pfpoulsen
asked on
5406zl (J8697A) port loses VLAN membership
I have a 5604zl switch, where I have tagged some vlans on port A6 (uplink to 2824 switch) the config look like this:
A6 is untagged in default vlan (native) and tagged in the other vlans. The port on the 2824 switch is also tagged with the other vlans, and untagged in default vlan..
And when I connect the two switches its working, i can access the tagged vlans on both switches and off couse the native default vlan.
But suddently after about 1 hour of uptime the port A6 on the 5406 seems to lose its VLAN membership, and all servers connected to the 2824 switch is lost.
The 5406 is running with software: K.13.63, and I have found the fix in a newer software release to the switch:
Is it correct that the port is loosing its VLAN membership because of a software error?
I've another 5406 switch with software K.14.84 and here i dont have this problem. I just wan't your experts to confirm my assumption.
Its critical when the port loses VLAN membership and i looses connection to 24 servers in the 2824 switch :-)
Best Regards, Steffen.
vlan 1
name "DEFAULT_VLAN"
untagged A1-A3,A6-A7,A17-A19,B2,B8-B12,B17-B18,C7-C24,Trk1-Trk4
ip helper-address 10.31.48.21
ip helper-address 10.31.48.22
ip address 10.31.45.7 255.255.255.0
tagged A20,A22
no untagged A4,A8-A16,A21,A23-A24,B1,B3-B7,B13-B16,B19-B20,Trk10
ip proxy-arp
exit
vlan 110
name "DAO_LAN"
tagged A6,Trk1-Trk4
no ip address
exit
vlan 210
name "HB-VLAN-210"
untagged A12
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 220
name "HB-VLAN-220"
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 230
name "HB-VLAN-230"
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 48
name "Server_Vlan"
untagged A4,A9,A11,A20-A21,A23-A24,B1,B3-B4,B6-B7,B13-B16,B20,Trk10
ip address 10.31.48.7 255.255.255.0
tagged A1-A3,A6,A8,A19,A22,B2,B5,B8-B12,Trk4
exitA6 is untagged in default vlan (native) and tagged in the other vlans. The port on the 2824 switch is also tagged with the other vlans, and untagged in default vlan..
And when I connect the two switches its working, i can access the tagged vlans on both switches and off couse the native default vlan.
But suddently after about 1 hour of uptime the port A6 on the 5406 seems to lose its VLAN membership, and all servers connected to the 2824 switch is lost.
The 5406 is running with software: K.13.63, and I have found the fix in a newer software release to the switch:
VRP (PR_0000040238)— After a dynamically-learned VLAN is converted to a static port-based VLAN, and an
interface is made a static member of that VLAN, disabling GVRP causes the port to lose the VLAN membership. The
running-config, startup-config and the SNMP egress static member list for the VLAN show the port as member of the
VLAN. All other data shows the port is no longer a member of the VLAN. VLAN communication over the affected
interface is no longer possible until the one of the two following workarounds is executed. Workarounds: Either reissue
the tag and untag commands for VLAN port assignment or reload the system.
Is it correct that the port is loosing its VLAN membership because of a software error?
I've another 5406 switch with software K.14.84 and here i dont have this problem. I just wan't your experts to confirm my assumption.
Its critical when the port loses VLAN membership and i looses connection to 24 servers in the 2824 switch :-)
Best Regards, Steffen.
RKinsp
This problem seems to affect only VLANs that were learned from GVRP then converted to static. Did you have GVRP enabled?
ASKER
ESB-HP-5406-Core-02# show gvrp
GVRP support
Maximum VLANs to support [256] : 256
Primary VLAN : DEFAULT_VLAN
GVRP Enabled [No] : Noapparently not.
But the other 5406 switch I have (where the uplink is connected right now) does not looses the ports vlan membership, and the only difference I can see on thoose two switches is the software version.
