+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 37
  1. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #1

    Default NetSimK ; VLAN configuration

    I have another question guys.
    I decided to test my knowledge of VLAN configuration using NetSimK ; however, I don't think my knowledge is what I thought it was haha.

    I set up a very simple scenario: I have two switches, with two PC's on each switch. On each switch, I have a member of VLAN10 and a member of VLAN20, and I have them trunked on one of the gigabit ports. I also have a 2600 series router in the config that I was attempting router-on-a-stick with. However, I have a problem: I can ping across the VLANs, but I cannot ping the switches, nor the router's subinterfaces.

    Diagram:


    Switch1 Config:
    switch1#show running-config
    Building Configuration...

    Current Configuration : 1379 bytes
    !
    version 12.1
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname switch1
    !
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    !
    !
    !
    !
    interface FastEthernet0/1
    switchport access vlan 10
    !
    interface FastEthernet0/2
    switchport access vlan 20
    !
    <<Nothing plugged into the rest of the FastEthernet Ports>>
    interface GigabitEthernet0/1
    switchport mode trunk
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    no ip address
    no ip route-cache
    shutdown
    !
    interface Vlan10
    ip address 192.168.0.2 255.255.255.0
    no ip route-cache
    !
    interface Vlan20
    ip address 192.168.1.2 255.255.255.0
    no ip route-cache
    shutdown
    !
    ip default-gateway 192.168.0.1
    ip http server
    !
    line con 0
    line vty 0 4
    !
    end

    Switch 2 Config:
    switch2#show running-config
    Building Configuration...

    Current Configuration : 1358 bytes
    !
    version 12.1
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname switch2
    !
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    !
    !
    !
    !
    interface FastEthernet0/1
    switchport access vlan 10
    !
    interface FastEthernet0/2
    switchport access vlan 20
    !
    <<Nothing plugged into the rest of the FastEthernet Ports>>
    interface GigabitEthernet0/1
    switchport mode trunk
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    no ip address
    no ip route-cache
    shutdown
    !
    interface Vlan10
    ip address 192.168.0.3 255.255.255.0
    no ip route-cache
    shutdown
    !
    interface Vlan20
    ip address 192.168.1.3 255.255.255.0
    no ip route-cache
    shutdown
    !
    ip http server
    !
    line con 0
    line vty 0 4
    !
    end

    Router Config:
    Router#show running-config
    Building Configuration...

    Current Configuration : 797
    !
    version 12.2
    no service password-encryption
    no service udp-small-servers
    no service tcp-small-servers
    !
    hostname Router
    !
    !
    !
    !
    interface FastEthernet0/0
    no ip address
    no ip directed-broadcast
    !
    interface FastEthernet0/0.10
    encapsulation dot1q 10
    ip address 192.168.0.1 255.255.255.0
    no ip directed-broadcast
    !
    interface FastEthernet0/0.2
    encapsulation dot1q 20
    ip address 192.168.1.1 255.255.255.0
    no ip directed-broadcast
    !
    !
    interface FastEthernet0/1
    no ip address
    no ip directed-broadcast
    shutdown
    !
    !
    interface Serial0/0
    no ip address
    no ip directed-broadcast
    shutdown
    !
    interface Serial0/1
    no ip address
    no ip directed-broadcast
    shutdown
    !
    interface Serial0/2
    no ip address
    no ip directed-broadcast
    shutdown
    !
    no ip classless
    !
    line con 0
    line aux 0
    line vty 0 4
    !
    end

    help?
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #2
    From just briefly looking....

    Gi0/2 on SW1 isnt configured as a trunk port - show interface Gi0/2 switchport


    Remember that with RoS the port connected to the router is trunked..

    interface Gi0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    Last edited by drkat; 08-21-2012 at 02:59 AM.
    Reply With Quote Quote  

  4. Senior Member lantech's Avatar
    Join Date
    Mar 2012
    Location
    Tempe, Az
    Posts
    316

    Certifications
    MCSE, A+, CCENT
    #3
    You only need one IP address per switch in whatever VLAN you want to be the management VLAN.

