Vlan -router on a stick (cisco 3500xl switch and 2611 router)

Help guys....

I am a newbie trying to setup a lab and learning about vlans. I have the router connected to a port on th switch which I designated a trunk port. I have 2 pc's connect to the switch in separate vlans 10 and 20(192.168.2.1 and 192.168.3.1)

PC1 192.168.2.1 (console into this one)  I designated this to be VLAN10
PC2 192.168.3.1  - I designated this Vlan20

On the switch I added an interface to each vlan and configured a trunk port.
On the router I created sub interfaces and assigned IP's.

The problem I have is that the swich WILL NOT communicate with the router. All pings times out. The Switch is able to ping the PC in the VLAN thats I have the managment interface.
I was hoping someone can look at the config and see where I am making the mistake.

Router conig :
       
Router#sh run            
Building configuration...                        

Current configuration : 714 bytes                                
!
version 12.2            
service timestamps debug uptime                              
service timestamps log uptime                            
no service password-encryption                              
!
hostname Router              
!
!
ip subnet-zero              
!
!
!
ip audit notify log                  
ip audit po max-events 100                          
!
call rsvp-sync              
!

!
interface Ethernet0/0                    
 no ip address              
 shutdown        
 half-duplex            
!
interface Ethernet0/1                    
 no ip address              
 half-duplex            
!
interface Ethernet0/1.1                      
 encapsulation dot1Q 10                      
 ip address 192.168.2.254 25                          
 ip broadcast-address 192.168.2.255                                  
!
interface Ethernet0/1.2
 encapsulation dot1Q 20
 ip address 192.168.3.254 255.255.255.0
 ip broadcast-address 192.168.3.255
!
ip classless
no ip http server
!
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
end

Router#


Switch config:Building configuration...                        

Current configuration:                      
!
version 12.0            
no service pad              
service timestamps debug uptime                              
service timestamps log uptime                            
no service password-encryption                              
!
hostname Switch              
!
!
!
!
!
!
!
ip subnet-zero              
!
!
!
interface FastEthernet0/1                        
 switchport mode trunk                      
!
interface FastEthernet0/2                        
 switchport access vlan 10                          
!
                         
!
interface FastEtherne                    
 switchport access vlan 10                          
!
interface FastEthernet0/18                          
 switchport access vlan 20                          
!

                     
!
interface FastEthernet0/48                          
!
interface GigabitEthernet0/1                            
!
interface GigabitEthernet0/2                            
 switchport mode trunk                      
!
interface VLAN1
 no ip address
 no ip directed-broadcast
 no ip route-cache
 shutdown
!
interface VLAN10
 ip address 192.168.2.200 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end



AirSickOstrichAsked:
Who is Participating?
 
giltjrConnect With a Mentor Commented:
What are the full IOS levels you are running on the router and the switch?  Also which exact 2611 do you have?

You should be able to find out both pieces of information by doing a show version.  I did a couple of searches and it seems that not all 2611's support VLAN trunking, that is more than one VLAN on the same interface.
0
 
giltjrCommented:
What do you get if you do "show vlan" on the swtich?
0
 
AirSickOstrichAuthor Commented:

Switch>      
Switch>      
Switch>      
Switch>      
Switch>      
Switch>      
Switch>sh vlan              
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/3, Fa0/4, Fa0/5, Fa0/6,
                                                Fa0/7, Fa0/8, Fa0/9, Fa0/10,
                                                Fa0/11, Fa0/12, Fa0/13, Fa0/14,
                                                Fa0/15, Fa0/16, Fa0/19, Fa0/20,
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24,
                                                Fa0/25, Fa0/26, Fa0/27, Fa0/28,
                                                Fa0/29, Fa0/30, Fa0/31, Fa0/32,
                                                Fa0/33, Fa0/34, Fa0/35, Fa0/36,
                                                Fa0/37, Fa0/38, Fa0/39, Fa0/40,
                                                Fa0/41, Fa0/42, Fa0/43, Fa0/44,
                                                Fa0/45, Fa0/46, Fa0/47, Fa0/48,
                                                Gi0/1
2    sales                            active
3    marketing                        active
4    mis                              active
10   VLAN0010                         active    Fa0/2, Fa0/17
20   VLAN0020                         active    Fa0/18
73   VLAN0073                         active
100  VLAN0100                         active
200  VLAN0200                         active
1002 fddi-default                     active
 --More--
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
AirSickOstrichAuthor Commented:
It might help if I add this :

I found a great resource on the web by someone and I was following everything to the letter....
www.happyrouter.com/content/view83/29/ 
He has a illustration and step by step config but he's using a different router and switch and I can't pinpoint where the issue is.

