?
Solved

VLAN SLOWNESS

Posted on 2014-01-23
23
Medium Priority
?
366 Views
Last Modified: 2016-11-23
VLAN Slowness




Hello Everyone,

 
I have issues with slowness when it comes to VLANS and switching.

 
 
I have a Core 3560 Switches that takes care of vlan and set as layer 3 switch\router

 
Fiber Trunk  with encap dot1q

 
I have a Remote 3560 Switch that has VLAN 171 on the remote locations ports.  This is a 10/100 Switch

 
¿When I try to ping  From a pc that is attached to the switch, I do not drop packets but it is a slow ms ping times and we are having issues with database being slow.  I have checked the PC plus checked for updates for the computer.   But we still have the issue on all computers that are within the VLAN.

 
Here are the ping times that we were able to get from the Dell Comptuer

 
¿Reply from 192.168.XX.254 bytes=32 time=497ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=387ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=232ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=674ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=419ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=35ms TTL=64

Reply from 192.168.XX.254 bytes=32 time=542ms TTL=64

 
This is a contants times between these switches and still have same issues.
0
Comment
Question by:ftgas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
  • 2
23 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 39805457
Could be a number of reasons.

Can you post the config for both switches?
0
 

Author Comment

by:ftgas
ID: 39806303
CORE LOCATION

no aaa new-model
clock timezone UTC -5
vtp interface lo1
ip subnet-zero
ip routing
!
no file verify auto
spanning-tree mode pvst
spanning-tree portfast default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/27
 description LINK TO REMOTE OFFICE
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface Vlan171
 description REMOTE OFFICE
 ip address 192.168.XX.254 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 G.G.G.254
0
 

Author Comment

by:ftgas
ID: 39806317
REMOTE SWITCH

no aaa new-model
clock timezone UTC -5
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree portfast default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface GigabitEthernet0/1
 description LINK TO CORE SWITCH
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/1
 switchport access vlan 171
!
interface FastEthernet0/2
 switchport access vlan 171
!
interface FastEthernet0/3
 switchport access vlan 171
!
interface FastEthernet0/4
 switchport access vlan 171

interface Vlan1
 no ip address
 shutdown
!
interface Vlan171
 description Default Route to CORE SWITCH
 ip address 192.168.XX.253 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.XX.254
ip http server
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 51

Expert Comment

by:Netman66
ID: 39806432
For both switches on the trunk interface, you need to allow the vlan.

Switchport trunk allowed add vlan 171.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806454
You might also want to consider the following:

Making the core switch a vtp server:
vtp mode server

Making all other switches vtp clients:
vtp mode client

Creating a vtp domain:
vtp domain {make something up} <= needs to be on all switches to participate.

Changing the vtp interface to vlan1.  I see you aren't using vlan1 though, so just remove vlan interface l01.

When making the core a vtp server and the other switches vtp clients, then all you need to do is create the vlan on the core and it is available to all client switches automagically.

You also do not need a vlan interface on remote switches if all is setup correctly.  Dot1q tagging and vtp take care of sending it to the core.  Nor do you need routing unless you want layer3 at the access layer.  Layer2 will work fine.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806478
Also, can you post a result for this:

sho ip int bri
0
 

Author Comment

by:ftgas
ID: 39806623
CORE SWITCH


Vlan171                192.168.71.254  YES manual up                    up
GigabitEthernet0/27    unassigned      YES unset  up                    up

REMOTE SWITCH

Vlan171                192.168.71.253  YES manual up                    up
FastEthernet0/1        unassigned      YES unset  up                    up
FastEthernet0/2        unassigned      YES unset  up                    up
FastEthernet0/3        unassigned      YES unset  up                    up
FastEthernet0/4        unassigned      YES unset  up                    up
FastEthernet0/5        unassigned      YES unset  up                    up
FastEthernet0/6        unassigned      YES unset  up                    up
GigabitEthernet0/1     unassigned      YES unset  up                    up
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806665
So you have the vtp interface as loopback1 but do not have it defined as an interface.

If you remove the vtp interface statement, then the lowest vlan ID should become the local updater address.

If you don't need layer 3 routing at the access layer, then you can remove the routing and the layer 3 vlan interface and let layer 2 do the work.
0
 

Author Comment

by:ftgas
ID: 39806699
show vtp status on CORE

VTP Version                     : 2
Configuration Revision          : 52
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 25
VTP Operating Mode              : Server
VTP Domain Name                 : testnetwork
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xD8 0x84 0xF1 0x73 0x7E 0xAC 0x8F 0x38


Show VTP STATUS on REMOTE SWITCH

VTP Version                     : 2
Configuration Revision          : 52
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 25
VTP Operating Mode              : Client
VTP Domain Name                 : testnetwork
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xD8 0x84 0xF1 0x73 0x7E 0xAC 0x8F 0x38
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806852
ok, that's fine.  Did you add vlan to trunk?
0
 

Author Comment

by:ftgas
ID: 39806857
yes
0
 

Author Comment

by:ftgas
ID: 39806875
Can I have routing on the Main switch but not on the remote switch.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806891
See, you have layer 3 and layer 2 configured on the remote switch.

I would remove the routing stuff and work with layer 2 unless you need layer 3 at the access switch.

Since I don't know the entire core config, I'm not sure where you go with you wan stuff or how you're routing there.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39806892
yes to your routing q.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 2000 total points
ID: 39806895
Inter-vlan routing is as simple as just using the ip route command on the core.  Unless you want to "steer" traffic, all routes will get learned and don't explicitly need to be set (on a simple network).
0
 

Author Comment

by:ftgas
ID: 39807024
This is what I am getting from a PC on the remote switch pinging 192.168.71.254 which is the ip on the core switch.

Pinging 192.168.71.254 with 32 bytes of data:
Reply from 192.168.71.254: bytes=32 time=35ms TTL=255
Reply from 192.168.71.254: bytes=32 time=249ms TTL=255
Reply from 192.168.71.254: bytes=32 time=452ms TTL=255
Reply from 192.168.71.254: bytes=32 time=2ms TTL=255
Reply from 192.168.71.254: bytes=32 time=265ms TTL=255
Reply from 192.168.71.254: bytes=32 time=468ms TTL=255
Reply from 192.168.71.254: bytes=32 time=62ms TTL=255
Reply from 192.168.71.254: bytes=32 time=265ms TTL=255
Reply from 192.168.71.254: bytes=32 time=468ms TTL=255
Reply from 192.168.71.254: bytes=32 time=62ms TTL=255
Reply from 192.168.71.254: bytes=32 time=265ms TTL=255
Reply from 192.168.71.254: bytes=32 time=467ms TTL=255
Reply from 192.168.71.254: bytes=32 time=62ms TTL=255
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39807070
Getting better, but still not good.

Can you repost the configs now?

If you want anonymity, then send them to my alias here at gmail.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39807129
Confirm that IP CEF is running, if not turn it on.

Also, confirm if QoS is configured, if not, configure it. "Auto QoS" suffices in most cases
0
 

Author Comment

by:ftgas
ID: 39807386
netman I sent you an email
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39807400
Haven't seen it arrive.
0
 

Author Comment

by:ftgas
ID: 39807410
netman66@gmail.com correct
0
 

Author Comment

by:ftgas
ID: 39807470
sent from another email
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39815041
Did you confirm IP CEF and CoS, or you haven't had time to check it?
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses
Course of the Month11 days, 14 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question