Link to home
Start Free TrialLog in
Avatar of mwatson536
mwatson536

asked on

Vlan's between switches

I am trying to move hardware off some older Netgear switches to some Cisco switches.  I wanted to do some testing before I just moved everything over.  The site has multiple vlans but I am testing with just 2 of them.  Vlan 104 is for subnet 192.168.4.X Vlan 11 is subnet 10.0.1.X.  I have a cable between the two sets of switches on the Netgear the port is configured like so:


interface 2/0/20
vlan pvid 104
vlan participation include 10-14,16,100,104
vlan tagging 10-14,16,100,104


On the Cisco Side like so:


interface GigabitEthernet3/0/48
 description Trunk_Port_Netgear
 switchport trunk native vlan 104
 switchport trunk allowed vlan 11,104
 switchport mode trunk


I am plugged into the Cisco switch on vlan 104 and I can see and ping all the equipment on the Netgears on all the subnets.  Problem when I plug a test pc in to a port assigned to Vlan 11 on the cisco switch I can't ping it form either network.


No I am not really strong in the Vlan arena and I have beat my head on this issue long enough.  So any help would be great.


Thank you


Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image

On the Cisco side can you do:

show vlan brief

...and post the output please?
Avatar of mwatson536
mwatson536

ASKER


Switch#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/13, Gi1/0/14, Gi1/0/15
                                                Gi1/0/16, Gi1/0/17, Gi1/0/18
                                                Gi1/0/19, Gi1/0/20, Gi1/0/21
                                                Gi1/0/22, Gi1/0/23, Gi1/0/24
                                                Gi1/0/25, Gi1/0/26, Gi1/0/27
                                                Gi1/0/28, Gi1/0/29, Gi1/0/30
                                                Gi1/0/31, Gi1/0/32, Gi1/0/33
                                                Gi1/0/34, Gi1/0/35, Gi1/0/36
                                                Gi1/0/38, Gi1/0/39, Gi1/0/40
                                                Gi1/0/41, Gi1/0/42, Gi1/0/43
                                                Gi1/0/44, Gi1/0/45, Gi1/0/46
                                                Gi1/0/47, Gi1/0/48, Te1/0/1
                                                Te1/0/2, Gi3/0/13, Gi3/0/14
                                                Gi3/0/15, Gi3/0/16, Gi3/0/17
                                                Gi3/0/18, Gi3/0/19, Gi3/0/20
                                                Gi3/0/21, Gi3/0/22, Gi3/0/23
                                                Gi3/0/24, Gi3/0/25, Gi3/0/26
                                                Gi3/0/27, Gi3/0/28, Gi3/0/29
                                                Gi3/0/30, Gi3/0/31, Gi3/0/32
                                                Gi3/0/33, Gi3/0/34, Gi3/0/35

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
                                                Gi3/0/36, Gi3/0/39, Gi3/0/40
                                                Gi3/0/41, Gi3/0/42, Gi3/0/43
                                                Gi3/0/44, Gi3/0/45, Gi3/0/46
                                                Gi3/0/47, Te3/0/1, Te3/0/2
11   VLAN0011                         active    Gi1/0/37, Gi3/0/37, Gi3/0/38
104  VLAN0104                         active    Gi1/0/1, Gi1/0/2, Gi1/0/3
                                                Gi1/0/4, Gi1/0/5, Gi1/0/6
                                                Gi1/0/7, Gi1/0/8, Gi1/0/9
                                                Gi1/0/10, Gi1/0/11, Gi1/0/12
                                                Gi3/0/1, Gi3/0/2, Gi3/0/3
                                                Gi3/0/4, Gi3/0/5, Gi3/0/6
                                                Gi3/0/7, Gi3/0/8, Gi3/0/9
                                                Gi3/0/10, Gi3/0/11, Gi3/0/12
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup


Not an expert on Cisco but it sounds like you need to check the gateway address and ensure you have a proper route in there to pass traffic to the primary vlan.


On the Cisco side I am passing traffic to the Netgear so I have the following:

ip route 0.0.0.0 0.0.0.0 192.168.4.254

I can ping the default gateway for the 10.0.1.x network from the cisco so traffic is getting pushed through.  It's just 10.0.1.x devices on the cisco switches that can't ping or be pinged.

Thanks.

If you put a client on vlan 11 on each side of the link (so one on the Netgear and one on the Cisco), can they ping each other?