Thanks
0
 
AirSickOstrichAuthor Commented:
sorry!! apparently the link only goes halfway. Once on Happy router.com click on free videos.....
0
 
giltjrCommented:
Based on your config I am assuming the router is connected to fa0/1.  What is the status if that interface?  If you notice in the show vlan, fa0/1 does not appear anyplace.  This indicates to me that fa0/1 is not up.
0
 
AirSickOstrichAuthor Commented:
Right on!!!. It is connected to fa0/1 and I have that configured as the Trunk port.
There seems to be errors on the interface. I have swapped the cable with the same result.

FastEthernet0/1 is up, line protocol is up                                      
  Hardware is Fast Ethernet, address is 0004.c1d4.abc1 (bia 0004.c1d4.abc1)
  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
     reliability 237/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive not set
  Auto-duplex (Half), Auto Speed (10), 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:12:29, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     530 packets input, 65024 bytes
     Received 82 broadcasts, 0 runts, 0 giants, 0 throttles
     87 input errors, 87 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 82 multicast
     0 input packets with dribble condition detected
     3086 packets output, 229419 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped



0
 
giltjrCommented:
I would suggest setting the speed to 10 and duplex to half on fa0/1.

I also noticed on the router the subinterface for VLAN10 is either wrong or the line got truncated:

interface Ethernet0/1.1                      
 encapsulation dot1Q 10                      
 ip address 192.168.2.254 25                          
 ip broadcast-address 192.168.2.255    

If you notice the IP address only has "192.16.2.254 25", the subnet full subnet mask is not there.  Again, I am not sure if it just got cut off when you pasted the config, or if it is actually in the router this way.

And I was mistaken.  I thought that the VLAN's would show active on all ports, including trunks.  I just check some of the 3500XL's we have and they do NOT show the VLANs as active on the trunk ports.  They only show them on ports that are in access mode.

So:

I would verify the subnet mask on the VLAN10 interface on the router.
Then from the switch try and ping 192.168.2.254 and from the router try and ping 192.168.2.200.  Once you have the switch and router talking to each other on VLAN10.  We can move forward from there.
0
 
AirSickOstrichAuthor Commented:
Man...this this stuff is tougher than it looks.
Turns out that the mask /24 was correct. I might have copied half only.
I changed both duplex speeds on e0/1 and fa0/1 to match.
input errors in router disaapeared but the ones on the switch continue to rise.
I played with different speeds ....set it to auto negot with no better results all the while making sure the speeds match.
Swich continues to have input and crc errors and router and switch are not talking...

0
 
AirSickOstrichAuthor Commented:
Sorry...I cleared the counters and all input and crc errors are gone so the duplex mismatch was couseing the int errors however the primary problem remains...router and switch are not talking.
0
 
giltjrCommented:
O.K., base on your configuration the 2611 has Ethernet interface, not Fast Ethernet.  That means it only support 10 Mbps Half Duplex.  So the best bet is to set the Fa0/1 on the switch to 10 Mbps Half Duplex.

Since you have access to both boxes, you should know what their mac addresses are.  When you do a show arp on each box, does the other boxes mac address show up in the list.

It really not that tough, it just sometimes we over look the simple things.  If hard coding 10 Mbps Half duplex on the switch does not improve anything, then I would suggest:

On the 2611 get rid of interface Ethernet0/1.1       and Ethernet0/1.2
Configure Ethernet0/1 as

interface Ethernet0/1              
 ip address 192.168.2.254 255.255.255.0                          
 ip broadcast-address 192.168.2.255  

Then on the 3548 change Fa0/1 to

interface FastEthernet0/2
 duplex half
 speed 10                        
 switchport access vlan 10

Then from the switch try and ping the router and from the router try and ping the switch.  Oh, are you using a straight through cable or a cross over cable to connect the switch and the router?
0
 
AirSickOstrichAuthor Commented:
Great idea. I will try both sugession tomorw when I get home. I am away at the moment.
I appreciate the help and will update tomorow.
0
 
AirSickOstrichAuthor Commented:
GiltJr.....I have an update..

I redid everingthing from scratch and yanked out the created vlans and was able to ping the switch from the router.

I then assigned fa02 on the switch -trunk port
and fa/01 - access port on vlan 10

I then created vlan 10 on the router and I was unable to ping the switch from the router.
I then immediatly executed a sh arp.
The router was able to see the switch but under harware addreess it said "incomplete" (see below)Router#sh arp            C
Protocol  Address          Age (min)  Hardware Addr   Type   Interface                
  loopback                Configure internal loopback
Internet  192.168.2.254           -   0030.8527.4e21  ARPA   Ethernet0/1.1          
  mac-address             Manually set interface MAC address  
Internet  192.168.2.200           0   Incomplete      ARPA max-reserved-bandwidth  Maximum Reservable Bandwidth on a
Router#ping 192.168.2.200                        

I am using a striaght thru cable and speed is correctly set to 10 on fast ether. interface.

