Dot1q on 2611 4

[JOAMON]

When I try enabling dot1q on a 2611 it will not communicate with the switch and/or anythig. Below is config. Used identical setup on 1841 and works great. Is there something special on a 2611 that needs to be anabled for this to work?

Switch
interface FastEthernet0/7
switchport mode trunk
switchport nonegotiate
speed 10
duplex full
mls qos trust cos
macro description cisco-router
spanning-tree portfast trunk
spanning-tree bpduguard enable

Router
interface ethernet0/1
no ip address
no ip route-cache
full-duplex
interface ethernet0/1.1
encapsulation dot1Q 1 native
ip address 192.168.26.28 255.255.255.0
no ip route-cache
no snmp trap link-status

IP of vlan 1 on switch is 192.168.26.34 255.255.255.0

 

[gwildfire]

only Certain IOS's Support the 802.1Q on the onboard Ethernet ports on the 2610,11 and 12. I cant seem to find the exact document but I know from my own 2610's that it needs to be atleast 12.1 and must have the Plus feature set (S).
I know the native keyword was then added later as I had to upgrade from 12.1(8)T to a 12.2 release.




Visit

http://www.Cisco-Engineer.com

for free Cisco rack access.

 

[JOAMON]

Have the following so should not be the problem:
System image file is "flash:c2600-ik9o3s3-mz.123-13.bin"
IP/FW/IDS PLUS IPSEC 3DES BASIC

 

[leedsit]

Out of interest you sure your ethernet interface on your Router supports full duplex????

LEEroy
MCNE6,CCNA2,CWNA, Project+, CCSA

 

[leedsit]

is the default native VLAN on your switch 1??? Is vlan allowed to drunk over the interface?

LEEroy
MCNE6,CCNA2,CWNA, Project+, CCSA

 

[JOAMON]

It does in fact support full duplex but only speed of 10. Yes native VLAN on switch is 1. As stated earlier this exact config when used with an 1841 works flawlessly. But when applied to the 2611 it does not work. Only aspect that does function on the 2611 is the layer 2 CDP ability to actually see the switch and for the switch to see the router.

 

[leedsit]

Hi...

Check out....

http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_example09186a00800949fd.shtml

LEEroy
MCNE6,CCNA2,CWNA, Project+, CCSA

 

[JOAMON]

The configuration is how it should be. That link only shows configs for routers with fast etherent ports. When I remove the ip address from the sub interface and apply it to e0/0 I can ping everywhere. It seems to me that there appears to be a problem with this chassis when trying to route from the sub interface.

 

[leedsit]

Must admit the config looks good..... Can run a show interface x/x switchport and show interface x/x trunk on your switch and post the details... also any other config info you have.... such as switch model??? I`ll lab this up in the morning and have a play...

LEEroy
MCNE6,CCNA2,CWNA, Project+, CCSA

 

[JOAMON]

The pertinent parts of each device config as posted above....everything else is just the usual stuff. Router is 2611 w/System image file is "flash:c2600-ik9o3s3-mz.123-13.bin"
IP/FW/IDS PLUS IPSEC 3DES BASIC
Switch is WS-C2950-24 w/c2950-i6q4l2-mz.121-22.EA5a.bin

CDP output from router:
Device ID: 2950
Entry address(es):
IP address: 192.168.26.34
Platform: cisco WS-C2950-24, Capabilities: Switch IGMP
Interface: Ethernet0/0, Port ID (outgoing port): FastEthernet0/7
Holdtime : 123 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA5a, RELEASE SOFTWARE
(fc2)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Fri 16-Sep-05 15:18 by antonino

advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=0A1266C
000020004010223FF000DBC8203C000137F1266C0020000
VTP Management Domain: ''
Native VLAN: 1
Duplex: full

CDP from switch:
Device ID: 2611
Entry address(es):
IP address: 192.168.26.28
Platform: cisco 2611, Capabilities: Router
Interface: FastEthernet0/7, Port ID (outgoing port): Ethernet0/0.1
Holdtime : 135 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IK9O3S3-M), Version 12.3(13), RELEASE SOFTWARE (f
c2)
Technical Support:

http://www.cisco.com/techsupport

Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Thu 10-Feb-05 02:12 by ssearch

advertisement version: 2
Duplex: full
Management address(es):





2950#sh int f0/7 switchport
Name: Fa0/7
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
2950#sh int f0/7 trunk

Port Mode Encapsulation Status Native vlan
Fa0/7 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/7 1-4094

Port Vlans allowed and active in management domain
Fa0/7 1

Port Vlans in spanning tree forwarding state and not pruned
Fa0/7 1

 

[JOAMON]

The config posted above shows ethernet 0/1.1 but I changed and began using e0/0.1. All listing since that first post are correct.

Output from router subinterface:
2611#sh int e0/0.1
Ethernet0/0.1 is up, line protocol is up
Hardware is AmdP2, address is 0001.96f9.46e0 (bia 0001.96f9.46e0)
Internet address is 172.18.26.29/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never

 

[JOAMON]

2611#sh int e0/0.1
Ethernet0/0.1 is up, line protocol is up
Hardware is AmdP2, address is 0001.96f9.46e0 (bia 0001.96f9.46e0)
Internet address is 192.168.26.28/24 ******corrected*****
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never

 

[vipergg]

We had some strange problems like this once and I just created a second subinterface with the same info and deleted the first sub and everything worked fine . Know it sounds weird but it worked .

 

[jneiberger]

Ah, I know this problem. It's a bug. I ran into this on our 2620s a couple of years ago. With this image, you need to put the configuration for your native VLAN directly on the ethernet interface. Only put non-native VLANs on subinterfaces.

This was fixed in later releases.

 

[JOAMON]

Tried something similiar to that in that I applied the ip address to the ethernet interface and removed ip from subinterface for native vlan and it connected. Only thing is the ethernet interface will not accept encapsulation dot1q command...only subinterface will. So are you say that just for native vlan put the ip info on th ethernet and then any other subinterfaces just do as normal?

 

[jneiberger]

Don't use the encapsulation command on the major interface, just the IP address. The problem is that the router is expecting the native VLAN to be tagged even though it should be untagged. It will send packets untagged, as I recall, but it doesn't understand untagged return packets. The only way to resolve this is to put the native VLAN config on the major interface which forces the traffic to be untagged and also stops the router from expecting tagged native VLAN traffic.

This was fixed pretty soon after it appeared but I don't recall in which release.

 

[JOAMON]

Have 12.3(13) on the thing...will try to load the newest one possible and see what gives. If same problem maybe they never updated the problem for that old chassis and just fixed the newer models. Will post results tomorrow.

 

[jneiberger]

It was fixed in 12.2. I wonder if they accidentally reintroduced it in 12.3? That would be pretty amusing.

 

[JOAMON]

I thought of that......I went backwards before I left work and loaded an old 12.2(8something) and still had the same issue.

 

[jneiberger]

Weird. I wonder if this was actually in 12.1. Did they add dot1q in 12.1? I don't remember. I just know that I used to have this problem and I had to open a case with TAC to show them what was happening. The next IOS release contained a fix.