put them in "Ciscso defined Access mode", by doing what pseudocyber posted.
Is that the way you two are understanding it? I have never worked with Foundry and did not realize they were that much different from Cisco in their terminology.
What AM6_Networks_AdamL wanted to know is how do you create a "Cisco defined TRUNK" on a Foundry box. Which from what I have read is all the ports are in "Cisco defined TRUNK" mode unless you put them in "Ciscso defined Access mode", by doing what pseudocyber posted.
Is that the way you two are understanding it? I have never worked with Foundry and did not realize they were that much different from Cisco in their terminology.
Foundry uses different terminoly for vlans unlike cisco, foundry doesn't have terms as access port or trunk port for vlans. Rather it uses tagged & untagged port. By default each port in a Fundry switch is untagged member of vlan 1(default vlan) at any given time any ethernet port can be untagged member of only vlan.
Now tagged port is equivalent to trunk port in cisco swithes, as u know a trunk port carries a traffic for all vlans, by default all vlans are member of the trunk port in a cisco switch where as in Foundry tagged port carries the information of all vlans,but u have to assign vlans manually as shown in below example
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
suppose for port 1/4 if u include tagged ethernet 1/4 vlan 45 the port will forward the traffic for both vlans 44 & 45. Hope you got the concept. If u have any doubts please let me know
Note what pseudocyber posted will not make the single port to be a member of single vlan rather it will be a trunk port but simulatenously it can also be a member of single vlan by using untagged command.
Cheers
Yasir
Now tagged port is equivalent to trunk port in cisco swithes, as u know a trunk port carries a traffic for all vlans, by default all vlans are member of the trunk port in a cisco switch where as in Foundry tagged port carries the information of all vlans,but u have to assign vlans manually as shown in below example
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
suppose for port 1/4 if u include tagged ethernet 1/4 vlan 45 the port will forward the traffic for both vlans 44 & 45. Hope you got the concept. If u have any doubts please let me know
Note what pseudocyber posted will not make the single port to be a member of single vlan rather it will be a trunk port but simulatenously it can also be a member of single vlan by using untagged command.
Cheers
Yasir
If u need detail configuration I can post tomorrow as i have more details in my office
cheers
Yasir
cheers
Yasir
Just to make sure I understand. To make a port on a Foundry box equal to a "Cisco TRUNK" I would:
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 45
And this would allow port 1/4 to handle traffic for both VLAN 44 and VLAN 45? So on a Foundry box, you have to pre-define any VLAN's that can go across a port, where as on a Cisco box by default a Cisco Trunk allows all VLANs.
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 44
FOUNDRY(config)# vlan 44
FOUNDRY(config-vlan-44)#ip
FOUNDRY(config-vlan-44)# tagged ethernet 1/4 vlan 45
And this would allow port 1/4 to handle traffic for both VLAN 44 and VLAN 45? So on a Foundry box, you have to pre-define any VLAN's that can go across a port, where as on a Cisco box by default a Cisco Trunk allows all VLANs.
Yes by default Cisco trunks a ll vlans and ur above configuration is right, where as foundry switches need each and every individual VLAN to be trunked with tagged command. Same rules applies to HP Procurve Switches.
Cheers
Yasir
Cheers
Yasir
Well, if this was my question your answer would get accepted.
I can understand having a difference between default all VLANs and default none, but I really don't understand not having a way to say "all but these". We are small and we only have about 20 VLAN's (and growing) I would hate to have to specify each one on the trunks ports.
But each vendor implements functions and features their customers ask for.
I can understand having a difference between default all VLANs and default none, but I really don't understand not having a way to say "all but these". We are small and we only have about 20 VLAN's (and growing) I would hate to have to specify each one on the trunks ports.
But each vendor implements functions and features their customers ask for.
Here is the explaiation for foundry for tagging port
Assigning IEEE 802.1q Tagging to a Port
When a port is tagged, it allows communication among the different VLANs to which it is assigned. A common use for this might be to place an email server that multiple groups may need access to on a tagged port, which in turn, is resident in all VLANs that need access to the server.
Cheers
Yasir
Assigning IEEE 802.1q Tagging to a Port
When a port is tagged, it allows communication among the different VLANs to which it is assigned. A common use for this might be to place an email server that multiple groups may need access to on a tagged port, which in turn, is resident in all VLANs that need access to the server.
Cheers
Yasir
So far no comments posted from the author of this question.
ASKER
Sorry for the delay guys...
I see what you're saying about using 'tagged' ports but to me that means that port is literally tagging traffic on the port with 802.1q vlan information. I dont really see how that makes the port a cisco-trunk style port.
Let me show you what I'm trying to do since the inital setup is really basic:
Cisco switch has a gige port called 4/1; all the standard trunking methods are configed for this port, switchport mode trunk, etc. This switch also has VLAN definitions which provide gateway IP address for L3 access to the internet.
From 4/1 I'm running into Foundry1/1 (i'll call it FN1/1). There's supposed to be absolutely no L3 configs on this box because its simply acting as L2 transport from one part of a building back to the Cisco switch with the Internet. Back on the Cisco I've configed VLAN 30 for one network and VLAN 31 for another network. The VLAN 30 network is connected to FN2/1 and the VLAN 31 network is connected to FN1/2. Yassir, can you literally tell me the commands now to config port FN1/1 as the trunk, FN1/2 as VLAN 31 and FN2/1 as VLAN 30; and have these two VLANS ride L2 back up to the Cisco?
