Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Vlan Programming on 3870 something simple I bet! 1

Status
Not open for further replies.
Technofool

Technofool

IS-IT--Management
Sep 2, 2008
7
0
0
GB
Hi this is driving me mad!
I am trying to use 2 3870 switches to send 2 networks accross fibre. I want to use 2 uplinks 1 for each network.
I have 2 networks 192.. and 172.. First I joined ports 1-12 and 24 (24 tagged) to vlan 1 (192 network) and ports 13-20 and 24 (24 tagged again) to vlan 2 (172 network). then connected fibre port 24 to another 3870 configured in the same way. this works fine!
But what I really want to do is send 192 network down one fibre (Port24) and the 172 network down another (Port 22).
I tried adding port 22 to vlan 2 and removing port 24, firtst of all tagged and then untagged but this does not work. When both fibre uplinks are connected I can not get an IP from the 172 network. I have tried allocating ips to the vlans and even adding an ACL (Getting desperate) and yet I still can not get it to work!
I am sure it should be simple, VLAN 1 port 24 192 network; VLAN 2 port 22 172 network, but i just can't get it!!!
Any help please?
 
Sort by date Sort by votes
I think you may be getting your tagging and untagging confused...

Basic rules...
Ports that need to be in the 192 network in VLAN 1 should be untagged in VLAN 1 they should not be tagged at all in either VLAN 1 or VLAN 2.
Ports that need to be in the 172 network in VLAN 2 should be untagged in VLAN 2 - they should not be tagged at all in either VLAN 2 or VLAN 1.
Ports that connect switches need to be able to pass both types of traffic so must be tagged in one VLAN (usually VLAN 1) and untagged in the other (VLAN2) - both ends of the link need to be identically configured.

However because you have two networks you need a router (L3 device) to route the traffic between the networks - the simplest way to achieve this is to create a VLAN interface for each of the networks on one of the 3870 (I believe it's L3) and give them an IP address in the appropriate network - because they then have a local interface on both networks it will route traffic between the two networks...


-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them
 
Upvote 0 Downvote
I think I have tried this but still no joy! Here is what i have done:

Switch 1 (Source of networks)

Vlan 1 (192) - Ports 1-12 Untagged; Ports 21-22 tagged
Vlan 2 (172) - Ports 12-20 Untagged; Ports 23-24 Untagged

Vlan interface:

Vlan 1 192 IP address (primary)
Vlan 2 172 IP address (Secondary)

Switch 2

Vlan 1 (192) - Ports 1-12 Untagged; Ports 21-22 Tagged
Vlan 2 (172) - Ports 12-20 Untagged; Ports 23-24 Untagged

No Vlan Interface.

I can always get an IP from the 192 network while connected to ports 1-12 on second switch with both ports 21 and 24 connected via fibre, although I can not get a 172 IP when connected to ports 13-20 on the second switch.
 
Upvote 0 Downvote
Not sure what ports 21-22 are doing? But you should use a single uplink ports (24) on both switches and it should be untagged in VLAN1 and tagged in VLAN 2.

You seem to be trying to send some traffic via one port (21) and other via another (24), So I would suggest:...

Switch 1 (Source of networks)

Vlan 1 (192) - Ports 1-12 and 24 Untagged;
Vlan 2 (172) - Ports 13-23 Untagged; Port 24 Tagged

Uplink Port 24

Vlan interface:

Vlan 1 192 IP address (primary)
Vlan 2 172 IP address (Secondary)

Switch 2

Vlan 1 (192) - Ports 1-12 and 24 Untagged;
Vlan 2 (172) - Ports 13-23 Untagged; Port 24 tagged
Uplink Port 24

No Vlan Interface.

This will give you on both switches ports 1-12 in the 192 (VLAN1) network and ports 13-23 in the 172 (VLAN2) network. Port 24 can pass (see) both networks and will pass the traffic through accordingly. The PVIDs should be left at their default values.


-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them
 
Upvote 0 Downvote
Thanks.

I can get it to work via one uplink ok but what I wanted to do was use two uplinks... 192 via 1 uplink (port 21) and 172 via another uplink (port 24).
I am begining think this is not possible!
 
Upvote 0 Downvote
Not sure why would you do that? You're wasting two ports?

You can... Just make sure both uplink ports are only untagged in their respective VLANs.

So just make port 24 untagged ONLY in VLAN 1 on both switches... so remove the tagging from VLAN 2 - It will then only see VLAN 1 traffic. Connect port 21 to its opposite number on the other switch - it is already untagged in VLAN 2.


-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them
 
Upvote 0 Downvote
Yes tried that and thats where it all goes wrong.

