Cisco Switching/Routing :: 3560 Multiple Switches One Trunk Port
Sep 21, 2012
We have 7 3560's in 7 different locations connected to our providor for wan access. Our provider has given us a copper cable at each point and we have connected it directly to our 3560 switch at each location. Each port is configured the same way at each location. Each switch is running eigrp.All of the switch ports on each switch are configured as a trunk and vlan 299 had the ip address for the eigrp connection: [code] This setup is working as each switch see's all of the other switches as an eigrp neighbor. We have also made sure that the switch at our head office has spanning tree priority for vlan 299.
So the problem is, if there is a change in the topology at one of the locations it usually causes one or more of the other connections to go down for some reason. We just cannot pinpoint what is causing this change. There are no log's or anything other than an eigrp hold time expired message.?
View 9 Replies
ADVERTISEMENT
Jul 10, 2012
I have a pair of 3560's configured with dot1q trunks between them carrying a number of VLANs.
Once deployed there will be a requirement for these physical trunks to be disconnected from time to time. Knowing that this is inevitable I am trying to minimise the period of time for the trunks to recover once the physical connectivity is reinstated.
All of the VLANs on the switches are configured for Spanning Tree Rapid PVST. Current time for the trunks/VLANs to come up is around the 4 second mark.
View 11 Replies
View Related
Oct 11, 2010
Any way to test in a lab what would happen if a tech mistakingly added "switchport voice vlan XX" to a trunk port? I am try to do some RCA on an issue and this has been identified as a possible cause by one of my techs.
The config is Switch1------Switch2--------Switch3 Each interswitch connection is configured as a dot1q trunk with all vlans allowed. The link between switch2 and 3 is where switchport voice vlan 10 was added. Switch1 is a 3750 and 2/3 are 3560's.
View 8 Replies
View Related
Sep 2, 2012
Is it possible to use Port Security mechanism between two switch (3750 or 3560) ports while trunk has been configured? If it's not possible, is there any other way to ensure that no other Switch can be connected other then the one switch which has been configured/placed by a network engineer?
View 4 Replies
View Related
Feb 12, 2012
we recently aquired a managed services job and have to do a overhaul of the vlan configs and have a whole dozen WC2948G's trunk between a set of ports as well as trunk out a LAG channel setup to non cisco equipment. the deal is the lacp-channel works properly on both ends but no routing of vlans between ports and between the lag trunk are working.
theres alot of settings in the config and im planning on clearing it and starting from scratch but before i do i want to know where my problem lies.
[code]...
View 6 Replies
View Related
Jul 9, 2012
For some special arrangement, I would like to connect 2 access ports from a 3550 switch to 3560 switch.1 port for vlan 200, another port for vlan 201.Will this introduce bad thing to the switches?
View 4 Replies
View Related
Oct 25, 2012
I'm new to networking and was looking for some assistance. First off im using packet tracer to diagram my senario as I will be receiving my equipment next week to deploy.
Hardware to be used:
1. 2 catalyst 3560 switches
2. all connect to a sonic wall router
I have two companies that work in the same office space. I need to keep these companies seperate on their own vlan. They will however need to share the phone system.(Packet tracer file uploaded to give those who have the time to see what I put together.) [code]
View 13 Replies
View Related
Feb 5, 2013
I have 3560's in my current environment, operating in the core/distro/access layers. The switches are in a star configuration, performs only layer 2 switching, and utilizes copper (no plans on moving to fiber).
With a fairly limited budget, I've been contemplating on upgrading the central node to a stacked 3750X to eliminate that single point of failure, and trunk the rest of the 3560's to the stacked switch. I wanted to be sure that the 3750X switches will be right for my environment (90-100 hosts), and if what I explained above is a good solution.
I'm also looking like to upgrade 6-7 of my servers (and SAN) with 10GB network cards. Do the ports on the 3750X have port densities capable of 10GB? If not, what switches provide that capability?
