Dynamic WDS Discovery over VLAN-Trunk

Similar Messages

• Implementing MPLS over VLAN trunk

  We are investigation the options of running MPLS between our two core switches (C6509 with dual Sup720s) with the aim of introducing MPLS VPNs. These two core switches are linked via a Layer 2 trunk in a collapsed backbone topology.
  Is it possible to create a point-to-point MPLS-enabled link between these switches on a VLAN interface between these switches, rather than an a dedicated physical port? It is anticipated that these two core switches will be PE routers (also acting as RRs, if required).

  Its possible to run MPLS on any media with IP configurable for it. So till you have IP reachbility on a media, you can run MPLS.
  As in your case you can very well run MPLS on an SVI reachable both sides over a trunk.
  But as a after thought, why do you want to do this, although its possible, why do you want to carry other vlans on the same trunk which also carrier the internconnect vlan for the PE's.
  HTH-Cheers,
  Swaroop

• SG200-08 VLAN-trunk setting ignored after reboot

  Hi all,
  The ports on my SG200-08 are configured as follows:
  Port 1; VLAN 1+4; trunk
  Port 2; VLAN 4; access
  Port3-8; VLAN 1; access
  The config for Port 1 looks as follows: "switchport trunk allowed vlan add 1,4". The problem I want to point out here arises right after rebooting the switch; in the running config, the aforementioned line is now present as "switchport trunk allowed vlan add 4", i.e., VLAN 1 is missing in the trunk. The problem is reproducible every time I reboot the switch. At this moment, I assume it to be a bug in the firmware. This is a problem for me, since the switch's management VLAN is 1 and it gets its IP address (DHCP) over VLAN 1 as well.
  I have attached my startup config to this thread, as well as the running config exported right after reboot. In both of them, I've sanitized the rows on user accounts.
  Does anyone recognize this problem? Any suggestions on how to fix it?

  Hi chrebert,
  Thanks for your answer. You're right in concluding the VLAN 1 is my default VLAN. The problem is that the switch should contact my DHCP server over VLAN 1 and since the traffic on port 1 is not tagged, the traffic DHCP request will never reach my DHCP server. As a consequence, the switch always ends up with its factory default IP address (192.168.1.254) instead of the IP address assigned by the DHCP server. And yes, that's a problem
  So to summarize, when I configure tagged access for VLAN 1 on port 1 and write this to the startup config, it is indeed present in the startup config afterwards. However, the switch ignores this upon reboot, causing VLAN 1 on port 1 to feature untagged access.
  By the way, I completely set up the switch from scratch after restoring the config to factory defaults. It would be great if you could try to reproduce the issue and hopefully come with a fix. In case you need more information, please don't hesitate to contact me.

• VLAN trunk via MPLS

  Is it possible to run a VLAN trunk (DOT1Q) from a Central site to a remote over a MPLS connection?

  You can do that either by using dot1q tunnelling or port based EoMPLS. For a description of these two features, please refer to the following document:
  http://www.cisco.com/en/US/products/sw/iosswrel/ps5013/products_feature_guide09186a0080088187.html
  Hope this helps,

