Solved

LAN Switching/Trunking issue

Posted on 2009-05-07
11
893 Views
Last Modified: 2012-05-06
I'm picking up slack while the network engineer is away on vacation, I'm new here and unfamiliar with this network.  Hosts are not getting leases from DHCP server when patched into a Cisco 2960 switch, instead they'll get the 169.254.190.178...This switch is uplinked via G0/1 to FA0/13 a Cisco 3560 switch which appears to already be configured for trunking.  Anyone care to help me troubleshoot this?

2960-G0/1:
interface GigabitEthernet0/1
 description Uplink
 switchport trunk native vlan 1001
 switchport mode dynamic desirable
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 mls qos trust cos
 auto qos voip trust

3560-FA0/13
interface FastEthernet0/13
 switchport access vlan dynamic
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 1001
 switchport mode trunk
 switchport voice vlan 151
 switchport port-security maximum 3
 switchport port-security violation restrict
 srr-queue bandwidth share 10 10 60 20
 priority-queue out
 mls qos trust cos
 auto qos voip trust
0
Comment
Question by:guitar_dave
  • 6
  • 5
11 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328065
Is the DHCP server in the same VLAN as the PC's?  If not, double check the layer3 VLAN interface (assuming on the 3560) has the "ip helper-address <dhcp server ip>" command on it.  Also double check the DHCP scope exists and is active.
0
 

Author Comment

by:guitar_dave
ID: 24328441
The DHCP server is on a separate "Server" VLAN, but the ip helper address is configured on that VLAN's interface.  The DHCP scope exists and is active.  Supplemental: The 3560 switch is uplinked to a Core 3750 Switch, which is where the ip helper address is configured on the server VLAN's interface...So the chain is: Host - 2960 - 3560 - 3750 - DHCP server
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328483
Is the 2960 a new addition to the network?  Can you post a "show int trunk" from the 2960.
0
 

Author Comment

by:guitar_dave
ID: 24328558
The 2960 may be a new addition, not sure.  I believe that all company 2960 switches were recently reconfigured for dot1x authentication.

#show int trunk
Port        Mode             Encapsulation  Status        Native vlan
Gi0/1       desirable        802.1q         trunking      1001

Port        Vlans allowed on trunk
Gi0/1       1-4094

Port        Vlans allowed and active in management domain
Gi0/1       1-4,100,110,150-151,200-202,205,210,215,220,225,230,233,240,255,260-264,270,300,600,650,660,1001

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/1       1-4,100,110,150-151,200-202,205,210,215,220,225,230,233,240,255,260-264,270,300,600,650,660,1001
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328580
What VLAN is the PC a member of on the 2960?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:guitar_dave
ID: 24328844
VLAN 205 is the corp VLAN that most users are on, my laptop is on admin VLAN 240
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328900
Which VLAN are you testing with?  If you put a static IP from that subnet on your test PC, can you communicate with things?
0
 

Author Comment

by:guitar_dave
ID: 24329090
I'm testing with only my laptop at this point, which is on the ADMIN VLAN 240.  After assigning static IP info, I wasn't able to ping anything, not even the 2960 switch I was directly connected to.  One bit of behavior that I noticed when I first patched into the switch (before I set my IP to static) is that I was leased valid IP info (from my reservation) from the DHCP server for only about a second until it changed to 169.254.190.178 and knocked me off the network.
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 24329124
Well, definitely could be the dot1x authentication (my bet).
0
 

Author Comment

by:guitar_dave
ID: 24329290
You're right.  I just located a doc from the network engineer with instructions for helpdesk to change the default gateway on all the 2960's.  They must have missed this one, I made the change and voila, works now.  Thanks a lot for your help!
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24329298
No prob...glad to help!
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now