I have tried to change the uplink to the other 5406 switch the last two nights at arround 12pm. And in the past two nights the port has losts its VLAN membership 2pm...
If pretty tired of getting waked in the middel of the night because of this failure, do you have any other suggention if its not the software version??
Best regards, Steffen
ASKER
Here is the current setup, that is working CORE1 (5406 conncted to 2824 from port A24 to port 21)
CORE1 vlan config:
2824vlan config:
I'm trying to take the link from port A24 on CORE1, and connect it to port A6 on the CORE2
Core2 VLAN config:
And as said before this uplink change is working for two hours and then fail, causes lost connection to all devices connected to the 2824 switch...
Strange that its working for two hours before its going down. The only differnce between the CORE1 and CORE2 switch is the software version.
CORE1 vlan config:
vlan 1
name "DEFAULT_VLAN"
untagged A3-A6,A8,A10,A12,A16,A18-A21,A24-B3,B6-B7,B17,C7-C24,Trk1-Trk4
ip helper-address 10.31.48.93
ip helper-address 10.31.48.22
ip address 10.31.45.1 255.255.255.0
tagged A22
no untagged A1-A2,A7,A9,A11,A13-A15,A17,A23,B4-B5,B8-B16,B18-B20
exit
vlan 100
name "SUN_LAN"
tagged Trk1-Trk4
no ip address
exit
vlan 110
name "DAO_LAN"
untagged A2
tagged A24,Trk1-Trk4
no ip address
exit
vlan 210
name "HB-VLAN-210"
tagged A3-A4,A6-A7,A10,A12,A24-B2,B4-B6,Trk4
no ip address
exit
vlan 220
name "HB-VLAN-220"
tagged A3-A4,A6-A7,A10,A12,A24-B2,B4-B6,Trk4
no ip address
exit
vlan 230
name "HB-VLAN-230"
tagged A3-A4,A6-A7,A10,A12,A24-B2,B4-B6,Trk4
no ip address
exit
vlan 48
name "Server_Vlan"
untagged A9,A11,A13-A15,A23,B4-B5,B8,B10-B16,B18,B20
ip address 10.31.48.1 255.255.255.0
tagged A3-A6,A8,A10,A12,A22,A24-B3,B6,Trk4
exit
vlan 310
name "iSCSI-VLAN-310"
untagged A7,A17,B9,B19
tagged Trk4
no ip address
exit
vlan 47
name "ESB-PRINT"
no ip address
exit
vlan 46
name "Management"
no ip address
exit
vlan 240
name "Telenor-Statusplan"
untagged A1
tagged A3-A4,A6-A7,A10,A12,A24-B2,B4-B6,Trk4
no ip address
exit2824vlan config:
vlan 1
name "DEFAULT_VLAN"
untagged 1-3,7,9,12,14,19-24
ip address 10.31.46.121 255.255.255.0
no untagged 4-6,8,10-11,13,15-18
exit
vlan 48
name "Server_Vlan"
untagged 6,8,10-11,13,15-18
tagged 1-3,7,21
exit
vlan 210
name "HB-VLAN-210"
tagged 1-2,7,21
exit
vlan 220
name "HB-VLAN-220"
tagged 1-2,7,21
exit
vlan 230
name "HB-VLAN-230"
tagged 1-2,7,21
exit
vlan 240
name "Statusplan"
untagged 5
tagged 1-2,7,21
exit
vlan 310
name "iSCSI-VLAN"
exit
vlan 110
name "DAO_LAN"
untagged 4
tagged 21
exitI'm trying to take the link from port A24 on CORE1, and connect it to port A6 on the CORE2
Core2 VLAN config:
vlan 1
name "DEFAULT_VLAN"
untagged A1-A3,A6-A7,A17-A19,B2,B8-B12,B17-B18,C7-C24,Trk1-Trk4
ip helper-address 10.31.48.21
ip helper-address 10.31.48.22
ip address 10.31.45.7 255.255.255.0
tagged A20,A22
no untagged A4,A8-A16,A21,A23-A24,B1,B3-B7,B13-B16,B19-B20,Trk10
ip proxy-arp
exit
vlan 100
name "SUN_LAN"
tagged Trk1-Trk4
no ip address
exit
vlan 110
name "DAO_LAN"
tagged A6,Trk1-Trk4
no ip address
exit
vlan 210
name "HB-VLAN-210"
untagged A12
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 220
name "HB-VLAN-220"