• Routing over a trunk

  I have a packet tracer lab that i am using to learn my CCNA on. 
  I have 2 sites connected together by layer 3 switches and i cannot ping between the sites. 
  The trunk is vlan10 with addresses on each side of 1.1.1.1/30 and 1.1.1.2/30
  From each switch i can ping the other side.  
  I have some machines on 192.168.100.0/24 in Vlan 20
  and machines on the other switch on 10.0.10.0/25 Vlan 30
  From Vlan20 i can ping the local side of Vlan 10 and the same from Vlan 30 but i cant ping over the trunk. 
  Can anyone give me a hint as to why not?
  SWITCH 1
  version 12.2
  no service timestamps log datetime msec
  no service timestamps debug datetime msec
  no service password-encryption
  hostname ScunthorpeSwitch
  enable secret 5 *****
  ip routing
  interface FastEthernet0/1
  interface FastEthernet0/2
   switchport access vlan 20
   switchport mode access
  interface FastEthernet0/3
   switchport access vlan 30
   switchport mode access
  interface FastEthernet0/24
   switchport access vlan 10
   switchport trunk encapsulation dot1q
   switchport mode trunk
  interface Vlan1
   no ip address
  interface Vlan10
   ip address 1.1.1.2 255.255.255.252
  interface Vlan30
   ip address 10.0.10.253 255.255.255.0
  ip classless
  ip route 0.0.0.0 0.0.0.0 FastEthernet0/24 
  VLAN Name                             Status    Ports
  1    default                          active    Fa0/1, Fa0/4, Fa0/5, Fa0/6
                                                  Fa0/7, Fa0/8, Fa0/9, Fa0/10
                                                  Fa0/11, Fa0/12, Fa0/13, Fa0/14
                                                  Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                  Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                  Fa0/23, Gig0/1, Gig0/2
  10   FIRBELINK                        active    
  20   SHEFFIELD                        active    Fa0/2
  30   SCUNTHORPE                       active    Fa0/3
  40   SERVERS                          active    
  1002 fddi-default                     act/unsup 
  ScunthorpeSwitch#sho interfaces trunk 
  Port        Mode         Encapsulation  Status        Native vlan
  Fa0/24      on           802.1q         trunking      1
  Port        Vlans allowed on trunk
  Fa0/24      1-1005
  Port        Vlans allowed and active in management domain
  Fa0/24      1,10,20,30,40
  Port        Vlans in spanning tree forwarding state and not pruned
  Fa0/24      1,10,20,30,40
  SWITCH 2
  version 12.2
  no service timestamps log datetime msec
  no service timestamps debug datetime msec
  no service password-encryption
  hostname "Sheffield Switch"
  enable secret 5 **************
  ip routing
  username ***** password 0 ********
  no ip domain-lookup
  interface FastEthernet0/1
   switchport access vlan 20
   switchport mode access
  interface FastEthernet0/2
   switchport access vlan 20
   switchport mode access
  interface FastEthernet0/3
   switchport mode access
   shutdown
  interface FastEthernet0/24
   description FIBER BETWEEN SITES
   no switchport
   no ip address
   duplex auto
   speed auto
  interface Vlan1
   no ip address
  interface Vlan10
   ip address 1.1.1.1 255.255.255.252
  interface Vlan20
   ip address 192.168.100.250 255.255.255.0
  ip classless
  ip route 0.0.0.0 0.0.0.0 FastEthernet0/24 
  banner motd ^C
  ******* , Do Not Enter ******   ^C
  VLAN Name                             Status    Ports
  1    default                          active    Fa0/3, Fa0/4, Fa0/5, Fa0/6
                                                  Fa0/7, Fa0/8, Fa0/9, Fa0/10
                                                  Fa0/11, Fa0/12, Fa0/13, Fa0/14
                                                  Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                  Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                  Fa0/23, Gig0/1, Gig0/2
  10   FIRBELINK                        active    
  20   SHEFFIELD                        active    Fa0/1, Fa0/2
  30   SCUNTHORPE                       active    
  40   SERVERS                          active    
  Sheffield Switch#sho interfaces trunk 
  Port        Mode         Encapsulation  Status        Native vlan
  Fa0/24      on           802.1q         trunking      1
  Port        Vlans allowed on trunk
  Fa0/24      1-1005
  Port        Vlans allowed and active in management domain
  Fa0/24      1,10,20,30,40
  Port        Vlans in spanning tree forwarding state and not pruned
  Fa0/24      1

  You have no routing protocol running so the L3 switches only know about connected and static routes. The only static route you have is the default:
       ip route 0.0.0.0 0.0.0.0 FastEthernet0/24
  The interface you tell it to use is a L2 interface, so you're effectively not routing with that default. If you create an SVI (Layer 3 switched virtual interface) for each VLAN on all the switches (i.e. add interfaces for VLAN 20 on switch 1 and VLAN 30 on switch 2), it will work. also if you made the default route on each switch be the other switch's VLAN 10 L3 interface, that would also work.
  You could also setup actual routing like OSPF or EIGRP but that's outside the scope for CCNA practice.