View 10 Replies
View Related
Jun 6, 2013
I have a Cisco SW ( 3560 ) with one Trunk link to my router ( 7606 ), Trunk link is fully utilized so i need to add 2nd Trunk.Shall all move some customers from old trunk to 2nd one and create a new subterface for them ?I am think if i can create bundle and add subinterfaces under this bundle ?Add two GE ports to be memeber of this bundle ?
View 5 Replies
View Related
Apr 11, 2013
Is there really any reason why you wouldn't use spanning-tree portfast on a trunk port other than a trunk between two switches? We have it enabled on all ports except for the fiber trunk between two non-stacked switches and the trunk ports connected to our Astaro firewall.I'd like to enable it on the ports to the firewall unless that would cause issues.
View 9 Replies
View Related
Jan 5, 2012
We have purchased 3 no CISCO SF300-48P (Access Switches) with the interest of setting up a new laboratory consisting of 120 desktops. We currently have a CISCO 4507R (Core Switch) and a CISCO 3560 (Distribution Switch) for the campus wide network. Our network is developed with various VLANS to support Internet and Intranet facilities. The new lab need to be incorporated in to the Campus wide network with a new VLAN ID. But problem is while trunking the CISCO 3560 (Distribution switch) to the CISCO SF300-48P (Access Switch) communication does not happen. While, surfing the internet and various doc's say that SF300 uses GVRP instead of dot1q trunking.
View 4 Replies
View Related
Nov 8, 2011
I need to create a trunk between a Cisco 3560 and a Juniper EX4200I am perfectly happy with the the Cisco side and want to only allow 1 vlan across the trunk, which I was going to configure on the 3560 side. Any experience on trunking to a Juniper Ex4200.Looking at the Juniper side it looks like I just set the port as a L2 uplink.
View 3 Replies
View Related
Aug 27, 2012
A client of ours has installed an SG300-24P switch and would like to setup a LAG between the SG300 and the 3560 switch we manage for them. They would like the LAG to also pass the voice and two data VLANs currently in use; 5, 10, and 100 respectively. I configured the two ports as an Etherchannel with trunking on the logical port, but no luck. I reconfigured as follows:
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode active
end
[code]....
I see no output when I do show lacp nei. At this point the client is looking to use for the configurations to use as he does not know how to setup the SG300 and it is a switch I have never dealt with. I have found some configurations that I believe would allow a single VLAN across, but nothing I believe will allow the LAG to pass all the VLAN's.
View 7 Replies
View Related
Jan 28, 2013
if i have this config:
switch port mode trunk
trunk aloved vlan 50
will travel over this trunk untagged packets? For eg the V LAN 1 is by default native V LAN without tag. If i have created a bog ring with catalyst 3560x switches with no spanning tree on V LAN 1 can be the case of this config a loop ???
I am using upper config on interfaces that are connected the switches together in ring.
Other interfaces on switch have this config:
int range 0/1-4
switchport mode acc
switchport acc vlan1
int range 0/5-24
switchport mode acc
switchport acc vlan50
I am using vlan1 just for local switching without connection to internet! I am asking just because i have this king of messages in logs:
%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on GigabitEthernet1/0/27 (1), with SW3560x_BR8874 GigabitEthernet1/0/19 (50).
GI 1/0/27 and GI 1/0/19 have this config:
switchport mode trunk
trunk aloved vlan 50
View 5 Replies
View Related
Jan 2, 2012
I need to implement the shaping VLAN only on the trunk link between the 6500 and 3560. [code]
View 8 Replies
View Related
Feb 18, 2013
I have a 3750g connected to a "core" switch stack of 7 other 3750g's via 2 GigE ports in a trunk. This is currently in a switchport mode access port- channel so only the default vlan data is sent over. Now we have a need due to physical location of these switches, to allow vlan20 (DMZ) from this 3750g to the switch stack. I will configure a few ports on the switch stack for vlan20 and they need to be able to talk to the stand alone 3750g.To do this I will change the port channel on both endpoints to
-switchport trunk ecapsulation dot1q
-switchport mode dynamic desirable
also making the appropriate change on the interfaces belonging to this trunk.My question is, now that its a trunk port that carries multiple VLANs, how much is the bandwidth reduced on that 2gbps link?I have a very active VLAN (10) on the stand alone switch, but on the core I'm not going to be assigning VLAN 10 to any ports. So does traffic from VLAN10 even come across the trunk (wasting bandwidth) if no ports on the core side are assigned to it? I really just need vlan 1 and 20 (for now).