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 230
name "HB-VLAN-230"
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 48
name "Server_Vlan"
untagged A4,A9,A11,A20-A21,A23-A24,B1,B3-B4,B6-B7,B13-B16,B20,Trk10
ip address 10.31.48.7 255.255.255.0
tagged A1-A3,A6,A8,A19,A22,B2,B5,B8-B12,Trk4
exit
vlan 310
name "iSCSI-VLAN-310"
untagged A8,A10,A16,A22,B5,B19
tagged A2,B2,Trk4
no ip address
exit
vlan 47
name "ESB-PRINT"
no ip address
exit
vlan 46
name "Management"
no ip address
exit
vlan 240
name "Telenor-Statusplan"
tagged A2-A3,A6,A19,B2-B3,B5-B6,B8-B12,Trk4
no ip address
exit
vlan 320
name "VMware"
untagged A13-A15
no ip address
exit
vlan 60
name "SDM-Wireless-Clients"
ip helper-address 10.31.48.21
ip helper-address 10.31.48.22
ip address 10.31.60.1 255.255.252.0
tagged Trk10
exitAnd as said before this uplink change is working for two hours and then fail, causes lost connection to all devices connected to the 2824 switch...
Strange that its working for two hours before its going down. The only differnce between the CORE1 and CORE2 switch is the software version.
Im still looking through your configs, but regardless you should update your firmware, considering there is no firmware cost.
It would be interesting to see your hole config. Everything looks alright, however a mismatched trunk configuration could cause this problem.
So far, I'd assume it is a bug and upgrade version would fix it.
So far, I'd assume it is a bug and upgrade version would fix it.
ASKER
Config attached to this comment, and thank you for your help so far.
I'll try to update the firmware at arround 1am to night. Right now the time is 10:32pm in Denmark where I am.. :)
conf.txt
I'll try to update the firmware at arround 1am to night. Right now the time is 10:32pm in Denmark where I am.. :)
conf.txt
ASKER
I'm not truking on the A6 (uplink to the 2824 switch) I'm only taging VLANs on that port..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
vlan 48
name "Server_Vlan"
untagged A4,A9,A11,A20-A21,A23-A24,
ip address 10.31.48.7 255.255.255.0
tagged A1-A3,A6,A8,A19,A22,B2,B5,B8-B12,T
Don't see that i'm missing vlan 48 :-)
There is no loop between the 2824 switches, and in log i can see that STP is not blocking the port its was the first thing i checked :)
The Update of the CORE2 swtich went fine - I'll try to night to change the uplink from CORE1 to the CORE2 switch again ...
Further follow.......
name "Server_Vlan"
untagged A4,A9,A11,A20-A21,A23-A24,
ip address 10.31.48.7 255.255.255.0
tagged A1-A3,A6,A8,A19,A22,B2,B5,B8-B12,T
Don't see that i'm missing vlan 48 :-)
There is no loop between the 2824 switches, and in log i can see that STP is not blocking the port its was the first thing i checked :)
The Update of the CORE2 swtich went fine - I'll try to night to change the uplink from CORE1 to the CORE2 switch again ...
Further follow.......
ASKER
After the update the port does not loses its vlan tags anymore, and it has worked for more than 24 hours now :-)
Wired bug.. :-)
Wired bug.. :-)
Hello Steffan, thanks for the points but it seems that you had it figured out all by yourself. I don't know if you can now, but feel free to close the question without awarding points.
Regards,
RK
Regards,
RK