• AirPlay discovery over Bluetooth in AppleTV 6.1?

  Has anyone got AirPlay discovery over Bluetooth, supposedly added to, AppleTV 6.1, working?
  Does it requires an iPhone 5 and/or an AppleTV (3rd generation)?
  I'm using an iPhone 4s with iOS 7.1  and an Apple TV (2nd gen) with 6.1:
  • AirPlay works fine if I put these two devices on the same Wi-Fi network
  But if I switch them to different networks (which are still IP connected though), the Airplay button does not get appear on my iPhone.
  • Bluetooth is enabled on both the iPhone and Apple TV 2.
  Several sites report AirPlay discovery over Bluetooth working between iOS 7.1 and AppleTV 6.1:
  • http://gadgets.ndtv.com/tv/news/apple-tv-61-update-brings-airplay-security-optio n-discovery-over-bluetooth-and-more-494249
  • http://forums.macrumors.com/showthread.php?t=1715142
  • http://www.iclarified.com/38998/you-can-now-airplay-to-the-apple-tv-in-environme nts-where-bonjour-is-blocked
  • https://jamfnation.jamfsoftware.com/discussion.html?id=9969

  Saito,
    • AirPlay mirroring works fine for me when both devices, AppleTV & iOS device, are on the same wireless network.
    • We are not trying to do AirPlay mirroring over Bluetooth.
  But my institutional network blocks the multicats used by the Bonjour protocol to disocver AirPlay receivers. To use AirPlay here, I must therefor set up an ad-hoc WiFI network and connect both the AppleTV and the iOS device to this network, for the Bonjour protocol to be successful and the AirPlay link to be displayed on the iOS device.
  The links I provided suggested that with iOS 7.1 and AppleTV 6.1, one could use bluetooth for discovery of the AirPlay receiver (and hence it's IP address.)  The actual AirPlay session would then routed from your iOS device to the IP address of the AppleTV. Bluetooth would not be used for the AirPlay traffic, just for the Bonjour discovery phase.
  However, I, like Randall G. Black - TIS, was unable to discover my AppleTV (2nd generation) over Bluetooth. I, like Randall G. Black - TIS, wonder if AirPlay-discovery-over-Bluetooth, in addition to requiring iOS 7.1 and AppleTV 6.1, may have other requirements? Perhaps it only works with the AppleTV (3rd generation)?

• Does the 8540 support VLAN Trunking

  I would like to VLAN trunk four VLANs(8540 bridge-groups) from an 8540 switch router to a Cat 5000. I have not seen in Cisco's documentation anything that indicates that the 8540 supports VLAN trunking.

  8540 supports both ISL and 802.1q VLAN trunking
  http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_1/pereg_1/quick_cg/layer3.htm#39775

• Encrypting vlan-trunk traffic between switches

  Hi,
  Can anyone guide me to some papers or other resources on how to encrypt traffic between 2 switches. The switchces will be connected with fiber and use dot-1q tagging. And I wan't to encrypt all of the trunked traffic.
  I was thinking of L2TP, but I haven't found any good description on how to implement this. I have two 3750 switches I thought I might use.
  Thanks for any input,
  Regards,
  Oyvind Mathiesen
  mnemonic
  Norway

