VLAN Tagging ESW-540 and 3750g

Similar Messages

• ESW 540 and Ether Channels

  We are trying to configure Ether Channels on our ESW 540 switches. We have configured the port(s) and made the physical connections but the Ether channel is only showing up at 1000M. It is my understanding that the port should be displaying at 2000M if configed with one pair of ports. Are there any other settings that need to be completed?
  Thank you,
  Brock

  Is this forum inactive? Do I need to supply more information? Is this question not able to be answered?

• VLAN ESW-540

  Hi,
  I have a new switch ESW-540 24-port, I upgrade firmware to 2.1.19.
  I build 2 VLAN for 2 networks: VLAN 2 and VLAN 3 . I don't use the default VLAN 1.
  This is my configuration:
  port e1 and e2 : ACCESS PORT on UNTTAGGED VLAN 2
  port e3 and e4 : ACCESS PORT on UNTTAGGED VLAN 3
  port e1,e2,e3,e4: EXCLUDED VLAN 1
  port e24: TRUNK PORT with UNTAGGED VLAN 1 and TAGGED VLAN 2 and VLAN 3
  Communication (ping) between e1 and e2 --> OK
  Communication (ping) between e3 and e4 --> OK
  Communication (ping) between e1,e2 and e24 --> NOK  :-(
  Communication (ping) between e3,e4 and e24 --> NOK  :-(
  Communication (ping) between e5,e6,e7,.... (VLAN1) and e24 --> OK
  Communication (ping) between e5,e6,e7,.... (VLAN1) and VLAN2, VLAN3 --> NOK - It's correct.
  Any special configuration on e24 trunk port ????
  Can you help me ???
  Thanks,

  Hi Albert,
  Bit concerned about your testing process.  You have proved that untagged switch ports in vlan 1 can communicate with e24.  that makes perfect sense.
  What what are you using (connected on e24 )  to check for tagged packets egressing out of E24 from PCs connected on  vlan 2 and vlan 3.  This testing device you are using must be vlan aware.
  The switch port 24 must be connected to a VLAN aware router or layer 3 switch  that is trunked for ;
  vlan1 untagged
  vlan2 and vlan3 tagged.
  So that routing can occur between vlans.
  regards Dave

• How do I get the IP address off my 3 esw 540's they are already bolted up and mounted?

  New IT Manager, prior IT staff did not document anything I have identified all routers and switches so far except the 3 ESW 540's throughout the building the issue is they are already bolted up in place and in use I cannot find a console port and need the ip addresses to add them to my Configuration Professional Community.

  Hello,
  There are a few ways we may be able to locate the IP for those switches.
  The easiest option would be to download and install Cisco FindIT, that does work with the ESWs, assuming Bonjour hasn't been disabled on them.
  That however only seems to work if you are in the same subnet as the management IP of the switch, I tested it a bit here in my lab.
  You can also try getting into another Cisco device that is connected to those ESWs and try looking at the CDP neighbors, although I am not sure this would show you the management IP address (it does not on SG200s, although I do remember seeing that before on some Catalysts)
  Another option would be to use some sort of IP scanner, but again that depends on you being in the correct VLAN when you run the scan.  You may also need to know the MAC address of the switch to make this useful. 
  One other thing to note is that the ESWs do not support CCP.  They use a similar but different program called CCA (Cisco Configuration Assistant).  This may also be able to discover the device for you, but one again you would probably need to be in the management VLAN.
  Having said all of that, your best bet may be to just get a console cable in there somehow.  It is on the back of the switch, on the opposite side from the power cable.  It is not a console port like on the enterprise switches, but rather a standard serial port. Of course, you will still need to know the username and password to get into them, so you may end up having to reset the switch to factory defaults regardless.
  Hope that helps, and good luck getting into them,
  Christopher Ebert - Advanced Network Support Engineer
  Cisco Small Business Support Center
  *please rate helpful posts*

