3548 and Gigastack - adding more switches 2

[58sniper]

Greets -

Been a while since I've done much with Cisco hardware....

I have 6 WS-C3548-XL-EN switches, connected via GBICs. All is well. I need to add a couple of more, and want to connect them via GBIC as well. My question is - what do I need to do, other than physically connect them? Any configuration?

I have the Cisco Network Assistant, and it does show the existing units.

Any help/comments/links would be greatly appreciated.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[enzo288]

You need to configure trunking on the g0/x int. You can use either dot1q or the Cisco default ISL as the form of encapsulation. i.e.

conf t
int g0/1
switchport mode trunk
switchport trunk-encapsulation dot1q -or- ISL

Check the configuration of the other switches and of course configure them for the proper VTP domain.

CCNA, CCDA, CCNP, CCDP, almost CCIE

 

[58sniper]

I've looked at the config on some of the others, and none have the trunking enabled on g0/1 or g0/2

Is that for VLANs?

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[58sniper]

Anyone?

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[chieftan]

Trunking is only normally required if you are utilising more than 1 VLAN.

For mixed equipment use 802.1q (ISL is Cisco proprietary only and is old).
The packets get tagged on Egress from the trunked port so that more than one VLAN can traverse the link.

For any switch to switch links ensure that both ends are configured the same or you will have issues.

 

[58sniper]

Okay - so if I'm using all Cisco 35xx switches, I should use trunking on each of the g0/x ports to make sure that my VLANs can traverse all switches, correct? Is there a disadvantage to using 802.1q vs. ISL in an all Cisco network?

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[vipergg]

If you are going to need more than 1 vlan to traverse links between your switches then you would have to trunk whatever vlans you want to run over those links . If you need for devices on different vlans to talk to one another then you will need to implement a router or a l2/l3 switch into the picture...

 

[58sniper]

I don't need routing between the VLANs. Essentially, I'm creating a DMZ VLAN for some public Access Points in a cafe area of our campus. Those APs will connect to our existing 35xx series switches on a DMZ VLAN, and go all the way back to our datacenter, where they will go through a separate firewall and Internet connection.

Anyways, I attempted to configure trunking by using
switchport mode trunk
on the first two 3548s, I got it configured. On three others, as soon as I entered the command and pressed enter, I lost communications with my telnet session to the switch, and the switch shutdown g0/1 (the port I was configuring). When I power cycled the switch, it was ok. But attempts again at configuring it caused the same problem again. I was able to configure it via Console, but still had the same problem with g0/1 not allowing anything on it. I ended up removing the config from all the switches.

I'm going to check the IOS versions on each of the switches tomorrow to see if there is a mismatch.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[chieftan]

Are the switches cascaded?

i.e lan --> switch --> switch --> switch --> lan

If they are, can you only telnet to the two "lan" switches?

This could be a commander and slave issue......

 

[58sniper]

No - these are all connected via GBIC. I have all switches in place, in a GigaStack, with working GBICs. I did check the IOS, and there are some differences. I'm having a problem finding a source of the updated IOS since I don't have the correct type of Cisco account.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[chieftan]

Okay, is it possible for you to actually put the switch topology on here :-

It sounds like there may be a spanning tree issue of some description going on, but I need to see the topology first.

 

[58sniper]

|--3524 via fiber
|--3524 via fiber
|--2950 via fiber
|
|
3550
|
|--3548 via fiber to above
|--3548 via GBIC
|--3548 via GBIC
|--3548 via GBIC
|--3548 via GBIC
|--3548 via GBIC
|--3524 via GBIC (goes back up to top 3548 to complete gigastack)

Everything shows up in CNA fine. In fact, a screenshot:

http://innervation.com/crap/kcc_cna_screenshot.jpg

So far, I've only been concentrating on the 3548s in the lower left of the screenshot.

Pat Richard, MCSE MCSA:Messaging CNA
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[chieftan]

Given the topology information, I would suggest that you check the spanning tree configuration.

You may need to control the output and which routes to use so that spanning tree does not shut down the required ports.

You will need to make a spanning tree root bridge (give it a value of 8192) the default value of the STRB is 32768. The master bridge will always be the one with the lowest value. The rest of the bridged network will need to be set up on a cost / bandwidth (similar to OSPF) system. Take a look at the following documentation for this:-

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/config/spantree.htm

It's an in depth document but have a look at it.

This is definately a spanning tree issue.

Hope it helps.

 

[58sniper]

Okay - I finally got around to looking at this again, and I must be missing something here.