  Hi,
  Thanks for the response. I had a look at MACsec and it looks good. I would have liked to employ something P2P though, to also limit the ammount of MAC addresses broadcasted on the "wire". But let me first give you an understanding of the task:
  We have two sites, connected via fibre and we want to create a VLAN trunk across and order to expand the broadcast domains to te other site.
  The IDIOT carrier, has a limitation on the number of MAC addresses they allow on the fibre service, 100.
  We also need to encrypt the datatraversing this connectivity.
  MACsec wuold work 100% exept the source and dstination MAC addresses are still sent (at least according to https://docs.google.com/viewer?a=v&q=cache:LEf2qOmYZyYJ:www.ieee802.org/1/files/public/docs2011/bn-hutchison-macsec-sample-packets-0511.pdf+&hl=en&gl=za&pid=bl&srcid=ADGEESgmAHXpDOY0RBAE-Rv1HDpu_C_gkeSPN4cv6NGgyP0M1aXVu0UqzCfxo8t_P41ep6J37k4OLKnjfp1M9hoTDHxY22WGz2h7yB7YRLyPvRUbGS8TICzvEMlG92xqbhy6RWFugmnj&sig=AHIEtbTfu0LQIJejdYidE6yzq4lpPifxjQ
  And that would cause me to eat into the 100 MAC limit.
  Ridiculous I know, but we are looking for an out-of-the-norm plan...
  Thanks

• Cisco VLAN Trunking Protocol Vulnerability

  I have got a cisco 2821 model router with a c2800nm-advipservicesk9-mz.151-2.T4 IOS, and was reported with 'Cisco VLAN Trunking Protocol Vulnerability'.
  Though the device is in server mode, I do not have any domain name or trunk port configured.
  Is my device really vulnerable? If yes, whats next?

  Hi Alex,
  for the trunk port on Catalyst on port GE 1/0/45, we need to enable the trunk and for on encapsulation dot1q because this catalyst model is ISL capable also and the SF300 working only with Dot1q Encapsultion
  The configuration on catalyst should :
  #config terminal
  #interface Gi 1/0/45
  # switchport encapsulation 
  #switchport trunk encapsulation dot1q
  #switchport mode trunk 
  #switchport trunk allowed vlan 101-103
  #spanning-tree portfast
  For SF300 the port trunk it looks fine but for the port where the PC should receive an IP address
  #interface fastethernet29
   #switchport mode access
   #switchport ccess vlan 103
  Please let me know after this configuration
  Thanks
  Mehdi
  Please rate or mark as answered to help other Cisco Customers

• VLAN Trunking and GVRP

  Decided we'd give the Cisco 300 series switches a try and see
  what we think about them compared to our Cisco Catalyst 2960 switches.
  I'm already stumped on setting up VLAN trunking between 4 switches. Do I have to manually setup all the VLAN's on each switch? I set them up on the first switch and was expecting GVRP would propagate them to the others like VTP.
  Denny

  Decided we'd give the Cisco 300 series switches a try and see
  what we think about them compared to our Cisco Catalyst 2960 switches.
  I'm already stumped on setting up VLAN trunking between 4 switches. Do I have to manually setup all the VLAN's on each switch? I set them up on the first switch and was expecting GVRP would propagate them to the others like VTP.
  Denny

• How many VLANs supported via MACsec VLAN-trunk link?

  Hi,
  Any one know how many VLANs maximum allowed across a MACsec link between two C6500 with Sup2Ts or between two N7K respectively?
  As far as I know, C3750X has limitation of 8 VLANs, according to
  •Cisco TrustSec enforcement is supported only on up to eight VLANs on a VLAN-trunk link. If there are more than eight VLANs configured on a VLAN-trunk link and Cisco TrustSec enforcement is enabled on those VLANs, the switch ports on those VLAN-trunk links will be error-disabled.
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg/trustsec.html
  Thanks,
  Cedar

  Hi,
  Any one know how many VLANs maximum allowed across a MACsec link between two C6500 with Sup2Ts or between two N7K respectively?
  As far as I know, C3750X has limitation of 8 VLANs, according to
  •Cisco TrustSec enforcement is supported only on up to eight VLANs on a VLAN-trunk link. If there are more than eight VLANs configured on a VLAN-trunk link and Cisco TrustSec enforcement is enabled on those VLANs, the switch ports on those VLAN-trunk links will be error-disabled.
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-0_2_se/configuration/guide/3750x_cg/trustsec.html
  Thanks,
  Cedar