Is the issue only that clients on the Cisco switch can't ping anything on another VLAN, or be pinged from another VLAN?
Ok so I have two esxi hosts connected to both switches.
Host 1 has VMK3 connected to Netgear ip address is 10.0.1.38 and VMK4 connected to Cisco ip 10.0.1.220
Host 2 has VMK3 connected to Netgear ip address is 10.0.1.19 nothing connected to Cisco.
_________________________________________
So ping from host 2 to host 1 ip on Netgear:
vmkping -I vmk3 10.0.1.38
PING 10.0.1.38 (10.0.1.38): 56 data bytes
64 bytes from 10.0.1.38: icmp_seq=0 ttl=64 time=0.191 ms
64 bytes from 10.0.1.38: icmp_seq=1 ttl=64 time=0.172 ms
64 bytes from 10.0.1.38: icmp_seq=2 ttl=64 time=0.186 ms
___________________________________________
Ping from host 2 to host 1 Cisco ip:
 vmkping -I vmk3 10.0.1.220
PING 10.0.1.220 (10.0.1.220): 56 data bytes

--- 10.0.1.220 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
________________________________________________________
Ping from host 1 Netgear port to 10.0.1.1 (default Gateway)
vmkping -I vmk3 10.0.1.1
PING 10.0.1.1 (10.0.1.1): 56 data bytes
64 bytes from 10.0.1.1: icmp_seq=0 ttl=64 time=8.328 ms
64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.755 ms
64 bytes from 10.0.1.1: icmp_seq=2 ttl=64 time=0.743 ms
________________________________________________________
Ping from Host 1 Cisco port to 10.0.1.1

vmkping -I vmk4 10.0.1.1
PING 10.0.1.1 (10.0.1.1): 56 data bytes

--- 10.0.1.1 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
_____________________________________________________________

Can you post the Cisco config please?

Also, are you saying that Host1 VM is dual-homed (one link to each switch)? If so, can you disconnect VMK3, so you have one VM on each switch? This will help keep troubleshooting simple.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2022.06.20 09:09:09 =~=~=~=~=~=~=~=~=~=~=~=
term len 0
Switch#sh run
Building configuration...

Current configuration : 8524 bytes
!
! Last configuration change at 08:49:26 PDT Mon Jun 20 2022 by
! NVRAM config last updated at 08:25:47 PDT Mon Jun 20 2022 by
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
no logging console

no aaa new-model
clock timezone PDT -7 0
switch 1 provision ws-c2960xr-48lpd-i
switch 3 provision ws-c2960xr-48lpd-i
system mtu routing 1500
!
!
!
!
!
!
!
!
!

spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet1/0/1
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
 switchport access vlan 11
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface TenGigabitEthernet1/0/1
!
interface TenGigabitEthernet1/0/2
!
interface GigabitEthernet3/0/1
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/2
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/3
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/4
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/5
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/6
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/7
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/8
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/9
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/10
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/11
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/12
 switchport access vlan 104
 spanning-tree portfast
!
interface GigabitEthernet3/0/13
!
interface GigabitEthernet3/0/14
!
interface GigabitEthernet3/0/15
!
interface GigabitEthernet3/0/16
!
interface GigabitEthernet3/0/17
!
interface GigabitEthernet3/0/18
!
interface GigabitEthernet3/0/19
!
interface GigabitEthernet3/0/20
!
interface GigabitEthernet3/0/21
!
interface GigabitEthernet3/0/22
!
interface GigabitEthernet3/0/23
!
interface GigabitEthernet3/0/24
!
interface GigabitEthernet3/0/25
!
interface GigabitEthernet3/0/26
!
interface GigabitEthernet3/0/27
!
interface GigabitEthernet3/0/28
!
interface GigabitEthernet3/0/29
!
interface GigabitEthernet3/0/30
!
interface GigabitEthernet3/0/31
!
interface GigabitEthernet3/0/32
!
interface GigabitEthernet3/0/33
!
interface GigabitEthernet3/0/34
!
interface GigabitEthernet3/0/35
!
interface GigabitEthernet3/0/36
!
interface GigabitEthernet3/0/37
 description VMnic3_10-0-1-25_Vmotion
 switchport access vlan 11
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet3/0/38
 description Vmnic3_10-0-1-29_Vmotion
 switchport access vlan 11
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet3/0/39
!
interface GigabitEthernet3/0/40
!
interface GigabitEthernet3/0/41
!
interface GigabitEthernet3/0/42
!
interface GigabitEthernet3/0/43
!
interface GigabitEthernet3/0/44
!
interface GigabitEthernet3/0/45
!
interface GigabitEthernet3/0/46
!
interface GigabitEthernet3/0/47
!
interface GigabitEthernet3/0/48
 description Trunk_Port_Netgear
 switchport trunk native vlan 104
 switchport trunk allowed vlan 11,104
 switchport mode trunk
!
interface GigabitEthernet3/0/49
!
interface GigabitEthernet3/0/50
!
interface TenGigabitEthernet3/0/1
!
interface TenGigabitEthernet3/0/2
!
interface Vlan1
 description WTU Office Lan
 no ip address
 shutdown
!
interface Vlan11
 description WTU-Infra-Lan
 ip address 10.0.1.254 255.255.255.0
!
interface Vlan104
 description WTU_Lan_Vlan
 ip address 192.168.4.3 255.255.255.0
!
ip default-gateway 192.168.4.254
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 192.168.4.254
!
!
logging facility syslog
logging source-interface Vlan1
logging snmp-trap emergencies
logging snmp-trap alerts
logging snmp-trap critical
logging snmp-trap errors
logging snmp-trap warnings
logging snmp-trap notifications
logging host 192.168.10.5
!

