Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Trunk and VLANS between switches

Björn Gam
Occasional Advisor

Trunk and VLANS between switches

Hello,

we're useing a trunk connection between our switches for transporting the vlans from switch A to switch B.

I add a static trunk at every switch for transporting the vlans. But it didn't get a proper connection.

Any idea? Or do you need our config?
Thanks....

Bjoern

14 REPLIES
RicN
Valued Contributor

Re: Trunk and VLANS between switches


Please show your config and the commands you use to set up the trunk.

How do you see that it is not a proper connection? What kind of errors are you experiencing?
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

I can't ping inside the VLAN from a device at switch A to a device at switch B. Yes, they're tagged connected.

Switch A:

Startup configuration:

; J4865A Configuration Editor; Created on release #G.07.107

hostname "Switch A"
snmp-server contact "ME"
snmp-server location "IT"
cdp run
mirror-port H20
no web-management
web-management ssl
no telnet-server
module 1 type J4908A
module 2 type J4862B
module 3 type J4862B
module 4 type J4862B
module 5 type J4862B
module 6 type J4862B
module 7 type J4862B
module 8 type J4862B
interface A1
name "SwitchConnection"
no lacp
exit
interface A2
name "SwitchConnection"
no lacp
exit
interface A3
name "WhatsUP"
no lacp
exit
interface F7
no lacp
exit
interface H20
no lacp
exit
interface H21
no lacp
exit
interface H22
name "Trunk-Port"
lacp Active
exit
(...)

trunk A1-A2 Trk6 Trunk
trunk A3 Trk1 Trunk
ip default-gateway 172.16.1.1
snmpv3 enable
snmpv3 only
snmpv3 user "initial"
snmpv3 user "snmp_user"
snmpv3 group ManagerPriv user "snmp_user" sec-model ver3
snmp-server community "SA_Og2_241" Unrestricted
snmp-server host 172.16.2.27 "public"
snmp-server host 172.16.2.41 "public"
vlan 1
name "DEFAULT_VLAN"
forbid F4-F6
untagged A4-A22,B1-B24,C1-C24,D1-D24,E1-E24,F7-F24,G1-G24,H1-H24,Trk1,Trk6
ip address 172.16.2.29 255.255.0.0
no untagged F1-F6
exit
vlan 4
name "VLAN1"
untagged F1-F4,F6
tagged F5
exit
vlan 7
name "Printer"
exit
vlan 5
name "Devel"
tagged F5
exit
stack join 001321199200
aaa authentication port-access eap-radius
radius-server host 172.16.2.100 key GEHEIM
radius-server host 172.16.2.105 key GEHEIM
ip ssh
aaa port-access authenticator active
spanning-tree Trk1 priority 4
spanning-tree Trk6 priority 4
password manager
password operator














Switch B:


Startup configuration:

; J4865A Configuration Editor; Created on release #G.07.107

hostname "Server-1000MBit (Mitte)"
snmp-server contact "Oliver Wollmann"
snmp-server location "IT"
time timezone 1
cdp run
no web-management
web-management ssl
no telnet-server
module 1 type J4908A
module 3 type J4908A
module 2 type J4908A
module 4 type J4908A
module 5 type J4862B
module 6 type J4862B
module 8 type J4862B
module 7 type J4908A
interface A1
name "SwitchConnection"

no lacp
exit
interface A2
name "SwitchConnection"
no lacp
exit
interface E3
no lacp
exit
interface E4
name "Trunk-Port"
no lacp
exit
interface E5
name "Trunk-Port"
exit
interface E6
name "Trunk-Port"
exit
interface E22
name "Trunk-Port"
exit
interface E23
name "Trunk-Port"
exit
interface E24
name "Trunk-Port"
exit
interface H11
no lacp
exit
interface G7
no lacp
exit
interface G10
name "Buero_Nummer_274"
no lacp
exit
interface G13
name "StorageLAN"
no lacp
exit
interface G14
name "StorageLAN"
no lacp
exit
(...)
trunk G13-G14 Trk1 Trunk
trunk G15-G16 Trk2 Trunk
trunk G17-G18 Trk3 Trunk
trunk A1-A2 Trk6 Trunk
trunk G19-G20 Trk4 Trunk
trunk E3-E4 Trk5 Trunk
ip default-gateway 172.16.1.1
no timesync
snmpv3 enable
snmpv3 only
snmpv3 user "initial"
snmpv3 user "snmp_user"
snmp-server community "SA_Og2_241"
vlan 1
name "DEFAULT_VLAN"
untagged A5,A13-A22,B1,B3-B15,B17-B22,C1-C10,C12-C22,D1-D22,E1-E2,E7-E24,F11,
F16-F17,F19-F23,G1-G9,G21-G22,H1-H4,H6-H24,Trk5-Trk6
ip address 172.16.2.30 255.255.0.0
no untagged A3-A4,A6-A12,B2,B16,C11,E5-E6,F1-F10,F12-F15,F18,F24,G10-G12,H5,T
rk1-Trk4
exit
vlan 3
name "Video"
untagged C11,F6,F13-F15,F18,F24
exit
vlan 10
name "Storage"
untagged A9-A12,G10-G12,Trk1-Trk4
exit
vlan 11
name "DMZ1"
untagged F7-F8
tagged F1-F5
exit
vlan 12
name "DMZ2"
untagged F9-F10
tagged F1-F5
exit
vlan 7
name "Printer"
untagged A6,E5-E6,F12,H5
tagged F1-F5
exit
vlan 5
name "Devel"
untagged B2
tagged A3-A4,A7-A8,B16,D4
exit
stack commander "Serverraum"
stack member 1 mac-address 001321e4b600
stack member 2 mac-address 0019bbc2b700
aaa authentication port-access eap-radius
radius-server host 172.16.2.100 key SECRET
radius-server host 172.16.2.105 key SECRET
ip ssh
aaa port-access authenticator active
spanning-tree Trk1 priority 4
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
spanning-tree Trk4 priority 4
spanning-tree Trk5 priority 4
spanning-tree Trk6 priority 4
password manager
password operator




