Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

INter VLAN routing issue of Cisco 3750 in stacking mode between two locations.

Posted on 2009-04-08
10
Medium Priority
?
1,525 Views
Last Modified: 2012-05-06
Dear All,
I am having two office locations eg: LOC A and LOC B. These two location have been connected with pair of Cisco 3750 switches in stack with each other. In each location the respective VLAN's have been created . Now the VLANs created at both ends are not reachable. I have created a one VLAN only that VLAN is communicating
LOC A - TWO switches in STACK
clock timezone UTC 5 30
switch 1 provision ws-c3750g-24ts
switch 2 provision ws-c3750g-24ts
ip subnet-zero
ip routing
ip cef load-sharing algorithm universal 6593F51E
!
!
mls qos
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
!
vlan access-map SecWiz_Vlan3 10
 action forward
 match ip address SecWiz_Gi1_0_6_in_ip
vlan access-map SecWiz_Vlan9 10
 action forward
 match ip address SecWiz_Gi1_0_23_out_ip
vlan filter SecWiz_Vlan3 vlan-list 3
vlan filter SecWiz_Vlan9 vlan-list 9
vlan internal allocation policy ascending
!
interface Port-channel1
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
!
interface GigabitEthernet1/0/1
 switchport access vlan 2
!
interface GigabitEthernet1/0/2
 switchport access vlan 2
!
interface GigabitEthernet1/0/3
 switchport access vlan 2
!
interface GigabitEthernet1/0/4
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet1/0/5
 switchport access vlan 2
 switchport mode access
 mls qos cos 5
!
interface GigabitEthernet1/0/6
 switchport access vlan 3
!
interface GigabitEthernet1/0/7
 switchport access vlan 3
!
interface GigabitEthernet1/0/8
 switchport access vlan 3
!
interface GigabitEthernet1/0/9
 switchport access vlan 4
!
interface GigabitEthernet1/0/10
 switchport access vlan 4
!
interface GigabitEthernet1/0/11
 switchport access vlan 4
!
interface GigabitEthernet1/0/12
 switchport access vlan 4
!
interface GigabitEthernet1/0/13
 switchport access vlan 408
!
interface GigabitEthernet1/0/14
 switchport access vlan 4
!
interface GigabitEthernet1/0/15
 switchport access vlan 5
!
interface GigabitEthernet1/0/16
 switchport access vlan 5
!
interface GigabitEthernet1/0/17
 switchport access vlan 5
!
interface GigabitEthernet1/0/18
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet1/0/19
 switchport access vlan 7
!
interface GigabitEthernet1/0/20
 switchport access vlan 7
!
interface GigabitEthernet1/0/21
 switchport access vlan 6
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
 switchport access vlan 9
 switchport mode access
!
interface GigabitEthernet1/0/24
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
 channel-group 1 mode on
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet2/0/1
 switchport access vlan 2
!
interface GigabitEthernet2/0/2
 switchport access vlan 2
!
interface GigabitEthernet2/0/3
 switchport access vlan 2
!
interface GigabitEthernet2/0/4
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet2/0/5
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet2/0/6
 switchport access vlan 3
!
interface GigabitEthernet2/0/7
 switchport access vlan 3
!
interface GigabitEthernet2/0/8
 switchport access vlan 3
!
interface GigabitEthernet2/0/9
 switchport access vlan 4
!
interface GigabitEthernet2/0/10
 switchport access vlan 4
!
interface GigabitEthernet2/0/11
 switchport access vlan 4
!
interface GigabitEthernet2/0/12
 switchport access vlan 4
!
interface GigabitEthernet2/0/13
!
interface GigabitEthernet2/0/14
 switchport access vlan 4
!
interface GigabitEthernet2/0/15
 switchport access vlan 5
!
interface GigabitEthernet2/0/16
 switchport access vlan 5
!
interface GigabitEthernet2/0/17
 switchport access vlan 5
!
interface GigabitEthernet2/0/18
 switchport access vlan 7
 switchport mode access
!
interface GigabitEthernet2/0/19
 switchport access vlan 7
!
interface GigabitEthernet2/0/20
 switchport access vlan 7
!
interface GigabitEthernet2/0/21
 switchport access vlan 6
!
interface GigabitEthernet2/0/22
 no cdp enable
!
interface GigabitEthernet2/0/23
 switchport access vlan 9
 switchport mode access
!
interface GigabitEthernet2/0/24
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
 no cdp enable
 channel-group 1 mode on
!
interface GigabitEthernet2/0/25
!
interface GigabitEthernet2/0/26
!
interface GigabitEthernet2/0/27
!
interface GigabitEthernet2/0/28
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 192.168.155.252 255.255.255.0
!
interface Vlan3
 ip address 192.168.70.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan4
 ip address 192.168.50.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan5
 ip address 192.168.80.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan6
 ip address 192.168.42.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan7
 ip address 192.168.30.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan8
 ip address 192.168.53.254 255.255.255.0
!
interface Vlan9
 ip address 172.168.1.254 255.255.0.0
!
interface Vlan56
 no ip address
!
interface Vlan408
 ip address 172.26.128.12 255.255.192.0
!
ip default-gateway 192.168.155.252
ip classless
ip http server
!
ip access-list extended SecWiz_Gi1_0_6_in_ip
 deny   ip any host 192.168.155.25
 permit ip any any
!
snmp-server community spiceho/RO RO
snmp-server community spiceho RO
snmp-server location Spice Tower
!
control-plane
!
!
line con 0
 password 7 072C285F4D065A43525B
 login
line vty 0 4
 password 7 022A0B4F1E152F01096E
 login
line vty 5 15
 password 7 04481B0F0C241B165F
 login
!
end
 