!
ntp server 128.138.140.44
end

Switch#exit


No I don't have any VM's on the cisco switch,  I have a physical adapter from one host attached on a test network.  If I move that connection to the Netgear switch I can ping it all day long.  From the cisco switch I can ping 10.0.1.1 which is the default Gateway on the firewall, I can ping 10.0.1.25 which is the mgmt ip for one Host plugged in to the Netgear switch.

I just can not ping the 10.0.1.220 which is plugged into port 3/0/38 on the cisco switch.  I have tried another laptop on that port and get the same results.  So it seems to me that anything on the 192.168.4.X network is getting through but the 10.0.1.x is not.
Is the vmnic on the ESXi host using a trunk?

It is not plugged into a trunk port on the Cisco

interface GigabitEthernet3/0/37
 description VMnic3_10-0-1-25_Vmotion
 switchport access vlan 11
 switchport mode access
 spanning-tree portfast 

I understand. What I'm asking is, is the management network on the ESXi host using a tagged VLAN ID? Can you screenshot the config for VMK3 and VMK4 and post here please?
Ah yes Management is using Vlan ID below are the VMk3 and 4
User generated image
Port properties
Network labelTestPorts
VLAN ID11
TCP/IP stackDefault
Enabled services--
IPv4 settings
DHCPDisabled
IPv4 address10.0.1.220 (static)
Subnet mask255.255.255.0
Default gateway10.0.1.1
DNS server addresses192.168.4.10192.168.11.10
NIC settings
MAC address00:50:56:68:21:7a
MTU1500
Port properties
Network labelTestPorts
VLAN ID11
TCP/IP stackDefault
Enabled services--
IPv4 settings
DHCPDisabled
IPv4 address10.0.1.220 (static)
Subnet mask255.255.255.0
Default gateway10.0.1.1
DNS server addresses192.168.4.10192.168.11.10
NIC settings
MAC address00:50:56:68:21:7a
MTU1500


















User generated image
Port properties
Network labelVMotion
VLAN ID11
TCP/IP stackDefault
Enabled servicesvMotion
IPv4 settings
DHCPDisabled
IPv4 address10.0.1.38 (static)
Subnet mask255.255.255.0
Default gateway10.0.1.1
DNS server addresses192.168.4.10192.168.11.10
NIC settings
MAC address00:50:56:6e:12:ae
MTU1500
Port properties
Network labelVMotion
VLAN ID11
TCP/IP stackDefault
Enabled servicesvMotion
IPv4 settings
DHCPDisabled
IPv4 address10.0.1.38 (static)
Subnet mask255.255.255.0
Default gateway10.0.1.1
DNS server addresses192.168.4.10192.168.11.10
NIC settings
MAC address00:50:56:6e:12:ae
MTU1500


ASKER CERTIFIED SOLUTION
Avatar of Craig Beck
Craig Beck
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Ok I will give it a try.

Thanks
Ok that worked so my question to you is if the device is using vlan ID say like the VMk's on the VMware then I need to make the port a trunk right with the native vlan set to something like 999?

Now all told there are 5 vlans that are being used on the Netgear switches, I will need to create the rest of the vlans on the cisco switches and add those new vlans to the trunk port between the switches as allowed vlans right?

Then any port again that is talking to one of those vlans that is using vlan id make it a trunk, if no vlan id then I can use vlan accsess right?

Thank you
Ok that worked so my question to you is if the device is using vlan ID say like the VMk's on the VMware then I need to make the port a trunk right with the native vlan set to something like 999? 
Correct. Conversely, if you have a vmnic with a VLAN ID set to 0, use an access port on the Cisco and set the access VLAN ID to whatever it needs to be.

Now all told there are 5 vlans that are being used on the Netgear switches, I will need to create the rest of the vlans on the cisco switches and add those new vlans to the trunk port between the switches as allowed vlans right?
Correct again.

Then any port again that is talking to one of those vlans that is using vlan id make it a trunk, if no vlan id then I can use vlan accsess right?
Yes. Usually links between switches use trunks, but that can also include servers where they use multiple VLANs. Devices such as PCs, etc. just use an access port with the correct VLAN ID set.