Thanks!
I see what you're saying about using 'tagged' ports but to me that means that port is literally tagging traffic on the port with 802.1q vlan information. I dont really see how that makes the port a cisco-trunk style port.
Let me show you what I'm trying to do since the inital setup is really basic:
Cisco switch has a gige port called 4/1; all the standard trunking methods are configed for this port, switchport mode trunk, etc. This switch also has VLAN definitions which provide gateway IP address for L3 access to the internet.
From 4/1 I'm running into Foundry1/1 (i'll call it FN1/1). There's supposed to be absolutely no L3 configs on this box because its simply acting as L2 transport from one part of a building back to the Cisco switch with the Internet. Back on the Cisco I've configed VLAN 30 for one network and VLAN 31 for another network. The VLAN 30 network is connected to FN2/1 and the VLAN 31 network is connected to FN1/2. Yassir, can you literally tell me the commands now to config port FN1/1 as the trunk, FN1/2 as VLAN 31 and FN2/1 as VLAN 30; and have these two VLANS ride L2 back up to the Cisco?
Thanks!
Well from what yasirirfan and stated and from what I have been able to read, which is not much when you are not a Foundry customer, it looks like Foundry has taken a "different" approach to allowing more than one VLAN on a switch port.
Basically you need to go into the VLAN definition and tell it what port(s) it is valid (tag'ed) on. Worse yet (IMHO) it seems that if the traffic is going to "access port" you need to tell the Foundry box untag.
Some more info: http://www.foundrynet.com/services/documentation/sribcg/VLANs.html
Basically you need to go into the VLAN definition and tell it what port(s) it is valid (tag'ed) on. Worse yet (IMHO) it seems that if the traffic is going to "access port" you need to tell the Foundry box untag.
Some more info: http://www.foundrynet.com/services/documentation/sribcg/VLANs.html
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Therein lies my problem. I cannot assign IPs on the Foundry = I can't do this?
You should not need to enable IP routing in the Foundry switch, however all traffic that flows from one VLAN to another would need to go from the Foundry, to the Cisco, to what ever can do routing, back to the Cisco, to the foundry. If the Cicso can do routing, then it is just from Foundy to Cicso back to Foundry. Not the most effecient, but it will work.
We have to do this for some switches that are not layer3 enabled, but have different VLANs on them.
We have to do this for some switches that are not layer3 enabled, but have different VLANs on them.
ASKER
That's exactly what I'm saying, but apparently the Foundy cannot support or create a single port as a "trunk" in which multiple VLANs from the foundry can traverse back up to the Cisco where the IP is. The Foundry itself IS a Layer 3 switch but our design does not permit layer 3 routing on this device, it has to get back up to the Cisco.
Using Cisco syntax on the foundry I would:
FOUNDRY(config)#int Gig1/1
FOUNDRY(config-if)#switchp
FOUNDRY(config-if)#switchp
FOUNDRY(config-if)#int Fast2/1
FOUNDRY(config-if)#vlan 30
FOUNDRY(config-if)#int Fast2/2
FOUNDRY(config-if)#vlan 31
CISCO:
Port A get's configed as trunk
VLANs 30 and 31 are defined with gateway IPs.
Traffic traverses [access switch] ->Foundry Port -> Cisco Port ->Cisco VLAN gateway -> Internet
Verdict?
Using Cisco syntax on the foundry I would:
FOUNDRY(config)#int Gig1/1
FOUNDRY(config-if)#switchp
FOUNDRY(config-if)#switchp
FOUNDRY(config-if)#int Fast2/1
FOUNDRY(config-if)#vlan 30
FOUNDRY(config-if)#int Fast2/2
FOUNDRY(config-if)#vlan 31
CISCO:
Port A get's configed as trunk
VLANs 30 and 31 are defined with gateway IPs.
Traffic traverses [access switch] ->Foundry Port -> Cisco Port ->Cisco VLAN gateway -> Internet
Verdict?
Ok SInce ur policy doesn't allow u to configure the ip routing, i think the trunk port carries all the vlan information, but the only pinch u face is to add each vlan for a trunk port.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wow, that actually makes a little sense. So basically instead of defining a general trunk port like you do on a Cisco you've gotta add each VLAN to the trunk?
To verify something- tagging adds the 802.1q tag to the packet for multi-switch switching right? So, why don't you tag the origin port? -1/2 and 2/1 where the separate VLANs exist and operate? Or do I just have the whole thing backwards?
To verify something- tagging adds the 802.1q tag to the packet for multi-switch switching right? So, why don't you tag the origin port? -1/2 and 2/1 where the separate VLANs exist and operate? Or do I just have the whole thing backwards?
Yep thats the way it seems.
Yes tagging adds the 802.1q tag. You need to look at ports 1/2 and 2/1 as "normal" access ports on a Cisco box. These are untagged, because there is no reason to have a VLAN tag on these ports. There is only one VLAN, why tag it? You can leave the 802.1q tag on the frame for these ports, however the device(s) on that port will need to be able to support VLAN tagging.
Yes tagging adds the 802.1q tag. You need to look at ports 1/2 and 2/1 as "normal" access ports on a Cisco box. These are untagged, because there is no reason to have a VLAN tag on these ports. There is only one VLAN, why tag it? You can leave the 802.1q tag on the frame for these ports, however the device(s) on that port will need to be able to support VLAN tagging.