Vlan 1 - ports 1-12 and 21 all untagged
Vlan 2 - ports 13-20 and 24 all untagged

I thought this should work but even though they are in different Vlans it still seems to get confused and I am unable to obtain an IP from the 172 network.

connect laptop to vlan 2 second switch I get nothing until i unplug the fibre allocated to Vlan 1 (Port 21)!? Yet port 21 is only in Vlan 1 and not present in Vlan 2.
Everything I read seems to say this should work so either it does'nt or I have a faulty switch!
 
Upvote 0 Downvote
Are you using fixed IP addressed on your laptop or are you expecting DHCP to work? If the latter you need to identify the DHCP server and include a UDP helper on the other VLAN...

-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them
 
Upvote 0 Downvote
Need DHCP to work... not sure quite were to identify the DHCP server or UDP helper, but I will look into it! I'll try anything right now!!
 
Upvote 0 Downvote
It's probably worth proving theL2 network first, so give yourself a fixed IP and make sure you can ping accros the two switches and networks.

Unfortunately I'm not too familiar with the 3870s so do not know the commands you need.

Good luck...

-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them
 
Upvote 0 Downvote
Thank you for your help. I still can't figure it out but have decided on a setup that only requires 1 uplink, it means i will be using more switches but it will do for now until i have a better understanding of the switches.

Thanks again for your help.
 
Upvote 0 Downvote
No problem...

-Blue
The significant problems we face cannot be solved at the same level of thinking we were at when we created them

ps..stars can be given here...
 
Upvote 0 Downvote
Hello Technofool
Im newbie to 3com networking as well. I'll try my best to address your problem. Here's what i think you may try.

Switch 1
Ports 1-12 untagged access ports , 23- 24 tagged ports in vlan 1 to carry traffic for VLAN 1(192).
ports 13- 20 untagged access ports in vlan 2 , ports 21-22 tagged in vlan 2(172) to carry traffic for vlan 2.

Since ports 23-24 are tagged and placed only in VLAN 1 they could only forward traffic of VLAN1.But if u want port 23-24 to carry traffic for both vlans place that port in vlan 2 as well which u dont want to do it. same rule applies for vlan 2 as well.

Switch 2:
Ports 1- 12 untagged access ports ,23-24 tagged ports in VLAN 1(192)
ports 13-20 untagged access ports , 21-22 tagged and must be placed only in vlan 2 to carry traffic of VLAN 2 ( 172 ).

Finally check that VLAN interface index on two switches is same. Try disabling TCMP on both switches and see what happens.Later you can define your IP interfaces.

I have addressed your problem based on your very first post which says that VLAN1 ( 192) must go through 23-24 and VLAN 2( 172 ) which should go through 21-22. There is little bit misconception about post 1 and post 2( 4th sep 3.24 ).

When you said u want the traffic of VLAN 2 ( 172 ) must go thorugh ports 21-22 you must have placed that ports in vlan 2 rather than having them in VLAN 1( 192 ) as tagged ports, and u have ports 23-24 as untagged in vlan 2 ( 172 ) switch 1 which is bit of a problem.so whats happening here is you have no ports in VLAN 2 which are tagged and you have ports 21-22 in vlan 1 as tagged which could only carry traffic for vlan 1.The same rule applied for switch 2 .

I honestly donno if this post can be any good to you..

Gud luck.


 
Upvote 0 Downvote
Hi Iamdexter

Thanks for the reply, I see what you are saying but the original problem was that even though 21 and 22 were in Vlan1 only and 23 and 24 were in Vlan2 only as soon as both uplink ports 21 (192) and 24(172) were connected the switch got confused about where to send the data. It seems the vlans still managed to connect to each other via the fibre uplink ports, although I still dont know how.
I agree with what you are saying as by all logic that should work, but it didn't! I may have some faulty switches or just missing something else I dont know. Anyway I have a working solution for now and will look into it more at a later date. If I find the solution I willl post it here>

Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

eca2
  • Locked
  • Question
Basic VLAN Configuration
Replies
1
Views
55
AH64Armament
AH64Armament
kryptor
  • Locked
  • Question
VLANs causing me a headache!!
Replies
1
Views
115
meneerB
meneerB
PretorianGhost
  • Locked
  • Question
VLAN Trunking J9782A
Replies
3
Views
72
VinceWhirlwind
VinceWhirlwind
CHRISH KYLE
  • Locked
  • Question
how to reset netgear router password in hp laptop......
Replies
0
Views
57
CHRISH KYLE
CHRISH KYLE
Wadoki
  • Locked
  • Question
What is the command to enable 3rd party SFP+ transceivers on HP switch?
Replies
0
Views
63
Wadoki
Wadoki

Part and Inventory Search

Sponsor

Back
Top