• WRVS4400N VLAN trunking question

  Hi all,
  I just got a SRW224G4 today my main objective is to trunk 30 VLAN(s) to my WRVS4400N for interVLAN communication. So far I set G1 on my SRW as a trunk port and linked it to port 2 on my WRVS4400N (which is also set as a trunk).
  So far no good when I go into LAN settings I do not see an option wheree I can set DHCP addresses or gateways for these VLAN(s). Is this even possible with the WRVS4400N I meen if Linksys is going to provide a small business solution atleast their equipment should support VLAN trunking with each other.
  If anybody knows the solution to this please let me know.
  Cheers

  From what I know, although the WRVS4400N has support for port based VLAN setup, it does not give you the option to set different DHCP addresses for each of the 4 VLANS.

• SG200 vlan trunking?

  Hello,
  does SG200 supoort VLAN Trunking?

  Hello, I think there is support:
  I found this site too which shows how to configure it: http://lachlanmiskin.com/blog/2012/08/01/cisco-sg-200-08-trunking/
  Cisco's datasheet says it supports tagging 802.1q.
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps11229/data_sheet_c78-667827.html
  Hope this helps.
  Please rate useful posts and remember to mark any solved questions as answered. Thank you.

• VLAN trunking newbie SRW208MP to SRW2008MP

  Hello All,
  Just need a simple setup - 2 VLANs, a few ports each, on each unit, trunked together (ultimately on SFP module). Tried what seems to be right but (natch) not working. Just need simple guidelines to see where am going wrong. Thanks!

  OK, well, using that example, as well as another thread here (Cisco SLM224P
  VLAN TRUNKING), I reset and redid all the VLAN related settings.
  There are 2 subnets in play here -
  10.51.0.0/255.255.252.0 - VLAN 1 - Used as the Management VLAN.
  10.51.4.0/255.255.255.0 - VLAN 5 - A subnet for Wireless LAN POE connection and management.
  And 2 switches -
  198 is a SRW208MP, remote unit. will have single WAP and various devices.
  199 is a SRW2008MP, at head end near subnet(s) source. Will have up to 4 WAPs and the
  connections required to provide for both subnets.
  For purposes of discussion, the planned fiber SFP interconnect is being played by a copper trunk.
  Setups follow:
  198 VLANs-
  198 Port Setting-
  198 Ports to VLAN 1-
  198 Ports to VLAN 5-
  198 VLAN to Ports-
  Unit 2 - 199
  199 VLANs-
  199 Port Settings-
  199 Ports to VLAN 1-
  199 Ports to VLAN 5-
  199 VLAN to Ports-
  The configuration as posted does not provide the expected results.
  I am convinced I am overlooking something simple. Usually is!
  The net results are that the Management VLAN (1) is present and accounted for on both switches, but that could even be because they are acting as switches do.
  The VLAN 5, however, does not function at either end. The 'Local' switch, 199, shows traffic on the WAP ports but no traffic of any consequence is traversing and the WAPs are nonresponsive.
  Ditto Remote switch. Management VLAN yes, 5 VLAN no.
  Any suggestions greatly appreciated.

• Vlan trunk problem

  Hi,
  Im configuring a vlan trunk between 2 switches but I'm having a problem somehow.
  Switch 1 a Cisco 3750G n
  name: alrswcc00
  interface GigabitEthernet1/0/28
   description Uplink Alrswcc20
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1-30
   switchport mode trunk
  end
  Name: Gi1/0/28
  Switchport: Enabled
  Administrative Mode: trunk
  Operational Mode: trunk
  Administrative Trunking Encapsulation: dot1q
  Operational Trunking Encapsulation: dot1q
  Negotiation of Trunking: On
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 1 (default)
  Administrative Native VLAN tagging: enabled
  Voice VLAN: none
  Administrative private-vlan host-association: none
  Administrative private-vlan mapping: none
  Administrative private-vlan trunk native VLAN: none
  Administrative private-vlan trunk Native VLAN tagging: enabled
  Administrative private-vlan trunk encapsulation: dot1q
  Administrative private-vlan trunk normal VLANs: none
  Administrative private-vlan trunk private VLANs: none
  Operational private-vlan: none
  Trunking VLANs Enabled: 1-30
  Pruning VLANs Enabled: 2-1001
  Capture Mode Disabled
  Capture VLANs Allowed: ALL
  Switch 2 a Cisco 2960S
  name: alrswcc20
  interface GigabitEthernet1/0/25
   description Uplink Alrswcc00
   switchport trunk allowed vlan 1-30
   switchport mode trunk
  end
  Name: Gi1/0/24
  Switchport: Enabled
  Administrative Mode: trunk
  Operational Mode: trunk
  Administrative Trunking Encapsulation: dot1q
  Operational Trunking Encapsulation: dot1q
  Negotiation of Trunking: On
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 10 (Inactive)
  Administrative Native VLAN tagging: enabled
  Voice VLAN: none
  Administrative private-vlan host-association: none
  Administrative private-vlan mapping: none
  Administrative private-vlan trunk native VLAN: none
  Administrative private-vlan trunk Native VLAN tagging: enabled
  Administrative private-vlan trunk encapsulation: dot1q
  Administrative private-vlan trunk normal VLANs: none
  Administrative private-vlan trunk associations: none
  Administrative private-vlan trunk mappings: none
  Operational private-vlan: none
  Trunking VLANs Enabled: 10,20,30,40
  Pruning VLANs Enabled: 2-1001
  Capture Mode Disabled
  Then lastly on switch 2 I created a port for an Ubiquiti access point with following settings.
  interface GigabitEthernet1/0/24
   switchport trunk native vlan 10
   switchport trunk allowed vlan 10,20,30,40
   switchport mode trunk
  end
  But my AP doesn't seem the get an IP. Where as if I plug it in on Switch 1 it does with the same settings.
  So I am assuming there is something wrong with my trunk. What am I doing wrong?
  Thank you,
  Michael

  Here are a couple of observations:
  1.  The switchport trunk encap dot1q command was not applied on the 2960 because 802.1q trunking is the default.  The 2960 series switches do not support ISL encapsulation, as the OP observed.  There is, therefore, no need to manually specify the trunking protocol.  The show int g1/0/24 switchport command confirmed that trunking is working.  I find the show int g1/0/24 trunk command to be more informative in this context.  It tells you what VLANs are active and trunking between the connection.
  2.  You do need to define VLANS 2-30 on your second switch. You can do so manually or you can configure VLAN Trunking Protocol (VTP).  VTP is your easiest bet.  Example config:
  Switch 1
  sw1(config)# vtp mode server
  sw1(config)# vtp version 2
  sw1(config)# vtp domain MY_DOMAIN
  sw1(config)# vtp password MySecret
  Issue a show vtp status  in priv exce mode to very your settings.
  Switch 2
  sw2# show vtp status
  Do this command FIRST and make sure that the configuration revision number is smaller than the revision number of SW1.
  VTP Operating Mode                : Client
  Maximum VLANs supported locally   : 255
  Number of existing VLANs          : 25
  Configuration Revision            : 174
  If config revision on SW2 is greater than config revision of SW1, then issue following command:
  SW2(config)# vtp domain bogus
  SW2(config)# vtp domain MY_Domain
  SW2(config)# do show vtp status
  Your config revision should go back to zero.
  Now issue the same commands on SW2. 
  SW2(config)# vtp version 2  (pretty sure that is default, but I issue it anyway)
  SW2(config)# vtp mode client (means you cannot define VLANs on this switch.  Most admins prefer that only one switch be capable of creating VLANs).
  SW2(config)# do sh vtp status
  The config revision was important because injecting a switch into your network that has a higher VTP revision can overwrite your existing VLAN database.  If that happens, chances are that most of your network traffic will cease to function as all of your access ports will be in a VLAN mismatch mode.