View 11 Replies
View Related
Jan 29, 2012
I have client who has two distant offices with 3750 L3 as core (do all vlan routing for local office) and multiple L2 access switches with multiple VLAN’s connected to it. First 3750 is hub also connected to internet, second 3750 is spoke and acting as a router on stick. We have eigrp configured on both side ISP provided client 100Mbps link as a trunk with two vlan; vlan10 for voice and vlan20 for data. We assigned two small subnets to these vlans 10.15.17.0/29 and 10.15.17.9/29. Hub addresses are 10.15.17.1 and 10.15.17.9 respectively. How to force voice over VLAN10 and data via vlan20, but still do some load balancing? How to setup default route on second (router on stick) switch?
View 1 Replies
View Related
Apr 22, 2012
I have 2 Cisco 6509 switches linked together via single Fibre as a trunk.I want to change this to a port channel where I will add another 3 fibre ports to the port channel but what order do I do this to minimise any disruption.
1-Configure PortChannel and add the 3 new ports, this will bring up the Port Channel but what effect will this have on traffic currently going over the single Trunk link? Will spanning tree go mad, how will switches react?
2-Convert existing Trunk link to Portchannel then add in new ports to PortChannel, I guess in doing this there will be a small hit on traffic as it changes to a port channel.
View 2 Replies
View Related
Mar 20, 2012
I've been having a debate with a colleague about QOS COS values. My colleague says I need to use COS values across layer 2 trunk links between access layer switches and core switches. My argument is if phones are marking packets with DSCP values I don't need to be concerned with Cos.The reason I ask is we're implementing a new phone system, the ip phones will mark RTP traffic wih dscp value EF and Call signaling with DSCP value of CS3. If my understanding is correct I can trust the dscp values of the phones. We are using Cisco 4507 switches which I believe automatically trust dscp values so I would just need a class-map to match the dscp values and apply the output policy map on the egress interfaces as follows? [code]
View 3 Replies
View Related
Dec 6, 2012
can i have 4 links from an ESX server to 6500 , each link represents a trunk link carries each the same 2 VLAN , 100 and 101 , keep port-channel out of the picture , does it work well?
View 12 Replies
View Related
Oct 3, 2012
Is it possible to rate limit on a L2 trunk port on a 3750?
current port config and ios are as follows;
interface GigabitEthernet1/0/50
description *** Connection to Fiber Link ***
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,172
switchport mode trunk
end
flash:c3750-advipservicesk9-mz.122-46.SE.bin
i was wondering if the "srr-queue bandwidth limit 10" command would work to limit the output from this interface to be 10 % of the port bandwidth and then the same command could be done on the other side.
View 1 Replies
View Related
Jan 30, 2012
I have an all gigE 3560. I don't use the management FE0 port on the back. I was thinking to use that for a 100Mbps WAN connection.
Seems to work just fine when I plugged in an test. But I am not routing across that link yet as I still need to setup the far end.
Is there any reason this would not work? I would like to not burn a gig port if the max throughput of the circuit is 100Mbps.
View 1 Replies
View Related
Nov 13, 2012
I have a 3750 as a core and have a series of HP Procurve switches that are daisy chained using one port. I have two vlans on the port now (6 &9) and everything works fine, all switches communicate and end devices on the switches are also talking. There is a requirement to add a device towards the end of the chain which requires it to connect using Vlan1. Once I add Vlan1 to the port onthe 3750 I lose connectivity to all the HP switches.
