can't ping a switch from another switch on same vlan?

only my core is layer 3, has up routing enabled, the others do not.
core = Cisco 3850
others= Cisco 2960x

yes, I have vlan1 on all my switches, but I've added a 2nd svi, vlan 40 on at least 4 switches, plan to do it on all my switches, as I'm going to use vlan 40 for networkmgt vlan.
so the problem is, I need to have both vlan1 up for the existing g network to function and vlan 40 for the new vlan to manage all the switches.
so after I create the svi for vlan 40, can I disable vlan 1?  will that affect traffic?  all my ports are on vlan1, so I wasn't sure if I disable that, if it would affect the traffic?  probably not, I think it's just for accessing g the switch, but hasn't tried yet to disable vlan1 on any of the switches.


every switches has a default gateway, still pointing to the old ip.

I will try to ping using the source command when I get into the office on Monday.

yes, every switch has vlan40 created, when you mean L2, I'm assuming it's just the vlan 40 command and not the svi command?

yes, I did a no shutdown.


I think the problem is that switch one for vlan 40 has a lower bridge priority than the priority on my core switch, vlan40.

I lowered it 3 days ago, on my core, made it 4096, but it still did t make a difference.

VLAN1 needs to exist as a VLAN, but you don't need a SVI for it on the L2 switches for traffic to pass. If your management VLAN is 40, as long as the interfaces between switches are trunks and VLAN40 is allowed on them you won't have a problem if all your ports are on VLAN1.

Just do:

conf t
no int vlan1
end

Select allOpen in new window

That will leave you with an SVI for VLAN40 which should come up. STP has nothing to do with it.

got it, if the upload ports are all trunks, won't that allow all vlans tomm no pass, or is there a specific command to allow vlan 40 tru?

I just realized, I have 3 other switches already configured with int vlan1 and int vlan 40, and they work fine with 2 svi's, so how is that possible?  also, the switches ping fine on vlan 40, both directions.

L2 switches can have multiple SVI. They just can't route other traffic, and there usually isn't a use case to have multiple SVI on a L2 switch long term.

All defined vlans are allowed on a Cisco trunk port be default. L2 VLAN does need to be defined, however.

If switch port trunk allowed VLAN [ ] command is applied, then only those VLANs are allowed.

Usually Cisco switches will only allow more than one SVI to be up/up if they are configured to run IP routing.

Post the output of (just copy/paste the below):

show vlan brief
!
!
!
show ip int brief
!
!
!
show int trunk

Select allOpen in new window

...from the affected switch.

Thanks everyone for pointing me in the right direction.
The problem was that on my Po7, (port channel 7), I had only allowed vlan1.   ( switchport trunk allowed vlan 1)  
I added vlan 40 now, and it's working,   I can ping in both directions.

I tried to delete vlan 1 int, but the system won't let me, so I just removed the IP address and did a shut on it.

is that all I need to do?

great, thanks, that's what I did