• Span & wireshark to see p-bits and vlan tags

  Problem:
  I do not see 802.1Q tags nor do I see p-bits (COS) in my wireshark captures. My setup is not working and I have no way to verify (sniff) that the 6509 is setting the p-bits to 3. I need to see them to troubleshoot effectively. Help!
  Setup:
  I am port mirroring off of my 6509. Port 1/16 should be tagging and setting the p-bits to a value of 3. How can I confirm?
  interface GigabitEthernet1/16
  description DonkX
  no ip address
  load-interval 30
  mls qos cos 3       ! I've tried my tests with and without this command
  mls qos cos trust      ! I've tried my tests with and without this command
  switchport
  switchport access vlan 941
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 941
  switchport mode trunk
  no cdp enable
  end
  sho mon
  Session 1
  Type                   : Local Session
  Source Ports           :
      Both               : Gi1/16
  Destination Ports      : Gi8/47
  Port G1/16 is the GE uplink to DonkX
  Port G8/47 is the Windows 2003 Server with wireshark.
  Port G8/9 is my RH4 Linux box with TCPdump.
  Steps taken to resolve the problem:
  I have followed this document to set this up correctly on my windows box with a Intel Proset 1000MT. I have updated the drivers and made the registry changes with no captures showing tagging/cos information.
  http://www.intel.com/support/network/sb/CS-005897.htm
  Regardless of my settings, this document says I shouldn't have to worry about drivers:
  http://wiki.wireshark.org/CaptureSetup/VLAN
  "You'll definitely see the VLAN tags, regardless of what OS the independent system is running or what type of network adapter you're using."
  Details:
  I am testing a new GPON access product (DonkX) that uplinks via GigE using trunking and setting p-bits. To prioritize my video the new DonkX sets the p-bits to 3 and it instantly ceases that traffic. I have only unidirectional traffic at this point so I can no longer arp, icmp, ftp, tftp, noth'n. The 6509 sends back a response to DonkX but I believe it is dropped because the p-bit is not set to 3. If I remove the priority from 3 to 0 on the DonkX system then it works correctly but without QoS of course.
  -JGR

  Alright, the saga continues. I saw tagged frames last week but began troubleshooting again this morning and can't see tagged frames!
  If I remove the span then I can see tagged traffic on g8/47 (Windows 2003 Server 802.1q not configured on NIC). If I turn on monitoring I see no tagged traffic. I also tried this on a laptop running Fedora 12 (on g8/47) and had the same results. Any ideas?
  I've mirrored another trunk port that is in production passing tagged traffic to an 3560 trunked and going to an ASA. The port to the 3560 and ASA (g3/7) requires tagging and works properly; however, I cannot see tags on this port either. Do you see anything obvious here or is this looking like a tac case?
  interface GigabitEthernet1/16
  description DonkX
  no ip address
  load-interval 30
  switchport
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 941
  switchport mode trunk
  no cdp enable
  end
  interface GigabitEthernet8/47
  no ip address
  switchport
  switchport trunk encapsulation dot1q
  switchport mode trunk
  no cdp enable
  end
  conf t
  no mon sess 1
  mon sess 1 sourc int g1/16
  mon sess 1 dest int g8/47
  sho mon
  Session 1
  Type                   : Local Session
  Source Ports           :
      Both               : Gi1/16
  Destination Ports      : Gi8/47
  Unit details:
  WS-C6509 Version 12.2(18)SXD4
  NAME: "1", DESCR: "WS-X6516A-GBIC SFM-capable 16 port 1000mb GBIC Rev. 4.2"
  PID: WS-X6516A-GBIC
  NAME: "8", DESCR: "WS-X6748-GE-TX CEF720 48 port 10/100/1000mb Ethernet Rev. 2.3"
  PID: WS-X6748-GE-TX
  NAME: "6", DESCR: "WS-SUP720-BASE 2 ports Supervisor Engine 720 Rev. 3.1"
  PID: WS-SUP720-BASE
  NAME: "msfc sub-module of 6", DESCR: "WS-SUP720 MSFC3 Daughterboard Rev. 2.3"
  PID: WS-SUP720
  NAME: "switching engine sub-module of 6", DESCR: "WS-F6K-PFC3A Policy Feature Card 3 Rev. 2.4"
  PID: WS-F6K-PFC3A

• Dfme and vlan tagging

  Hi all,
  is it possible that dmfe driver can handle tagged vlans?
  I use SunOs5.9 with patch 116561-12, which should give the ability for vlan tagging, but I can�t ping the other boxes.
  I�ve configured 2 Ip-addrs on a nic (dmfe1,dmfe1:1) netmasks and routing seems to be ok.
  Any help is appreciated

  Congratulations. You have successfully confused me.
  Do you know the difference between VLAN and Virtual interfaces?
  A virtual interfaces are of the form <interface><instance>:<virtual instance> and lives on top of the normal interface and, in a way, just adds another IP to it.
  Example of virtual interfaces:
  dmfe1:2
  Where dmfe is the interface, 1 is its instance and 2 is the virtual instance.
  VLAN taging is somewhat more complex, and gives you seperate traffic on each VLAN. A VLAN interface is constructed as:
  <interface>.<three digit VLAN><three digit Instance>
  To create a VLAN tag for VLAN 888 on dmfe1, the VLAN number would be 888 and the instance 001, which would give you an interface of
  dmfe.888001
  To create a VLAN tag for VLAN 44 on dmfe0:
  dmfe.044000
  7/M.