Thanks,
Bjoern
RicN
Valued Contributor

Re: Trunk and VLANS between switches


Hello Bjoern!

From a quick view the trunk looks correct! From which VLAN do you try to ping one device from the switch A to B?
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

I was trying to ping from VLAN 5 (Devel VLAN) from switch A to switch B. At the client side: I added tagged VLAN ID: 5.

RicN
Valued Contributor

Re: Trunk and VLANS between switches


I do not see that you carry VLAN5 over the trunk-link, Trk6? If not, then the VLAN5 ports are isolated on the two switches.
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

So I have to add every VLAN of switch A to the trunk otherwise there is no connection?
RicN
Valued Contributor

Re: Trunk and VLANS between switches


Yes, all VLANs that you have on both switches must be included as tagged on the link connecting the two switches, in this case the Trk6-trunk.
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

okay....that's makes sense. So I add every VLAN to this trunk plus the untagged Default VLAN.

What do you think, is this a weekend job? Or is it also possible to do this job during office time.

Bjoern


RicN
Valued Contributor

Re: Trunk and VLANS between switches


You only need to add the VLANs that actually does exist on both side of the trunk, if you have some VLAN with ports only on switch B then you do not have do anything.

Adding the new VLANs to the trunk will not disturb any of your current operations, so it should be safe to do it during workhours.
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

So thanks for your support......and I hope the weather in sweden is better than in germany.

Bjoern
RicN
Valued Contributor

Re: Trunk and VLANS between switches


Hello Bjoern, I doubt it is.. very gray and rainy here. :)

Glad to be able to help!

(And if you want, you can attach points to posts that helped you out.) ;)

By the way, one more thing that is confusing regarding VLANs and trunks is, that if you have say VLAN 1,10 and 20 attached to port a1 and then make a trunk out of a1 and a2, then all VLAN configuration on a1 is removed, and you will manually have to re-enter it on the new "virtual" trunk port.
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

Hello,

at this weekend I was trying to add the VLAN(s) at our default trunk-connection between the switches, but it was not working so well. Some of our clients can't connect anymore to the "storage-vlan". And the strange thing all other clients can't connect to the default gw.

What I did? I add the the same VLANS (ID) to every switch and I added the VLANS to every trunk-connection between the switches. And I also changed some local trunk-groups at the switches. I removed for example the trunk group 4 and I added the two ports of trunk group 4 to trunk group 1 they were useing all the same VLANS and so I belived it's a waste of trunk groups.

Any idea?
Bjoern
André Beck
Honored Contributor

Re: Trunk and VLANS between switches

Hi RicN,

just to point out a pitfall:

> You only need to add the VLANs that actually
> does exist on both side of the trunk, if you
> have some VLAN with ports only on switch B
> then you do not have do anything.

While in theory this is perfectly true, there is a nasty surprise lurking when doing that in a Single Spanning Tree topology. SSTP establishes a "merged" topology that essentially is the same as the physical topology and will happily set links to forwarding where some of your VLANs are not tagged, while setting others to blocking where they are tagged. In an SSTP topology, it's best to use an all-or-nothing approach for VLAN tagging to prevent accidentally isolating partitions of some VLANs. Without PVST, the only other option is MSTP, but it's not the nicest option ;)

HTH,
Andre.
Björn Gam
Occasional Advisor

Re: Trunk and VLANS between switches

Oh I found my error....I was the reconfiguration of the trunk ports.

We're using four different trunk groups for our storage VLAN. And I removed one of the trkgrp and add it to a another trkgrp without disable the ports. So I create a broadcast storm.

Bjoern