• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1745
  • Last Modified:

Create a trunk link between a Cisco C3550 and a C2960G Catalyst Switch

Hi,

I'm trying to configure a trunk link between a Cisco C3550 (FastEthernet) and a C2960G (Gigabit) Catalyst switch, but I'm having issues. We have 5 subnets in our network infrastructure:

Subnet1: 172.16.0.0        255.255.255.192 - Production Mgmt Servers/devices
Subnet2: 192.168.0.0      255.255.255.0     - Production virtual servers
Subnet3: 172.16.0.64      255.255.255.192 - DR Mgmt Servers/devices
Subnet4: 192.168.100.0  255.255.255.0     - DR virtual servers
Subnet5: 192.168.1.0      255.255.255.0     - PCs/Laptops

The switch IPs are:
Prod-SW-01: 172.16.0.1
DR-SW-01: 172.16.0.65

I have configured 4 VLANs on each switch:

int vlan 100
int vlan 101
int vlan 200
int vlan 201

On the C2960G (Prod-SW-01), I have configured the downlink port as follows:

interface GigabitEthernet1/0/24
 description Trunk to DR-SW-01
 switchport trunk allowed vlan 100,101,200,201
 switchport mode trunk
 speed 100
 duplex full

On the C3550 (DR-SW-01), I have configured the uplink port as follows:

interface FastEthernet1/0/24
 description Trunk to Prod-SW-01
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 100,101,200,201
 switchport mode trunk
 speed 100
 duplex full

From the C3550 switch (DR-SW-01), I can ping devices on VLAN 100 and 101.
From the C2960G on VLAN 100, I can ping telnet to the switch, but cannot ping any directly connected device on VLAN200 (172.16.0.64/26).

The only thing I can see that's different is that the C3550, being an older switch prompts me to configure a VLAN encapsulation type when I attempt to make a port a trunk. The C2960G does not require this. I'm not sure if this is the problem!

Any ideas how I should go about this, change this or troubleshoot this?

Thanks,
Fin
0
cpadm
Asked:
cpadm
  • 2
  • 2
  • 2
  • +2
4 Solutions
 
TMekeelCommented:
You have access ports configured for the VLANs and active devices, or just IP addresses for the VLANs?

Can you post a sh run or sh int and sh vlan   (sanitized)

I'm not sure if the 2960G supports ISL anymore, but would be the reason you do not get prompted to provide an encapsulation type on that switch.

Sounds like you dont have routing between the vlans...if you put a device in vlan 200 on each switch, can they talk to each other?
0
 
fgasimzadeCommented:
I think it is a layer 3 (routing) issue, but first of all make sure you configured your access ports with appropriate VLANs


So, VLAN200 is 172.16.0.64 subnet. Can you ping inside this subnet?
0
 
pergrCommented:
As said, you have not told us what device is supposed to route between VLAN.

What IP address is the default gateway in each VLAN?
On what device is that IP address located?
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
mat1458Commented:
The 2960 is a pure L2 switch, so it cannot route. It needs the 3550 for that. The trunk you configured loks pretty much ok. The encapsulation command on the 3550 is ok as well because it matches with the default encapsulation dot1q on the 2960.

With show run and show vlan it probably would be evident what is missing. My guess is that you might have forgotten to add the VLAN to the vlan database. I personally prefer VTP transparent configuration so that I see all vlan in the config file of each switch. (It's easier to replace a switch as well.) It would look that way on both switches:

vtp transparent (on 3550)
vtp mode transparent (on 2960)
vtp domain <your-domain-name>
vlan 100
vlan 101
vlan 200
vlan 201

As you have five subnets and only four VLAN I assume that you run the management of the switches in VLAN1. This needs to be allowed on the trunk, otherwise no data is transferred:
switchport trunk allowed vlan add 1

Then you might need a default gateway on the 2960:
ip default-gateway 172.16.0.1

Finally did you switch on ip routing on the 3550 switch?
ip routing
0
 
cpadmAuthor Commented:
I'm out on site this morning, but when I get back to the office, I'll get sh runs of both switches and sh vlans.

There is a default gateway set that is pingable  (192.168.0.220 - this is a core switch that is uplinked from the C2960g) .

I can ping a laptop that is directly connected to the C3550 on port 1. The laptops IP is 172.16.0.82/26.

 I don't have 'IP routing' configured on the C3550.
0
 
pergrCommented:
If you route on the core switch, then you need to trunk all VLANs also up to that switch.
0
 
mat1458Commented:
Please send in the show run of the core switch as well and maybe a little drwaing on how you have connected allt the switches.
The default gateway IP address of your switches needs to be in the same subnet as their IP addresses.
0
 
cpadmAuthor Commented:
Apologies for the late allocation of points here - There were a number of issues with the network that I came across, mainly due to your suggestions and questions above.

The network was originally configured as follows:

Core Switch (C3550) -> Production Switch (C2960S) -> DR Switch (C3550)

When it should have been configured with the Core Switch routing directly to the Production and DR switches:

Core Switch (C3550) -> Production Switch (C2960S)
Core Switch (C3550) -> DR Switch (C3550)

This solved the routing issue as both Prod and DR switches then had the same gateway IPs.

I was a bit rusty with my networking and had lost the concept of layer 2 and layer 3 VLANs, but once you pointed that out I was able to troubleshoot accordingly.

The trunk ports VLANs were also configured incorrectly so your suggestions also help me resolve that issue.

Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 2
  • 2
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now