    Did you set the encapsulation on your trunk ports in between your switches? Since you didn't specify it then it will default to ISL but your trunk to your router is using dot1q encapsulation which will cause problems.
    Reply With Quote Quote  

  5. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #4
    remember, icmp echo packets need to be able to travel both ways in order for you to ping successfully.

    Your router config
    interface FastEthernet0/0.10
    encapsulation dot1q 10
    ip address 192.168.0.1 255.255.255.0
    !
    interface FastEthernet0/0.2
    encapsulation dot1q 20
    ip address 192.168.1.1 255.255.255.0

    Your Switch 1 config
    Management
    interface Vlan10
    ip address 192.168.0.2 255.255.255.0
    ip default-gateway 192.168.0.1

    Your Switch 2 config
    Management
    interface Vlan10
    ip address 192.168.0.3 255.255.255.0
    shutdown
    !
    interface Vlan20
    ip address 192.168.1.3 255.255.255.0
    shutdown
    no ip default-gateway

    So, naturally, you can't ping Switch 2 or from Switch 2
    Last edited by mapletune; 08-21-2012 at 08:38 AM.
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  6. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #5
    I broke everything down and started from scratch ; here's my config commands list for all 3 devices:

    Switch 1:
    vlan 10
    vlan 20
    interface vlan10
    ip address 192.168.0.2 255.255.255.0
    no shut
    exit
    ip default-gateway 192.168.0.1
    interface fa0/1
    switchport access vlan 10
    interface fa0/2
    switchport vlan 20
    interface gi0/1
    switchport mode trunk (NetSimK apparently does not support the switchport trunk encapsulation command)
    interface gi0/2
    switchport mode trunk
    exit
    vtp mode server
    vtp domain test.net
    vtp password vlantest


    Switch 2:
    hostname switch2
    vlan 10
    vlan 20 (I know I shouldn't have to specify these when using VTP, but for the sake of not having to worry about it here, I'm doing it)
    interface vlan 10
    ip address 192.168.0.3 255.255.255.0
    exit
    ip default-gateway 192.168.0.1
    interface fa0/1
    switchport access vlan 10
    interface fa0/2
    switchport access vlan 20
    interface gi0/1
    switchport mode trunk
    exit
    vtp mode client
    vtp domain test.net
    vtp password vlantest

    At this point, I can ping from machine-to-machine on vlans 10 and 20, but I cannot ping 192.168.0.2 (switch1).

    Router Config:
    interface f0/0
    no ip address
    no shut
    interface f0/0.10
    encapsulation dot1q 10 native
    ip address 192.168.0.1 255.255.255.0
    interface f0/0.20
    encapsulation dot1q 20
    ip address 192.168.1.1 255.255.255.0


    At this point, I still cannot ping 192.168.0.1 from either of the PC's in vlan10, nor can I ping them from the router. If i run "show interface f0/0.10", then I get this back:
    Router#show interface fa0/0.10
    FastEthernet0/0.10 is up, line protocol is down Internet address is 192.168.0.1/24
    MTU 1500 bytes, BW 100000 Kbit, DLY 2000 usec, rely 255/255, load 1/255
    Encapsulation ARPA
    ARP type: ARPA, ARP timeout 00:05:00

    I set the encapsulation to dot1q ; what gives?
    Reply With Quote Quote  

  7. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #6
    I don't have access to my lab right now, but i set up a simple 1 router 1 switch 2 hosts and 2 vlan (+1 default vlan 1) packet tracer lab.

    I used 2621xm and 2950 gear, and ROAS is working well.

    So... it shouldn't be too hard (speaking about the commands)

    Let me look over your config and see if i can spot anything else...
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  8. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #7
    Quote Originally Posted by mapletune View Post
    I don't have access to my lab right now, but i set up a simple 1 router 1 switch 2 hosts and 2 vlan (+1 default vlan 1) packet tracer lab.

