VLAN's

laidbackfreak

ok not sure if this is the right forum to post this, but I'll try and the mods can move it if needs be...
I have a small voip project that I'm currently testing, this is sitting on its own VLAN and all connectivity between these devices is ok

However when I try to connect the vlan to my existing network I can not get the vlan to come up,
the voip switch shows the vlan as up, line protocol is down
the core switch shows the vlan as down, line protocol down.

I have a management ip assigned and can ping between them via teh connected trunk link ok, but am stumped as to what I'm missing, any suggestions where to look ??

cheers
Sean

Netstudent

Do you have an explicit allowed list on the trunk that could be implicitly denying the new vlan across the trunk to the other network? It seems as if you already have a management vlan or you used an IP from another subnet that is already incorporated into the existing network.

Need more info here.

mikej412

What kind of switches? Layer 2 or Layer 3?

laidbackfreak

the core switches are stacked 3750's the voice is 3750G

there arent any acls in place....

remyforbes777

Can you post your config?

laidbackfreak

core switch :-


---removed for ease of reading

---

switch 1 provision ws-c3750g-12s
switch 2 provision ws-c3750g-48ts
switch 3 provision ws-c3750g-48ts
ip subnet-zero
no ip source-route
ip routing
no ip domain-lookup
ip dhcp excluded-address 172.22.26.1
ip dhcp excluded-address 172.22.27.1
ip dhcp excluded-address 172.22.29.1
ip dhcp excluded-address 172.22.29.230 172.22.29.254
ip dhcp excluded-address 172.22.26.220 172.22.26.254
ip dhcp excluded-address 172.22.27.220 172.22.27.254
ip dhcp excluded-address 172.22.26.201 172.22.26.219
ip dhcp excluded-address 172.22.26.190 172.22.26.200
ip dhcp excluded-address 172.22.27.190 172.22.27.199
ip dhcp excluded-address 172.22.29.190 172.22.29.199
ip dhcp excluded-address 172.22.20.2
ip dhcp excluded-address 172.22.20.240 172.22.20.254
ip dhcp excluded-address 172.22.72.1 172.22.72.254
!
ip dhcp pool VLAN_26
network 172.22.26.0 255.255.255.0
default-router 172.22.26.1
dns-server 172.22.20.81 172.22.20.82
domain-name removed
option 78 ip 172.22.20.62 172.22.20.63
lease 3
!
!
ip dhcp pool VLAN_500
network 172.22.72.0 255.255.255.0
default-router 172.22.72.1
option 78 ip 172.22.20.62 172.22.20.63
domain-name REMOVED
dns-server 172.22.20.81 172.22.20.82
lease 3
!
!
Removed
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 1,19,26-27,29-30,500 priority 24576
!
vlan internal allocation policy ascending
!
!
!
interface Port-channel1
switchport access vlan 200
switchport mode access
!
interface GigabitEthernet1/0/1
description ### Link to CR1-C3560-01 ###
switchport trunk encapsulation dot1q
switchport mode trunk

removed- for ease of reading
!

interface GigabitEthernet1/0/9
description ### Unused Ports ###
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/10
description ### Unused Ports ###

!
interface GigabitEthernet2/0/1
description -- removed--
no switchport
ip address 172.21.254.1 255.255.255.252
speed 100
duplex full
!
interface GigabitEthernet2/0/2
switchport access vlan 200
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree guard root
!removed
!
interface GigabitEthernet2/0/20
description ### removed ###
no switchport
ip address 172.22.51.5 255.255.255.0
speed 100
duplex full
!
interface GigabitEthernet2/0/21
switchport access vlan 200
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
spanning-tree guard root
!removed
!
interface Vlan1
description ### Management VLAN ###
ip address 172.22.30.1 255.255.255.0
!
interface Vlan19
description ### J ###
ip address 172.22.19.1 255.255.255.0
!
interface Vlan26
description ### Comms Room 1 ###
ip address 172.22.26.1 255.255.255.0
!
interface Vlan27
description ### Comms Room 2 ###
ip address 172.22.27.1 255.255.255.0
!
interface Vlan29
description ### Comms Room 3 ###
ip address 172.22.29.1 255.255.255.0
!
interface Vlan200
description ### Server VLAN ###
ip address 172.22.20.2 255.255.255.0
!
interface Vlan202
description ### removed ###
ip address 172.22.202.1 255.255.255.0
!
interface Vlan500
ip address 172.22.72.3 255.255.255.0
!
router ospf 1
log-adjacency-changes
redistribute static
network 172.21.0.0 0.0.255.255 area 0
network 172.22.19.1 0.0.0.0 area 0
network 172.22.26.1 0.0.0.0 area 0
network 172.22.27.1 0.0.0.0 area 0
network 172.22.29.1 0.0.0.0 area 0
network 172.22.30.1 0.0.0.0 area 0
network 172.22.200.2 0.0.0.0 area 0
network 172.22.202.1 0.0.0.0 area 0
network 172.22.0.0 0.0.255.255 area 0
!
ip classless

ip route 172.22.24.0 255.255.255.0 172.22.20.86
ip route 172.22.32.0 255.255.255.0 172.22.200.1

ip http server
!
!removed
!

voice switch :-
removed
!
no aaa new-model
switch 1 provision ws-c3750g-24ps
system mtu routing 1500
ip subnet-zero
no ip domain-lookup
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet1/0/1
switchport access vlan 500
speed 100
duplex full
spanning-tree portfast
!
interface GigabitEthernet1/0/2
switchport access vlan 26
switchport mode access
switchport voice vlan 500
duplex full
spanning-tree portfast
!removed
!
interface GigabitEthernet1/0/24
switchport access vlan 500
spanning-tree portfast
!
interface GigabitEthernet1/0/25
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
ip address 172.22.30.33 255.255.255.0
!
interface Vlan500
no ip address
!
ip default-gateway 172.22.30.1
ip classless
ip http server

!removed

i may have missed somehting off as I've been chopping and changing the config a bit trying to fix this...

EdTheLad

So were supposed to decode your config and figure out which ports and vlans you are using?
If your locally configured vlan interface is down it means this vlan has no links thats are in an up state.Issue the command "show vlan id x" ,is the vlan configured? does it have access member ports? if no is this vlan allowed on the trunk? Are the ports working in trunk mode?

laidbackfreak

whoops sorry yes that would help...

ive assinged the new voice vlan to vlan 500 the exisitng data vlan im using is 26
i dont have any access ports on this vlan on the core, just the trunk link via int ge 1/0/9

on the voice switch i have access ports assigned ok...

vlan 1 is the management vlan, i can ping ok between these ip address...

APA

Core switch probably does not have vlan 500 in the VLAN Database... hence why it is showing the interface as down/down

Please show the output from show vlan

Voice switch does not have an address associated with VLAN 500 I believe that's why it is showing the VLAN interface as up/down.

If you want to enable the new SVI on your voice MLS you should enable ip routing for the MLS to route IP (obvious by the cmd)......

laidbackfreak

ok quick update on this...

APA you were right in that the db didnt show the vlan 500.... but seeing as the link was a trunk i didnt expect it to show..
however what i had missed was setting the trunk as a voip link rather than acces....
so i removed the access command and entered the switchport mode voip command instead and bobs your uncle it appeared in the db.....

for reference i removed the access link as the core switch currently does the dhcp leases for data, but the CM does the leases for the phones, with the access command in place it was supplying incorrect ip address to the data lan too...

i did a couple of other tweaks too but that was the main concern....

cheers for the help guys