I have a 1534 and a 1234 PoE connected together with two SFP ports in a port-channel. I have a number of vlans, one is a admin vlan that all my equipment is connected to for admin. All my switches and servers use a address on that vlan instead of a address on the main network for admin access only. I have GVRP over trunks and 7 switches/router using port-channels (2 ports a piece). Everything is fine except for one link between my backbone switch (the 1534) and one of my 1234PoE switches. On the 1234 when I go to port-channel-1 (the channel to the 1534) all the vlans are on the bottom as a member, but when I go to the 1534 and go to the same place, it only will show two vlans and the admin one is not there. I cannot communicate with the 1234. In order to re-establish the communication, I have to connect a terminal to the 1234, setup a port to be on the admin vlan (1000) and plug a computer into it. (normally there are no ports configured for that vlan, its only in the vlan list with a ip address configured.) and then all of a sudden that vlan appears in the list in the 1534 for that port channel and I can communicate with it. On all the other port channels, there are 5 going to other servers and switches, all the vlans are in the lists. After a while that vlan drops off the list and I have to do it over again to get access. I have verified the port-channel settings and they are the same for all port channels in all switches. Any idea's? - Thanks! - Jeremy
Log in to the switch and manually create the VLAN, then save it
sw(config)# vlan 1000
sw(config-vlan) exit
sw(config) end
sw# wr mem
I have to re-create it even though its in my startup-config?
......
!
vlan 1000
name "Administration VLAN"
......
!
interface vlan 1000
description Administration VLAN
ip address 198.18.55.2 255.255.255.240
no shutdown
!
!
.......
These lines are in all the switches startup-config (with a different last octet in the ip address) and only one switch is loosing its connectivity. I can email you the topology along with the configs for all the switches if that will help. - Jeremy
No, you shouldn't need to create it manually if the vlan is in the startup, and shows when you do a "show vlan".
Creating the interface "interface vlan 1000" doesn't create the vlan itself so you need to touch "vlan 1000". Only if you want to route to it do you need "interface vlan 1000". The VLAN should exist on intermediate switches as well even if they have no physical interfaces in the VLAN.
Verify that 1000 shows up in a "show vlan" on every switch in the mesh.
Oooh, new idea and it could be tricky.
Map out your spanning-tree. See if the path between the MAC addresses of the two nodes that fail go through any switch that doesn't have "1000" in its VLAN table or in the trunk allow lists, during the breakage. "Show interface vlan" should show 1000 as up.
It is strange that now, when I have a port actually programmed for vlan 1000 although there is nothing plugged into it, it has not failed yet. I will reassign that port for vlan 1 again and see what happens. - Jeremy
When you reassign the port to a different VLAN, if it fails again do a "show vlan". I think you'll find 1000 missing. Manually add it as I recommended and your problem should go away as long as it is allowed on all of the trunks between source and destination.
Also check spanning-tree topology as the path the frames take from A to B may not be what you think it is.
May have something with the spanning tree, I have noticed my root is not the switch I would like to be root. How do I set the root without taking my network down since I have IP phones on it? Can I set the tree manually? - Jeremy
kb9mfd wrote:
May have something with the spanning tree, I have noticed my root is not the switch I would like to be root. How do I set the root without taking my network down since I have IP phones on it? Can I set the tree manually? - Jeremy
spanning-tree priority 4096
on the device you want to be the root bridge should do it for conventional spanning-tree. It may affect traffic for about 60 seconds so best to do it after hours.