Is it possible the router I bought on craigslist is defective...?
Should I be having all these isssues having the router to see the switch?
Why would the router see the switch for a few seconds and then yank it out ?

Arp sees the pc cvonnected to the switch but not the router.

Thanks for the input.



0
 
giltjrCommented:
On the 2611 you will need to have IOS 12.2(2)T  or newer.  This is per:

     http://www.cisco.com/en/US/products/hw/routers/ps259/prod_bulletin09186a00800921e4.html
0
 
AirSickOstrichAuthor Commented:
I'm going to assume that it does support seen that its the 26th rev.

Router#      sh vers                    
Cisco Internetwork Operating System Software                                            
IOS (tm) C2600 Software (C2600-JK9O3S-M), Version 12.2(26), RELEASE SOFTWARE (fc                                                                                
2)  
Copyright (c) 1986-2004 by cisco Systems, Inc.                                              
Compiled Sat 31-Jul-04 04:57 by eaarmas                                      
Image text-base: 0x8000808C, data-base: 0x8160617C                                                  

ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)                                                                

Router uptime is 1 hour, 27 minutes                                  
System returned to ROM by power-on                                  
System image file is "flash:c2600-jk9o3s-mz.122-26.bin"                                                      

cisco 2611 (MPC860) processor (revision 0x203) with 61440K/4096K bytes of memory                                                                                
.
Processor board ID JAD05040BZN (30228928)                                        
M860 processor: part number 0, mask 49                                      
Bridging software.                  
X.25 software, Version 3.0.0.                            
SuperLAT software (copyright 1990 by Meridian Technology Corp).                                                              
TN3270 Emulation software.                          
2 Ethernet/IEEE 802.3 interface(s)                                  
32K bytes of non-volatile configuration memory.                                              
16384K bytes of processor board System fl                                      

Configuration register is 0x4102                                




0
 
AirSickOstrichAuthor Commented:
Switch :......
Switch# sh vers              
Cisco Internetwork Operating System Software                                            
IOS (tm) C3500xl Software (C3500xl-C3H2S-M), Version 12.0(5)WC5, RELEASE SOFTWAR                                                                                
E (fc1)      
Copyright (c) 1986-2002 by cisco Systems, Inc.                                              
Compiled Tue 28-May-02 11:41 by devgoyal                                        
Image text-base: 0x00003000, data-base: 0x0034A3C8                                                  

ROM: Bootstrap program is C3500xl boot loader                                            

Switch uptime is 1 hour, 34 minutes                                  
System returned to ROM by power-on                                  
System image file is "flash:c3500xl-c3h2s-mz.120-5.WC5.bin"                                                          


cisco WS-C3548-XL (PowerPC403) processor (revision 0x01) with 16384K/1024K bytes                                                                                
 of memory.          
Processor board ID FAA0503J12R, with hardware revision 0x00                                                          
Last reset from power-on                        

Processor is running Enterprise Edition Software                                                
Cluster command switch capable                              
Cluster member switch capable                            
48 FastEthernet/IEEE 802.3 interface(s)                                      
2 Gigabit Ethernet/IEEE 802.3 interface(s)                                          

32K bytes of flash-simulated non-volatile configuration memory.                                                              
Base ethernet MAC Address: 00:04:C1:D4:AB:C0                                            
Motherboard assembly number: 73-3903-08                                      
Power supply part number: 34-0971-01                                    
Motherboard serial number: FAA04530176                                      
Power supply serial number: PAC042905ZF                                      
Model revision number: A0                        
Motherboard revision number: B0                              
Model number: WS-C3548-XL-EN                            
System serial number: FAA0503J12R                                
Configuration register is 0xF        
0
 
AirSickOstrichAuthor Commented:
http://www.tek-tips.com/viewthread.cfm?qid=1213520&page=1

The link above takes us to a page where someone seems to be having the same problem with the 2611 router.
I feel relieved that I am not the only one. I have accomplished what I set out to do however...which was to setup vlan routing. I must have redid this config over 15 times from scratch and know how to config it by heart:)

I have top run at the moment but will award you the full points. I appreciate all the help and the tips that you gave only increased my knowlege ten-fold.

Thanks a million.....
0
 
AirSickOstrichAuthor Commented:
Moderator......thesepoints were meant for giltjr
0
All Courses

From novice to tech pro — start learning today.