Cisco 3020 virtual interface f0

Can anyone help with my understanding of the virtual fastethernet interface in the Cisco 3020 switches. I have installed two Cisco 3020's which are working independently in a HP blade server enclosure. The network has multiple VLAN's and one (VLAN 20) is used for managment and one (VLAN 10) is used for servers. Each 3020 has a 802.1q trunk back to the core with all the VLANs on it. VLAN 20 has a subnet of 172.20.0.0/16 and the onboard administrator on the HP blade enclosure and all the switches in the enclosure including the 3020's on their fastethernet F0 interface have IP addresses in the 172.20.0.0/16 range. If i give my laptop a 172.20.0.0/16 address and plug directly into the onboard administrator port of the enclosure, i can ping/telnet all the switches including the 3020's. So all in the enclosure is working ok.
I have configured an external interface on the 3020's as a VLAN 20 access interface and plugged the HP onboard administrator port into it to give access to the enclosure from the rest of the network. Everything is working fine except for one strange issue. I can now ping the onboard administrator and every switch in the enclosure except for the 3020 switch the onboard administrator is plugged into this 3020 can't be accessed even via the onboard admin GUI. If i swop the onboard administrator onto the other 3020 then i can ping the first 3020 again but not the one that now has the onboard administrator in it this now becomes unaccessible via the 172.16.0.0/16 address.
The 3020 Fastethernet F0 is not able to have VLAN's assigned to it and is not accessible externally, it just connects internally to the onboard administrator.
This means with the present setup at least one 3020 is unaccessible.

I have attached the 3020 configs below... port g0/17 is the uplink to the cores, port g0/22 is the link to the onboard admin and g0/23-24 will link to other switches in the enclosure.
Eventually there will be a redundent onboard admin so both g0/22 ports on the 3020's will be used.
DC-VM-01-final
DC-VM-02-final
nappyshockAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bsohn417Commented:
would you mind copy and pasting config from switches. The attached files are not reading friendly
most likley you are missing default gatway.



thanks
0
nappyshockAuthor Commented:
The IP addresses on VLAN10 (the server VLAN) have only been put on there as a temp fix to enable remote access.


SWITCH3020-A

!
! Last configuration change at 16:23:57 UTC Thu May 21 2009
! NVRAM config last updated at 16:24:11 UTC Thu May 21 2009
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DC-VM-01
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$4Y3.$udGa2quH1UnTJAfOT7ZUE.
!
no aaa new-model
system mtu routing 1500
vtp domain bristol
vtp mode transparent
ip subnet-zero
!
!
!
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree portfast default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name Bristol
 revision 1
 instance 1 vlan 10
 instance 2 vlan 30, 110, 120, 130, 140, 200, 220, 230, 240, 250
 instance 3 vlan 31, 111, 121, 131, 141, 201, 221, 231
!
!
vlan internal allocation policy ascending
!
vlan 10
 name server-vlan010
!
vlan 20
 name management-vlan020
!
!
!
interface FastEthernet0
 description Managment Link
 ip address 172.20.4.100 255.255.0.0
!
interface GigabitEthernet0/1
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/2
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/3
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/4
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/5
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/6
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/7
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/8
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/9
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/10
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/11
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/12
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/13
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/14
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/15
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/16
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/17
 description Trunk to NQ-BB-1
 switchport mode trunk
 switchport nonegotiate
 spanning-tree link-type point-to-point
!
interface GigabitEthernet0/18
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
!
interface GigabitEthernet0/19
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/20
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/21
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 speed 1000
!
interface GigabitEthernet0/22
 description Link to OnBoard Admin
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/23
 description VMotion Links
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
 speed 1000
 spanning-tree bpduguard disable
 spanning-tree link-type point-to-point
!
interface GigabitEthernet0/24
 description VMotion Links
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
 speed 1000
 spanning-tree bpduguard disable
 spanning-tree link-type point-to-point
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 10.10.90.3 255.255.0.0
!
interface Vlan20
 description Management VLAN
 no ip address
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
 password 7 061C5E315C57
 login
line vty 5 15
 password 7 001E42161442
 login
!
ntp clock-period 36028761
ntp server 10.10.5.1
end






SWITCH-3020-B

!
! Last configuration change at 16:25:11 UTC Thu May 21 2009
! NVRAM config last updated at 16:25:15 UTC Thu May 21 2009
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DC-VM-02
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$4Y3.$udGa2quH1UnTJAfOT7ZUE.
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree loopguard default
spanning-tree portfast default
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name Bristol
 revision 1
 instance 1 vlan 10
 instance 2 vlan 30, 110, 120, 130, 140, 200, 220, 230, 240, 250
 instance 3 vlan 31, 111, 121, 131, 141, 201, 221, 231
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
 description Managment Link
 ip address 172.20.4.101 255.255.0.0
!
interface GigabitEthernet0/1
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/2
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/3
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/4
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/5
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/6
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/7
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/8
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/9
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/10
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/11
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/12
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/13
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/14
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/15
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/16
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
 spanning-tree portfast
!
interface GigabitEthernet0/17
 description Trunk to NQ-BB-2
 switchport mode trunk
 switchport nonegotiate
 spanning-tree link-type point-to-point
!
interface GigabitEthernet0/18
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 no cdp enable
!
interface GigabitEthernet0/19
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/20
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/21
 switchport access vlan 10
 switchport mode access
 switchport nonegotiate
 speed 1000
!
interface GigabitEthernet0/22
 description Link to OnBoard Admin
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
!
interface GigabitEthernet0/23
 description VMotion Link
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
 speed 1000
 spanning-tree link-type point-to-point
!
interface GigabitEthernet0/24
 description VMotion Link
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
 speed 1000
 spanning-tree link-type point-to-point
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 10.10.90.4 255.255.0.0
!
interface Vlan20
 no ip address
!
ip classless
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
 password 7 061C5E315C57
 login
line vty 5 15
 password 7 001E42161442
 login
!
ntp clock-period 36028678
ntp server 10.10.5.1
end
0
bsohn417Commented:
you are missing default gateway,
ip default-gateway 172.20.4.x

