Solved

LAN Switching/Trunking issue

Posted on 2009-05-07
11
901 Views
Last Modified: 2012-05-06
I'm picking up slack while the network engineer is away on vacation, I'm new here and unfamiliar with this network.  Hosts are not getting leases from DHCP server when patched into a Cisco 2960 switch, instead they'll get the 169.254.190.178...This switch is uplinked via G0/1 to FA0/13 a Cisco 3560 switch which appears to already be configured for trunking.  Anyone care to help me troubleshoot this?

2960-G0/1:
interface GigabitEthernet0/1
 description Uplink
 switchport trunk native vlan 1001
 switchport mode dynamic desirable
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out
 mls qos trust cos
 auto qos voip trust

3560-FA0/13
interface FastEthernet0/13
 switchport access vlan dynamic
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 1001
 switchport mode trunk
 switchport voice vlan 151
 switchport port-security maximum 3
 switchport port-security violation restrict
 srr-queue bandwidth share 10 10 60 20
 priority-queue out
 mls qos trust cos
 auto qos voip trust
0
Comment
Question by:guitar_dave
  • 6
  • 5
11 Comments
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328065
Is the DHCP server in the same VLAN as the PC's?  If not, double check the layer3 VLAN interface (assuming on the 3560) has the "ip helper-address <dhcp server ip>" command on it.  Also double check the DHCP scope exists and is active.
0
 

Author Comment

by:guitar_dave
ID: 24328441
The DHCP server is on a separate "Server" VLAN, but the ip helper address is configured on that VLAN's interface.  The DHCP scope exists and is active.  Supplemental: The 3560 switch is uplinked to a Core 3750 Switch, which is where the ip helper address is configured on the server VLAN's interface...So the chain is: Host - 2960 - 3560 - 3750 - DHCP server
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328483
Is the 2960 a new addition to the network?  Can you post a "show int trunk" from the 2960.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:guitar_dave
ID: 24328558
The 2960 may be a new addition, not sure.  I believe that all company 2960 switches were recently reconfigured for dot1x authentication.

#show int trunk
Port        Mode             Encapsulation  Status        Native vlan
Gi0/1       desirable        802.1q         trunking      1001

Port        Vlans allowed on trunk
Gi0/1       1-4094

Port        Vlans allowed and active in management domain
Gi0/1       1-4,100,110,150-151,200-202,205,210,215,220,225,230,233,240,255,260-264,270,300,600,650,660,1001

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/1       1-4,100,110,150-151,200-202,205,210,215,220,225,230,233,240,255,260-264,270,300,600,650,660,1001
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328580
What VLAN is the PC a member of on the 2960?
0
 

Author Comment

by:guitar_dave
ID: 24328844
VLAN 205 is the corp VLAN that most users are on, my laptop is on admin VLAN 240
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24328900
Which VLAN are you testing with?  If you put a static IP from that subnet on your test PC, can you communicate with things?
0
 

Author Comment

by:guitar_dave
ID: 24329090
I'm testing with only my laptop at this point, which is on the ADMIN VLAN 240.  After assigning static IP info, I wasn't able to ping anything, not even the 2960 switch I was directly connected to.  One bit of behavior that I noticed when I first patched into the switch (before I set my IP to static) is that I was leased valid IP info (from my reservation) from the DHCP server for only about a second until it changed to 169.254.190.178 and knocked me off the network.
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 24329124
Well, definitely could be the dot1x authentication (my bet).
0
 

Author Comment

by:guitar_dave
ID: 24329290
You're right.  I just located a doc from the network engineer with instructions for helpdesk to change the default gateway on all the 2960's.  They must have missed this one, I made the change and voila, works now.  Thanks a lot for your help!
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 24329298
No prob...glad to help!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question