• Using Link Aggregation and VLAN tagging with LDOMs

  Hi,
  Anyone know if Link aggregation combined with VLAN tagging works for LDOMs?
  Any links or references would be appreciated.....
  It would be very handy if each LDOM could have multiple interfaces on different VLANs....
  Regards,
  Daniel

  I agree with bzptlx. While you can have vswitch plumbed without net-dev, and then route traffic inside the control domain, so that you can utilize aggregation, it adds complexity, and in some environments it's just impossible.
  I would say that this is number 1 deficiency with LDOM's in general.

• RV320 and WAN VLAN tagging/IPTV

  I have a fiber connection on WAN1 which only works with VLAN tagging and I can't find a way to make it work without the provider's middleware router (Comtrend C5813)... Is there a way to connect to my FTTH (Lucent I240G-B) router directly? I'm having problems with my IPTV (multicast) service, if it's connect direct to the middleware I can have multiple channels running at once, but if I go back to the RV320 and do the same, everything start to pixelate.
  Using Wireshark I can see that the RV320 is connecting to the different channels with CS4 DSCP marking.
  Any ideas?
  Thank you!

  As you can read above, I'm having problems with my IPTV pixelation/cuts... I need to be able to connect directly to the fiber and have more control over the connection, but I don't see the option on the web admin for PPPOE over VLAN. I don't know if it's a hardware limitation or just software (the GUI).

• New UC560 and 3 ESW-540-24P Switches, best way to wire them

  We are installing a UC560 and 3 ESW-540-24P switches at a client in a couple of weeks.  I have installed many of these but have never installed one with multiple switches.  What is the best way to connect these together physically.  They will be all in the same rack.  Was just wondering the best way to "series" the switches together and what ports to plug them into.  Any suggestions would be appreciated.

  There is a Smart Design: Implementation Guide at :http://www.cisco.com/web/partners/sell/smb/tools_and_resources/smart_business_comm_system.html
  Implementation Guide
  Smart Business  Communications System 2.0 – Implementation Guide
  The implementation guide complements the SBCS 2.0 Design Guide through  the detailed guidance for SBCS 2.0 based Main Office deployment. This  document leverages the GUI configuration capability with easy-to-follow  step-by-step network deployment guidance using CCA v2.2. It also  includes an installation checklist to assist during the installation  process. It is recommended that users refer to the SBCS 2.0 Design Guide  for underlying design guidance and considerations.
  In this (figure 6) it shows a 48 and a 24 port switch connecting to each of the UC560 expansion ports (there are 2 GE ports for expansion on the 560).
  These could also be 2 48 port switches (96 total ports).  (In your scenario, I would connect 2 this way and the third to one of  those 2.)