SP-SPT-2F-STCK2#

Open in new window

0
Comment
Question by:vkraaman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24103863
This may be over simplistic but:

vlan 1 is shutdown, do you have an alternate default vlan set?  Is it defined on both sides of your trunk?
0
 

Author Comment

by:vkraaman
ID: 24105682
Hi herewith attching the configuration of B end.

Only from vlan2 which consists of 192.168.155. series are communicating with the other loaction switches.

Other IP in VLAN' are not communicating with the LOC B switch.


 
LOC B - TWO switches in STACK
switch 1 provision ws-c3750g-24ts
switch 2 provision ws-c3750g-24ts
ip subnet-zero
ip routing
!
!
mls qos
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree uplinkfast
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!         
interface Port-channel1
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
!
interface Port-channel2
 switchport access vlan 21
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
!
interface GigabitEthernet1/0/1
 switchport access vlan 2
!
interface GigabitEthernet1/0/2
 switchport access vlan 2
!
interface GigabitEthernet1/0/3
 switchport access vlan 2
!
interface GigabitEthernet1/0/4
 switchport access vlan 2
!
interface GigabitEthernet1/0/5
 switchport access vlan 2
!
interface GigabitEthernet1/0/6
 switchport access vlan 2
!
interface GigabitEthernet1/0/7
 switchport access vlan 2
!
interface GigabitEthernet1/0/8
 switchport access vlan 2
!
interface GigabitEthernet1/0/9
 switchport access vlan 2
!
interface GigabitEthernet1/0/10
 switchport access vlan 2
!
interface GigabitEthernet1/0/11
 switchport access vlan 2
!
interface GigabitEthernet1/0/12
 switchport access vlan 2
!
interface GigabitEthernet1/0/13
 switchport access vlan 408
!
interface GigabitEthernet1/0/14
 switchport access vlan 2
!
interface GigabitEthernet1/0/15
 switchport access vlan 2
!
interface GigabitEthernet1/0/16
 switchport access vlan 2
!
interface GigabitEthernet1/0/17
 switchport access vlan 2
!
interface GigabitEthernet1/0/18
 switchport access vlan 2
!
interface GigabitEthernet1/0/19
 switchport access vlan 2
!
interface GigabitEthernet1/0/20
 switchport access vlan 2
!
interface GigabitEthernet1/0/21
 switchport access vlan 408
!
interface GigabitEthernet1/0/22
 switchport access vlan 3
!
interface GigabitEthernet1/0/23
 switchport access vlan 2
!
interface GigabitEthernet1/0/24
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
 no cdp enable
 channel-group 1 mode on
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet2/0/1
 switchport access vlan 2
!
interface GigabitEthernet2/0/2
 switchport access vlan 2
!
interface GigabitEthernet2/0/3
 switchport access vlan 2
!
interface GigabitEthernet2/0/4
 switchport access vlan 2
!
interface GigabitEthernet2/0/5
 switchport access vlan 2
!
interface GigabitEthernet2/0/6
 switchport access vlan 2
!
interface GigabitEthernet2/0/7
 switchport access vlan 2
!
interface GigabitEthernet2/0/8
 switchport access vlan 2
!
interface GigabitEthernet2/0/9
 switchport access vlan 2
!
interface GigabitEthernet2/0/10
 switchport access vlan 2
!
interface GigabitEthernet2/0/11
 switchport access vlan 2
!
interface GigabitEthernet2/0/12
 switchport access vlan 2
!
interface GigabitEthernet2/0/13
 switchport access vlan 408
!
interface GigabitEthernet2/0/14
 switchport access vlan 2
!
interface GigabitEthernet2/0/15
 switchport access vlan 2
!
interface GigabitEthernet2/0/16
 switchport access vlan 2
!
interface GigabitEthernet2/0/17
 switchport access vlan 2
!
interface GigabitEthernet2/0/18
 switchport access vlan 2
!
interface GigabitEthernet2/0/19
 switchport access vlan 2
!
interface GigabitEthernet2/0/20
 switchport access vlan 2
!
interface GigabitEthernet2/0/21
 switchport access vlan 408
!
interface GigabitEthernet2/0/22
 switchport access vlan 3
!
interface GigabitEthernet2/0/23
 switchport access vlan 2
!
interface GigabitEthernet2/0/24
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
 channel-group 1 mode on
!
interface GigabitEthernet2/0/25
!
interface GigabitEthernet2/0/26
!
interface GigabitEthernet2/0/27
!
interface GigabitEthernet2/0/28
!
interface Vlan1
 no ip address
!         
interface Vlan2
 ip address 192.168.155.254 255.255.255.0
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan3
 ip address 192.168.151.254 255.255.255.0
 ip helper-address 192.168.155.1
 ip helper-address 192.168.155.2
 ip helper-address 192.168.155.20
 ip helper-address 192.168.155.38
!
interface Vlan408
 ip address 172.126.128.13 255.255.192.0
!
ip default-gateway 192.168.155.254
ip classless