also you need put in either static or default route


Try this first --------------------------------
default route
ip route 0.0.0.0 0.0.0.0 172.20.4.x

This should resolve you issue.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

nappyshockAuthor Commented:
I enabled ip routing on the switch that is not accessible and added a default gateway, i tried both a default gateway to the 172.20.x.x and the 10.10.x.x but still no joy with either i'm afraid.
0
bsohn417Commented:
Here is one thing i see, U assigned and ip to interface fa0, U should assign that ip to your management VLAN
VLAN 20
before doing that check if int vlan 20 is up/ it sould not be.

Apply this config to switches assign the interface fa0 or fa0/1 to vlan 20

interface Vlan20
description Managment Link
ip address 172.20.4.101 255.255.0.0
!

In order for vlan to come up atleast one interface should be assigned and should have physical link that is up
0
bsohn417Commented:
Also does you pc sit in same subnet, if not you will need route for destination address.
0
nappyshockAuthor Commented:
The fa0 interface is not like on normal Cisco switches, from the switch you can't assign it to a VLAN, there is no switchport command available for it. It is only accessible internally from within the server blade enclosure so you can only access it via the onboard administrator port in the server enclosure. I did not setup all the server enclosure part of the install so that is my understanding. All the devices in the server enclosure (including the 3020's Fa0 port) are assigned a IP address within the 172.20.x.x (VLAN 20) range and the onboard administrator is plugged into a VLAN 20 port on a switch and they should then be accessible.
The PC i'm trying to access them from is on the VLAN 20.
0
bsohn417Commented:
Here is a document on the 3020 switch

http://www.cisco.com/en/US/docs/switches/blades/3020/software/release/12.2_25_sef1/configuration/guide/swvlan.html

int fa0/1
switchport  <--------------------makes it a switchport
Switchport mode access  <----------Define the VLAN membership mode for the port (Layer 2 access port).
switchport access vlan vlan-id   <-----------------------Assign the port to a VLAN
no shut
!

In order for switchport access vlan XX, you need to issue "switchport" command in the interface first.

 
0
nappyshockAuthor Commented:
This is taken from the Cisco guide....

The Fast Ethernet 0 (fa0) interface is an internal connection to the HP Onboard Administrator and is only used for switch management traffic, not for data traffic. It is connected to the Onboard Administrator through the blade server backplane connector. Management information that is sent to or received from this interface is not sent to the other Ethernet interfaces on the switch. This interface cannot send or receive data traffic from the servers that are connected to Gigabit interfaces 0/1 to 0/16. The speed and duplex settings for this interface are fixed at 100 Mpbs and full duplex.

The fa0 interface is a routed interface. You can use the IP addresses that are assigned to this interface to manage the switch through the HP Onboard Administrator module. By default, the fa0 interface is assigned an IP address through a DHCP server. You can also statically configure the IP address. You can see the IP address that is assigned to the fa0 interface from the Onboard Administrator GUI, through which you can manage the switch through the HP Onboard Administrator module.

We recommend that you set up your network so that you can communicate with the assigned fa0 IP address from the same external network in which the HP Onboard Administrator is located. For more information on the IP routing and IP forwarding capabilities of the HP Onboard Administrator module, see the HP BladeSystem documentation at http://www.hp.com/go/bladesystem/documentation.

If you do not want to manage the switch through the HP Onboard Administrator module, you can disable the fa0 interface by using the shutdown interface configuration command.

The fa0 interface does not route its received IP packets to the IP Address that is assigned to other VLAN interfaces on the switch. IP packets that are received by the VLAN interfaces are not routed to the fa0 interface. The fa0 interface is a routed interface, but the switch does not route IP data packets.

0
nappyshockAuthor Commented:
I'm keeping this question open as it is still being resolved and when i find the solution i'll post it to help others who get the same issue.
0
bsohn417Commented:
What is solved?,
We are just done installing HpC7000 with 4 3020s? let me know how can i help
0
DaGuru_Commented:
I'm shooting from the hip, but I think you may find that spanning tree is blocking your fa0 port on the switch where the OA is connected back to the 3020.  Try performing a 'show span active' command on that switch to confirm.

I think the reason for this is that the OA is intended to be connected to an upstream distribution switch and not back to one of its own interconnect switches.  This way, the OA can remain disjoint our out-of-band...  You can then daisy-chain the OAs if you have multiple...
0
nappyshockAuthor Commented:
I'll have to close this as i won't be going back to site in the near furure. The only info i can offer is don't connect the HP OA to the 3020, it must be something like a spanning tree issue but i won't get an oppertunnity to investigate.

Thanks bsohn417 and DaGuru for your comments.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.