    I used 2621xm and 2950 gear, and ROAS is working well.

    So... it shouldn't be too hard (speaking about the commands)

    Let me look over your config and see if i can spot anything else...
    Thanks.
    I wouldn't think it would be too hard either ; I don't now if it's something small I'm missing, or if NetSimK is just being retarded (I had MAJOR issues with it an PPP encapsulation, and with RIP routing).
    Reply With Quote Quote  

  9. Senior Member lantech's Avatar
    Join Date
    Mar 2012
    Location
    Tempe, Az
    Posts
    316

    Certifications
    MCSE, A+, CCENT
    #8
    My suggestion, get a better simulator.

    The problem may be that you can't set the encapsulation on the two switches. It may be defaulting to ISL instead of the dot1q like you have on your router. You might trying changing the config on the router to ISL.
    Reply With Quote Quote  

  10. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #9
    Quote Originally Posted by lantech View Post
    My suggestion, get a better simulator.

    The problem may be that you can't set the encapsulation on the two switches. It may be defaulting to ISL instead of the dot1q like you have on your router. You might trying changing the config on the router to ISL.
    I'm leaning towards the simulator being the issue as well. FWIW, you can't change the encapsulation type on the router to ISL in NetSimK ; it only supports dot1q according to the command syntax.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #10
    what does show interface gi0/2 switchport give you
    Reply With Quote Quote  

  12. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #11
    Quote Originally Posted by drkat View Post
    what does show interface gi0/2 switchport give you
    switch1#show interface gi0/2 switchport
    GigabitEthernet0/2 is up, line protocol is up (connected)
    Hardware is Fast Ethernet, address is E33F.8500.101B (bia E33F.8500.101B)
    MTU 1500 bytes, BW 0 Kbit, DLY 2000 usec, rely 255/255, load 1/255
    Encapsulation ARPA, loopback not set, keepalive set (10 sec)
    Full-duplex, 1000Mb/s, media type is 1000BaseTX
    ARP type: ARPA, ARP timeout 00:05:00
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Aug 2011
    Posts
    683

    Certifications
    CCNA/CCNA:V/ATSA-IN
    #12
    yeah that sim doesnt support everything.. bleh
    Reply With Quote Quote  

  14. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #13
    I know this isn't related but...

    1000/100 mismatch =p
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  15. Senior Member lantech's Avatar
    Join Date
    Mar 2012
    Location
    Tempe, Az
    Posts
    316

    Certifications
    MCSE, A+, CCENT
    #14
    Try finding packet tracer. I know it doesn't do absolutely everything. But you can at least do trunking and get the proper show commands to diagnose issues when the come up. Should be pretty much all you need for CCNA.
    Reply With Quote Quote  

  16. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #15
    Hey all, I spent some more time with real switches, real routers, and GNS3 as hosts for the different VLANS.

    Here's my configs:

    ROUTER
    interface FastEthernet0
    speed 100
    full-duplex
    no shutdown
    !
    interface FastEthernet0.1
    encapsulation dot1Q 1
    ip address 192.168.1.1 255.255.255.0
    !
    interface FastEthernet0.10
    encapsulation dot1Q 10 native
    ip address 192.168.10.1 255.255.255.0
    !
    interface FastEthernet0.20
    encapsulation dot1Q 20
    ip address 192.168.20.1 255.255.255.0
    SWITCH
    interface FastEthernet0/1
    switchport mode access
    !
    interface FastEthernet0/2
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/3
    switchport access vlan 20
    switchport mode access
    !
    interface FastEthernet0/24
    switchport trunk native vlan 10
    switchport mode trunk
    speed 100
    duplex full
    !
    interface Vlan10
    ip address 192.168.10.2 255.255.255.0
    no shutdown
    !
    ip default-gateway 192.168.10.1

    =====================================

    So, with this config, I got almost everything working.

    Router can ping all 3 hosts and switch management int vlan 10.