View 4 Replies
View Related
Mar 27, 2013
I faced with a strange behavior of ME3600.For testing purposes I linked Cat3550 and ME3600 switches via trunk mode. All interfaces are in Up state. But I couldn't ping SVI200 of Cat switch from ME3600 and vice versa. [cde]
This scheme perfectly works with another L3 swithes. For example Catalist3750. I know that ME doesn't support VTP, DTP and so on. Also, I've tried latest software.
View 0 Replies
View Related
Mar 15, 2012
we have a scenario that consists of a Cisco 4507 series core switch with more than 20 vlans which is connected to a C2960G switch( in a nearby building) using a trunk by a fiber connection. Up to this point everyhting is fine . VTP domain is configured on the core switch and we have all of the 20 vlans present correctly on the edge 2960G wich is part of course of this same VTP domain.the fiber connection goes from core switch to a "in the middle location" where we have a fiber patch panel that is connected in a jumper style to another fiber patch panel going to the destination building where the C2960G sits.
Now imagine that Fiber connection from this middle location to the destination C2960 edge switch is down for any possible reason meanwhile the fiber connection from Core switch 4507 to the middle location is still intact.In the same time, in this middle location , we do have a wireless connection which links 1 Cisco 3750G switche ( a different infrastructure and different VTP domain) to another C3560G switch which sits on the same Room in the nearby destination building where we have the edge C2960G, An idea came to me is to connect one of the fiber port (core) in the intact fiber patch panel coming from Core switch 4507 TO an access vlan configured switchport in the 3750G switch ( this switchport will belong to a vlan designed only to trasmit the vlans on the trunk coming from 4507 core switch say VLAN 10) then connect one VLAN 10 access switchport to the destination C2960 edge switch ( the switchport on the c2960G is still a trunk)Will this solution work and all of the 20- 4507 core switch vlans arrive to the destination C2960G ? Or we do need something that tags the 2 VLAN 10 switchports like switchport dot1q tunnel like QinQ
View 2 Replies
View Related
Jun 6, 2012
I have several closets with Cisco 3560 on the edge that I'd like to change the vlan that's used for the management vlan on each. In the core I have a Cisco 6509 with Sup720's.
I'd like to do this by changing the native vlan on the trunk port on the core 6509 interface that connects to the 3560. and leave the management vlan on the 3560 as vlan 1.
Seems trivial but what I tried didn't work and I didn't have the window to troubleshoot. I'll paste the simplified configs for the interfaces below
!
6509 configs:
!
interface Vlan50ip address 172.16.50.2 255.255.255.0!interface FastEthernet
[Code]....
View 5 Replies
View Related
Feb 6, 2013
So I took a laptop with wireshark and plugged it into a nexus 5000 port that is configured as a trunk with 3 vlans allowed on it. The laptop was seeing all kinds of traffic on the wire, most of it was not involving my laptop.
For example: Server A VLAN 10= 10.10.10.1 Server B VLAN 20= 10.20.20.1 and wireshark laptop is plugged into a trunk port which is allowing those vlan's. The vlan's are routable.
10.10.10.3 is seeing the entire conversation when 10.10.10.1 backs up 10.20.20.1 even though it has no reason to see it. It is as if the trunk is spanning traffic to the laptop port. No span is setup however. It's really weird. This is not just broadcast traffic, but actual tcp taffic between Server A and B. Why would a trunk port see traffic between 2 other servers talking to each other on the vlan.
Trunk port configuration below:
Interface Ethernet 141/1/3
switchport mode trunk
switchport trunk allowed vlan 10, 20
View 5 Replies
View Related
Jan 20, 2012
I need adding a vlan to the trunks bundled in port channel. I know how to add v lans to a port channel with Cisco IOS but with CAT OS.
I have 2 ports bundled to form ether channel in switch which is running CAT OS. There are already few v lans allowed in the trunk of each interface. now I need to add one more v lan.
For Example:-
v lan 135 needs to be added in addition to the existing v lans.
clear trunk1/2 1-112,115,117-134,136-4094
set trunk 1/2 on dot1q 113-114,116,135
and similarly on the 2nd interface
so if I add vlan135 to the trunk one after another will it cause any service disruption?
View 3 Replies
View Related
Aug 15, 2012
I need to find out what is killing my Ethernet wan circuit urgently, It is a Ethernet trunk port with v lans tagged across it.
its a 3560x switch.
I configured span with the replicate keyword, but I'm not seeing all the traffic I'm sure.
I'm using wire shark.
Is there anything I can do to find what is causing this?
View 2 Replies
View Related
May 17, 2012
We had a core switch (Cisco 4503), distribution switches(Cisco 3750) and access switches in our network and consists of many vlans. Almost all vlans uses DHCP Pools. But for few vlans DHCP is not yet configured due to initial design poblems. Recently one of the rogue user in vlan 1 connected to one of the access switch send rogue arp packets to the network (suspecting arp packet with interface vlan 1 ip of core switch with wrong mac-address (gateway ip of vlan 1)) and resulted in a prolonged network outage for the vlan 1. Any way we are going to seggregate vlan 1 into different vlans, but before that we need a temporary plan to block such kinds of attack like enabling DAI in the switch. I have checked the DAI implemenation feasibility with my knowledge and found that it is not possible to configure to the access switches(Cisco 2960) in which the user directly connected. But found that Distribution switch connected to that particular access switch seems to be able to configure since DAI commands are available to configure in switch.
Is it possible to block ARP packets with the interface vlan 1 IP Address with rogue mac-address by configuring DAI in the above mentioned Distribution switch and the port connected to the mentioned access switch?
View 2 Replies
View Related
Apr 21, 2012
I am a fairly basic configs that I just can’t figure out what I am doing wrong. I have what I would consider a fairly basic config that I just can’t seem to get to work and I am sure it is something I am just not doing or grasping. Basically I have two 3560 switches that I would like to connect together with four 1Gb ports and trunk four vlans across said port-channel, I created the port-channel and set it to switchport trunk encapsulation dot1q I then set all four ports to channel-group # mode on. With that setup I can’t ping from switch to switch on the nonnative vlan.
View 6 Replies
View Related
Mar 7, 2012
I am looking into the possibility of using private vlan's for some dmz implementations however I do have what may be some very rudimentary questions. It seems straightforward how to configure the primary/secondary vlan configuration as well as associating them. However in my case I would be looking to configure the PVLAN on a 6500-vss platform acting as the router while all of the hosts which I would desire to have in the isolated vlan would be spread out across a number of older Cisco switches which only support "protected port" setup or Procurve switches all of which I do not have budget to replace with something newer. So in my scenario I would have a 6500 connected by trunk to multiple switches which only support a protected port setup such as a Procurve (top of rack) or a Cisco 2950. As the Procurve or 2950 would not support Private VLAN setup, do I then just configure the secondary vlan to be allowed across the trunk from the 6500, configure that vlan on the Procurve or 2950 (as vtp will not foward the info for the secondary vlan) and assign that vlan to the host port as well as setting it as a protected port and this will communicate just fine across the trunk to the router as well as stopping the protected port in top of rack switch 1 from being able to communicate to a protected port in top of rack 2,3,etc? If the above scenario is what needs to be done, do I just use a regular trunk or do I have to use a PVLAN trunk?
View 2 Replies
View Related
Feb 15, 2012
I'm trying to trace a host and I'm getting stuck at the port channel mac addresses. I need to find out where the server is connected to and the switch it lives on.
Please read below:
Step 1) Log into the core (MSFC): Code...
How do I find out where this physical server lives? I keep getting the mac for the trunk ports which is being used for all VLANs.
The server is hanging off some switch but I need to track it down to the last end.
View 1 Replies
View Related