I set a switch as the root of the spanning-tree using
spantree vlan 1 root
spantree vlan 2 root
and it appears that all other switches know that it's the root. If I do a "sh span" on that switch, I get:

3550MDF#sh span

VLAN1 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 24576, sysid 1, address 0009.b734.1780
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree[/color red]
Topology change flag set, detected flag set
Number of topology changes 475 last change occurred 00:02:13 ago
from GigabitEthernet0/9
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Timers: hello 1, topology change 11, notification 0, aging 15

Port 1 (GigabitEthernet0/1) of VLAN1 is forwarding
Port path cost 4, Port priority 128, Port Identifier 128.1.
Designated root has priority 24577, address 0009.b734.1780
Designated bridge has priority 24577, address 0009.b734.1780
Designated port id is 128.1, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 1611603, received 334

Port 2 (GigabitEthernet0/2) of VLAN1 is forwarding
Port path cost 4, Port priority 128, Port Identifier 128.2.
Designated root has priority 24577, address 0009.b734.1780
Designated bridge has priority 24577, address 0009.b734.1780
Designated port id is 128.2, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 1610089, received 33

Port 3 (GigabitEthernet0/3) of VLAN1 is forwarding
Port path cost 4, Port priority 128, Port Identifier 128.3.
Designated root has priority 24577, address 0009.b734.1780
Designated bridge has priority 24577, address 0009.b734.1780
Designated port id is 128.3, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 9
BPDU: sent 1611910, received 270

Port 4 (GigabitEthernet0/4) of VLAN1 is forwarding
Port path cost 4, Port priority 128, Port Identifier 128.4.
Designated root has priority 24577, address 0009.b734.1780
Designated bridge has priority 24577, address 0009.b734.1780
Designated port id is 128.4, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 1468226, received 14

Port 9 (GigabitEthernet0/9) of VLAN1 is forwarding
Port path cost 4, Port priority 64, Port Identifier 64.9.
Designated root has priority 24577, address 0009.b734.1780
Designated bridge has priority 24577, address 0009.b734.1780
Designated port id is 64.9, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 97326, received 1512401


Port 9 has a lower priority based on my network layout - I figured that was the best choice (

http://innervation.com/crap/kcc_cna_screenshot.jpg

for a layout - port 9 feeds everything below it in the image).

On 3524MDF6, I'm able to enable the trunking, and create the VLANs and assign ports. However, when I go to the next switch, 3548MDF5, as soon as I issue
switchport mode trunk
I lose my connection to that switch. The only way to get it back is either power cycle, or connect via console and remove that option. The same applies to the two switches after that - 3548MDF4 and 3548MDF3. I stopped testing after getting to that point.

If I do a "sh vtp status" on the switch that does work, I see

3524MDF6#sh vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 254
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : kcc
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xDF 0x2D 0x26 0x4D 0xE6 0x86 0xDB 0xE1
Configuration last modified by 192.168.1.10 at 9-30-06 20:21:11
3524MDF6#

Compared to one that doesn't

3548MDF5#sh vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 254
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : kcc
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x08 0xC5 0xAE 0xD9 0x37 0x9C 0x97 0xEF
Configuration last modified by 192.168.1.9 at 9-30-06 20:04:36
3548MDF5#

What else should I be looking for? A grown man is about to cry!

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[58sniper]

I should add that the IOS on all of the switches was upgraded to the same version.

Pat Richard, MCSE MCSA:Messaging CNA MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[58sniper]

Anyone?

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[jdeisenm]

Why is the IP address of VTP server different?
Is the vtp password correct on the failed switch?
"sh vtp password"
Do you have more than one device configured as a vtp server?

 

[58sniper]

Just one as the vtp server. The rest are clients. I've reset the vtp password on all of the switches, but I'm remote right now, so I'll test tomorrow when I'm at the church.

BTW - I couldn't do a "sh vtp password". That command wasn't available.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt

 

[jdeisenm]

Note the different ip address in your sh vtp status output.

Configuration last modified by 192.168.1.10 at 9-30-06 20:21:11
3524MDF6#
------------------
Configuration last modified by 192.168.1.9 at 9-30-06 20:04:36
3548MDF5#
==================

Which one is the right vtp server?

 

[58sniper]

.10 is the correct VTP server.
.9 is one of the switches having the problem. I just verified that .10 is the only one set as a VTP server, and just reset the VTP password on all of the devices to make sure they were the same.

I did notice that some report the last modified as 0.0.0.0, and some list their own address (as in .9)

Still having the same problem, though.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -

http://www.ietf.org/rfc/rfc2821.txt