    Switch can ping Router's .10 .20 subint, and Hosts from VLAN 10,20
    Switch cannot ping Router's .1 subint, nor ping Hosts from VLAN 1.

    All hosts can ping each other and router and switch. EXCEPT Hosts from VLAN 1 cannot ping switch.

    TLDR
    Connectivity issue between Switch management int VLAN 10 and VLAN 1 hosts/accessport my guess is that interface VLAN10 is actually in vlan 1...

    can someone confirm my hunch? =D

    nvm. int vlan 10 is not in vlan 1...

    ======

    anyway, for practical purposes, huafist, don't mess with the "native" command.

    Keep VLAN 1 as the native vlan and move whatever ports you don't want out of it.

    Things will go much smoother =)
    Last edited by mapletune; 08-22-2012 at 04:58 AM.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Feb 2012
    Posts
    2,290

    Certifications
    CCIP, CCNP, CCNA, JNCIA, etc.
    #16
    Interestingly, on a production device today, I used that command.

    switchport trunk native vlan 300
    switchport trunk allowed vlan remove 300
    Last edited by NetworkVeteran; 08-22-2012 at 05:26 AM.
    Reply With Quote Quote  

  18. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #17
    Practical as in, i don't think exam troubleshooting go that much in-depth =P

    ====

    well... i got it to work =S finally

    ...


    So, basically, on the switch, you can't have 2 int vlan ip addresses

    I had this:

    int vlan 1
    ip address 192.168.1.2 255.255.255.0
    shut
    int vlan 10
    ip address 192.168.10.2 255.255.255.0
    no shut

    ip default-gateway 192.168.10.1 (<- which i would switch in-between with 192.168.1.1 depending on which int vlan 1/10 i was testing and had it in no shut)

    so after deleting ip address on vlan 1, everything works.

    fun little problem... i guess

    cheers,
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  19. Senior Member lantech's Avatar
    Join Date
    Mar 2012
    Location
    Tempe, Az
    Posts
    316

    Certifications
    MCSE, A+, CCENT
    #18
    That's because a VLAN doesn't need an IP address. In fact the switch itself doesn't require an IP address to work. The IP address is so that you can telnet into the switch and manage the switch from a remote location.
    Reply With Quote Quote  

  20. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #19
    So I'm not crazy? haha
    I'm going to set this up in GNS3 when I get to work and see if I can make it work there.
    Reply With Quote Quote  

  21. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #20
    To be honest, this was one of the times I wish I knew how to use packet sniffers.

    Like, i know what caused the connectivity issue now, but, i still don't know why.

    =S i need to learn how to use Wireshark soon...
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  22. Member huafist's Avatar
    Join Date
    Aug 2012
    Location
    Morristown, TN, USA
    Posts
    64

    Certifications
    CCNA
    #21
    Ok, so I set this up in GNS3, but no hosts. I set up 3 routers - one as a router and two as 16 port switches. I can ping from switch 1 (which is the vtp server with VLAN 10 and 20 configured on it, VLAN10 is up with IP 192.168.0.2/24). To subinterface fa0/0.10 (192.168.0.1) on the router, but I can't communicate with 192.168.1.1 (subinterface fa0/0.20), even though I have RIP routing enabled and the networks added. show ip route shows both networks as enabled in the router, as well. I configured vlan1 on the second router with the IP 192.168.1.3/24, and connected it to an unused port on switch 1 (attempting to use it as a host, no VLAN trunking, etc on it), but I can't ping 192.168.1.1 from it either.