Open in new window

0
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24107849
Okay

Switch A

interface gig 1/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
channel-group 1 mode on


interface gig 2/0/24
no sw acce vlan 2
sw mode trunk
sw trunk encap dot1q
sw mode dot1q-tunn
no cdp ena
channel-group 1 mode on



On SW B

interface gig 1/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
no cdp ena
channel-group 1 mode on


interface gig 2/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
channel-group 1 mode on


The current configs on these trunks are only allowing for access to vlan 2.


As you have vlan 1 shutdown you will need to be sure and define an alternate vlan as the default or no shut vlan 1 as well.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:vkraaman
ID: 24113517
Thanks
Is the port channel conf ok. Also i am going to implement is live network , hence the following questions:
Requirement;
Both the Fibre links should be in tunnel mode with redundancy with each other.
The VLAN's should communicate within the both switches

Dependencies.
Will down time be required. If so duration
I could not understand "As you have vlan 1 shutdown you will need to be sure and define an alternate vlan as the default or no shut vlan 1 as well"
Kindly provide what should be configured.

 Proposed Conf:
interface Port-channel1
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel

Switch A

interface gig 1/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
channel-group 1 mode on


interface gig 2/0/24
no sw acce vlan 2
sw mode trunk
sw trunk encap dot1q
sw mode dot1q-tunn
no cdp ena
channel-group 1 mode on



On SW B

interface gig 1/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
no cdp ena
channel-group 1 mode on

interface gig 2/0/24
no switchport access vlan 2
switchport mode trunk
sw trunk encap dot1q
sw mode dot1q-tun
channel-group 1 mode on

Also attaching the draw diagram of my requirement
VLAN-3750.jpg
0
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24116854
To answer the dependencies questions - Any down time would be minimal (on the order of minutes if you have a plan going in).  I'd schedule your change for after hours nonetheless just in case there is a snag but it shouldn't take you hours to complete.  Issue the reload xx command before you begin or don't copy run start until after everything is input and verified.  This way, you can at least revert to what you have running now and don't complicate your build further.

In reference to "As you have vlan 1 shutdown you will need to be sure and define an alternate vlan as the default or no shut vlan 1 as well" -  A port cannot be both a trunk and an access port at the same time.  Your ports are configured to access vlan 2 only at present,  this means that any and all traffic on these ports is being tagged for vlan 2 and they will only pass traffic tagged for vlan 2.  The changes to the config are posted in my prior post.  

Using your proposed config above I would alter it as follows for what you have requested:

Switch A

interface gig 1/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena



interface gig 2/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena




On SW B

interface gig 1/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena


interface gig 2/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena
0
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24131031
Did this work out for you?
0
 

Author Comment

by:vkraaman
ID: 24132031
Expecting down time. Will post the results once finished. Thanx in advance.
0
 

Author Comment

by:vkraaman
ID: 24132078
Hi as per your configuration Using your proposed config above I would alter it as follows for what you have requested:

Switch A

interface gig 1/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena



interface gig 2/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena




On SW B

interface gig 1/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena


interface gig 2/0/24
channel-group 1 mode on
switchport mode trunk
sw trunk encap dot1q
no cdp ena

Does the configuration for Port-Channel1 remains the same.
interface Port-channel1
  switchport trunk encapsulation dot1q
 switchport mode dot1q-tunnel
!
0
 
LVL 10

Accepted Solution

by:
atlas_shuddered earned 2000 total points
ID: 24132206
Don't configure the port-channel as a seperate entity.  When you configure the gig and fe interfaces as outlined above, the channel group will be configured automatically in the back end.
0
 

Author Closing Comment

by:vkraaman
ID: 31567954
Thanks for the support proved. The link is working fine
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question