• Jumpstarting changes with U6:  VLAN tagged interfaces and sysidcfg

  Hello,
  I've been banging my head on U6 for a few days and finally have to give up and cry for help. I can no longer build a jumpstarted server which ends up on a separate VLAN tagged LAN after first reboot.
  I have an existing U5 SPARC jumpstart environment setup. We use VLAN tagging a lot in our environments and by default the only time a non VLAN tagged interface is used is during jumpstart. With the existing jumpstart we are using the following profiles:
  root_password=mypassword
  security_policy=NONE
  timezone=GB
  timeserver=localhost
  terminal=vt100
  network_interface=none {hostname=hostname}
  system_locale=en_GB
  name_service=NONE
  system_locale=CIn the U5 profile we let the jumpstart server obtain its network configuration via DHCP and then obtain the profile above, which excludes all network settings. All the network settings were added as part of a finish script. This worked fine with U5. As far as I can see, with U6 at the point where the sysidcfg is first evaluated it removes the network settings and obviously then kills the jumpstart. So I have had to try a different approach. I have tried both of the following:
  network_interface=PRIMARY { default_route=none protocol_ipv6=no}
  network_interface=PRIMARY { dhcp default_route=none protocol_ipv6=no}However, using either of these causes the ce0, bge0 or whatever to remain defined, instead of the ce200000 and ce206000 interfaces that I have explcitly defined in hostname.ce200000 separately. I also get a number of arp errors on initial reboot, such as
  Nov 20 20:27:29 unknown ip: ip_arp_done: init failed
  Nov 20 20:27:29 unknown /sbin/dhcpagent[44]: configure_v4_lease: cannot set interface flags for ce0: Cannot assign requested addressI don't know if I am barking up the wrong tree but I believe I need to get the server on initial boot (or during finish) to reevaluate a different sysidcfg file. Alternatively, it might need some combination of presence/absence of /reconfigure or /etc/.UNCONFIGURED. I think I might also need to stop /sbin/netstrategy return dhcp specific results (I only use DHCP for jumpstart booting and not for normal boot), but I have no idea how to do that...
  # /sbin/netstrategy
  ufs ce0 dhcpAny help much appreciated!
  thanks
  Paul

  Paul,
  I don't want to suggest that I understand your problem but have you seen the comments about tagged vlans on the Opensolaris LDoms forum?
  Near the bottom of thread [Solaris 10 10/08 (update 6)|http://www.opensolaris.org/jive/thread.jspa?threadID=81505&tstart=0] there is some discussion of tagged vlan support changes with U6.
  It sounds like tagged vlans are going to be a problem with U6.
  have a good weekend,
  Glen

• C2504 with LAG and VLAN tagging

  Having issues with setting up LAG on a Cisco 2504 WLC and implementing VLAN tagging on the different SSID´s.
  Without LAG I had this up and running by using dynamic interfaces and assigning the different SSID´s to a perticular interface which was then assigned a specific VLAN.
  However once I enabled LAG on the 2504, the dynamic interfaces became disabled and im unable to find documentation on how to configure VLAN tagging on SSID´s when using LAG.
  Relevant info:
  Cisco 2504 WLC running 7.4.100.0 (FUS 1.8.0)
  Cisco 2602 APs
  Cisco 3560 switch running IOS 15 (c3560-ipbasek9-mz.150-2.SE3)
  Switch output:
  C3560-PoE8#show etherchannel 1 summary
  Flags:  D - down        P - bundled in port-channel
          I - stand-alone s - suspended
          H - Hot-standby (LACP only)
          R - Layer3      S - Layer2
          U - in use      f - failed to allocate aggregator
          M - not in use, minimum links not met
          u - unsuitable for bundling
          w - waiting to be aggregated
          d - default port
  Number of channel-groups in use: 1
  Number of aggregators:           1
  Group  Port-channel  Protocol    Ports
  ------+-------------+-----------+-----------------------------------------------
  1      Po1(SU)          -        Fa0/1(P)    Fa0/2(P)    Fa0/3(P)
                                   Fa0/4(P)
  WLC output:
  (Cisco Controller) >show lag summary
  LAG Enabled
  So basically what im trying to achieve is to implement LAG, use 2 SSID´s which are tagged in VLAN 300 and 400 respectively and keep management traffic untagged.

  Hi Scott,
  Yes I did.. But it seems that after deselecting the "Interface/Interface Group(G)" under the SSID´s and then selecting the dynamic interface again that the problem is resolved.

• VLAN tagging and tagging question

  Hello,
  I have a question about VLAN tagging on a Cisco switch.
  I've learned that switches tag frames with VLAN IDs once the frame enters a Trunk port (not when it enters a VLAN port).
  Now, if two computers from the same VALN and on the SAME switch talk to each other then logically there should not be any VLAN assignment on the frames (as if they were connected to a hub).
  Is that correct please?
  TIA

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Just to muddy the waters, since VLAN edge/access ports don't normally tag frames with VLAN IDs, referencing your question about two computers "talking" to each other, it doesn't matter whether the two ports or on the same switch or even different switches; or in the same VLAN or not.
  Also understand trunk ports normally tag frames, and edge/access ports don't, but an exception for the former is the "native" VLAN frames aren't tagged, and an exception for the latter, a Voice VLAN will tag frames.

• VLAN Tags and Hyper-V Switches

  Does the Hyper-V 2012 Virtual Switch support forwarding VLAN-tagged packets to a guest OS with the VLAN tags intact?  In other words, can I have a single virtual NIC handle multiple VLANs by doing the VLAN filtering inside the guest OS?
  I would like to run a guest OS that sits on multiple VLANs, and while I could create and delete virtual NICs which are assigned to a single VLAN, it would be much more flexible in my environment to have Hyper-V simply forward frames with the VLAN (802.1q)
  tags intact so that the guest OS can see the tags and deal with them appropriately.  (looking at running a virtual router that sits across multiple VLANs).
  I can't see any obvious way to do this.  I thought that leaving the VLAN tag for the guest off would cause packets to be forwarded unfiltered, but that appears to not be the case.  Does anyone know how to enable forwarding tagged frames through
  a virtual switch/NIC to a guest OS?
  Thanks!

  Hi,
  >  Does it depend on any particular settings on the physical NIC?
  No special settings on the physical NIC, but not every NIC support VLAN tagging. You should generally not set the VLAN ID at the physical NIC, it should be set on either the Virtual Switch or the individual Virtual Machine’s configuration. The VLAN ID on
  the Virtual Switch is what the Host or Parent Partition uses. The VLAN ID setting on the individual Virtual Machine’s settings is what each VM will use.
  For more information please refer to following MS articles:
  Understanding Hyper-V VLANs
  http://blogs.msdn.com/b/adamfazio/archive/2008/11/14/understanding-hyper-v-vlans.aspx
  VLAN Tricks with NICs - Teaming & Hyper-V in Windows Server 2012
  http://blogs.technet.com/b/keithmayer/archive/2012/11/20/vlan-tricks-with-nic-teaming-in-windows-server-2012.aspx#.UWznBmawrX0
  Set-VMNetworkAdapterVlan
  http://technet.microsoft.com/en-us/library/hh848475(v=wps.620).aspx
  Hope this helps!
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.
  Lawrence
  TechNet Community Support

• ESW 540 Combo Ports

  Hello,
  I am interesting what Combo ports mean in ESW 540 which has 4 SFP? Can I use 4 optic SFP at the same time(or 1000BaseT SFP) ??

  Hi Kristijan,
  Just out of interest, are you using firmware version 2.1.19 on the switch, your switch may be using an older version of the firmware ? 
  But there should be no reason why the switch interfaces 11,12,23,24 could not be placed in access mode, seems a bit weird.
  I believe, if you check the VLAN interfaces, vlan1 should still be untagged on those "trunked" ports.
  So, please check the firmware version, but the ESW is covered by a great Warranty, so if you are still having issues, call the Small Business Support Center (SBSC) and allow them to share your screen via webex and resolve your configuration issue one way or the other.
  http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
  regards Dave

• Vlan tag issue with Nexus 4001 in IBM Blade Centre

  Hi
  I have a DC architecture with a pair of Nexus 7010's running 3 VDC's (Core/Aggregation/Enterprise). I have at the edge Nexus 5548's which connect to back to the Aggregation VDC. Also connecting back to the Aggregation VDC is an IBM Blade Chassis which has a Nexus 4001i in slots 7 and slot 9. These blade servers are running ESXi 4.0 and are mapped to the Nexus 4001 blade switch.
  I had set up the Native VLAN as VLAN 999 which connects up to the ESXi host and I am trunking up multiple VLANS for the Virtual Machines.
  The problem I have is that VM's in all VLANS except the ESXi host VLAN (VLAN 10) cannot see their default gateway, and I suspect that there is an issue with the VLAN tag going up to the ESXi host. I have read enough documentation to suggest that this is where the issue is.
  My Nexus 4001 interface configuration is below
  interface Ethernet1/1
    switchport mode trunk
    switchport trunk native vlan 999
    switchport trunk allowed vlan 10,30,40-41,60-62,90,96,999
    spanning-tree port type edge trunk
    speed auto
  The Aggregation VDC on the Nexus 7010 is the default gateway for all these VLANS.
  I also noted that the Nexus 5000 and Nexus 7000 supports the command vlan dot1q tag native command yet the Nexus 4000 doesn't seem to support this. Any assistance would be useful
  Thanks
  Greg

  Your configuration on the N4K looks correct. You shouldn't use vlan dot1q tag native commands on your N7Ks and N5Ks. Native VLAN tagging is really for QinQ (dot1q tunneling).
  My only suggestion is check your configuration of the vSwitch in the ESXi host and the host network profile.
  Regards,
  jerry