    With RIP enabled and communication with .0.1 from switch 1, I would expect to be able to ping .1.1 from switch 1 through routing?
    Reply With Quote Quote  

  23. eager student mapletune's Avatar
    Join Date
    Jul 2012
    Location
    Taiwan
    Posts
    303

    Certifications
    CCENT, CCNA, CCNA Security
    #22
    to be honest, using gns3 routers+nm-16esw to emulate cisco switches is outside my area of knowledge. =/ sorry that i can't help.

    what i usually do is use hardware switches connected to gns3 virtual routers. but this time, i actually used all real hardware to make sure i got everything correct.

    so, what you want to do is definitely possible. good luck =]
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Feb 2012
    Posts
    2,290

    Certifications
    CCIP, CCNP, CCNA, JNCIA, etc.
    #23
    Quote Originally Posted by huafist View Post
    Ok, so I set this up...
    Hua, when you have a problem post your full configs and list how the devices are interconnected (eg: R1::f0/0 <=> R2::f1/0). It's easier to debug real configurations than long verbal descriptions. Those configs will be more precise and not miss details.

    in GNS3, but no hosts. I set up 3 routers - one as a router and two as 16 port switches. I can ping from switch 1 (which is the vtp server with VLAN 10 and 20 configured on it, VLAN10 is up with IP 192.168.0.2/24). To subinterface fa0/0.10 (192.168.0.1) on the router, but I can't communicate with 192.168.1.1 (subinterface fa0/0.20), even though I have RIP routing enabled and the networks added. show ip route shows both networks as enabled in the router, as well. I configured vlan1 on the second router with the IP 192.168.1.3/24, and connected it to an unused port on switch 1 (attempting to use it as a host, no VLAN trunking, etc on it), but I can't ping 192.168.1.1 from it either.

    With RIP enabled and communication with .0.1 from switch 1, I would expect to be able to ping .1.1 from switch 1 through routing?
    Let me try to translate--

    Quote Originally Posted by What the above words mean
    Switch 1
    ----------
    vlan 10
    vlan 20
    int vlan 10
    _ip address 192.168.0.2 255.255.255.0

    Router 1
    _______
    int fastethernet0/0
    int fastethernet0/0.10
    _encapsulation dot1q 10
    _ip address 192.168.0.1 255.255.255.0
    int fastethernet0/0.20
    _encapsulation dot1q 10
    _ip address 192.168.1.1 255.255.255.0
    router rip
    _network 192.168.0.0
    _network 192.168.1.0

    Router 2
    _______
    vlan 1
    int fastethernet1/0
    _switchport mode access
    _switchport access vlan 1
    int vlan 1
    _ip address 192.168.1.3 255.255.255.0
    Do you see how incomplete the above is? Even after spending time translating your words into a virtual configuration, there are a plethora of things you could've done wrong.

    For example--
    1. You might've forgotten to no shut your interfaces.
    2. You only mention RIP on Router1; routing protocols are intended to share information between routers, so enabling it on one router isn't particularly effective.
    3. You don't mention how you're telling Switch1 to get its traffic to 192.168.1.1.
    4. You put two devices on the same subnet (192.168.1.x) but on different VLANs.
    5. You don't mention the router having a subinterface on vlan 1.

    Anyway, post full configs, and we can probably pinpoint your real issue rather than speculating on all the things that someone could possibly get wrong.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Feb 2012
    Posts
    2,290

    Certifications
    CCIP, CCNP, CCNA, JNCIA, etc.
    #24
    Maple, the configs you posted worked fine on my devices--provided, and these are important, I disabled IP routing on the switch and ensured those VLANs were actually created.

    I had this:

    int vlan 1
    ip address 192.168.1.2 255.255.255.0
    shut

    so after deleting ip address on vlan 1, everything works.
    This was not in the configuration you posted before. If you can post the exact configuration causing troubles we might be able to explain it. Adding the above, alone, to the previous configuration you posted does not pose any problems on my setup. Alternatively, if you use GNS3 for the routers / switches, Wireshark is built in, and yes it's wonderful for debugging.
    Last edited by NetworkVeteran; 08-22-2012 at 03:10 PM.
    Reply With Quote Quote  

  26. Senior Member lantech's Avatar
    Join Date
    Mar 2012
    Location
    Tempe, Az
    Posts
    316

    Certifications
    MCSE, A+, CCENT
    #25
    Also, a good build philosophy is to go one step at a time. Get one part of your network working then work on the next part.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks