VLAN Question that I need some help on

Hey guys,

I was going through the Boson practice test and I got stuck on this simulation question. I attached an image of the example set up that I created in packet tracer to try to correct the problem and learn from this experience.

Here is what I remember the question asking. It said that there are VLANs 1, 2, and 3. PC11 and PC21 belong to VLAN1, PC12 and PC22 belong to VLAN2, and PC13 and PC23 belong to VLAN3. Some of the machines can not communicate with each other. Troubleshoot and correct the issue. The Network administrator advises to not use Trunking or any other dynamic protocols to learn about VLANs.

I know the issue has to do with the fa0/11 interfaces. Here is the config, it is the same for each switch:

Current configuration : 1435 bytes
!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname S1
!
ip name-server 0.0.0.0
!
!
interface FastEthernet0/1
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/3
switchport access vlan 3
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
switchport mode access
switchport nonegotiate
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.1.101 255.255.255.0
!
!
line con 0
password 1234
logging synchronous
login
exec-timeout 0 0
!
line vty 0 4
exec-timeout 0 0
password 1234
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password 1234
logging synchronous
login
!
!
end

S1#

I know that the issue is with the fa0/11 interface because when I run the command show interface fa0/11 switchport it is only allowing frames from VLAN1 to pass across the link since it is the default VLAN. I also am able to verify that fa0/11 doesn't show in the STP instance by using show spanning-tree:

VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0002.4A54.EE49
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0002.4A54.EE49
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

---- ---

Fa0/1 Desg FWD 19 128.1 P2p
Fa0/11 Desg FWD 19 128.11 P2p

VLAN0002
Spanning tree enabled protocol ieee
Root ID Priority 32770
Address 0002.4A54.EE49
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)
Address 0002.4A54.EE49
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

---- ---

Fa0/2 Desg FWD 19 128.2 P2p

VLAN0003
Spanning tree enabled protocol ieee
Root ID Priority 32771
Address 0002.4A54.EE49
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32771 (priority 32768 sys-id-ext 3)
Address 0002.4A54.EE49
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

---- ---

Fa0/3 Desg FWD 19 128.3 P2p

Show I know that the issue is the fact that frames aren't passing between the fa0/11 interface for VLANs 2 and VLANs 3. My question is with not using VTP or trunking, how can you accomplish this? I have tried going under interface configuration mode for the fa0/11 interface and adding the command spanning-tree vlan # port-priority #.

I can get the interface to then show up under each VLAN2 and VLAN3 but the frames still won't pass. Any insight will be appreciate. Thanks in advance guys

It may be something simple that I'm just forgetting or overlooking.

Example.JPG

Find more posts tagged with

Comments

trackit

the problem is that you need make fastethernet 0/11 ports as trunks (on both switches)

go under fast 0/11 and issue "switchport mode trunk" on both switches.

EDIT: when you say that "some of the pc-s can not communicate" i assume you mean that none of the PC-s can communicate. (except computerns that are in vlan 1) You cant communicate with different vlan unless you enable some routing between vlan-s (either use layer 3 switch or router)

Also you can not accomplish communication between switches for more than 1 vlan without trunking. So if you say that you can not use trunking then it would be very weird.

And also, spanning tree protocol is irrelevant here, because you dont have any redundant links between switches.

captobvious

trackit wrote: »

the problem is that you need make fastethernet 0/11 ports as trunks (on both switches)

go under fast 0/11 and issue "switchport mode trunk" on both switches.

EDIT: when you say that "some of the pc-s can not communicate" i assume you mean that none of the PC-s can communicate. (except computerns that are in vlan 1) You cant communicate with different vlan unless you enable some routing between vlan-s (either use layer 3 switch or router)

Also you can not accomplish communication between switches with more than 1 vlan without trunking. So if you say that you can not use trunking then it would be very weird.

+1 I think you need to review what a trunk port is.

The sentence, "The Network administrator advises to not use Trunking or any other dynamic protocols to learn about VLANs." would be a reference not to use DTP or VTP in your configuration.

billscott92787

Tracekit:

I know that you can't communicate between VLANs unless a router is involved. The PC's on VLAN 1 can communicate with each other. But, a PC on VLAN 2 can't communicate with the other PC on VLAN 2 (example: PC12 can't communicate with PC 22) (PC 13 can't communicate with PC23).

I think the way the question is worded confuses me. It definitely says you can't use trunking. The overall goal, I'm assuming is to allow PC11 to communicate with PC21, PC12 to communicate with PC22, and PC13 to communicate PC23. In the test example they did have VTP configured with a domain. I know that if I make the port a trunk port that they can communicate. Because trunks pass vlan information between the switches.

I think that's mainly the problem, it's not really a configuration issue, I know how to enable vtp, configure a trunk port. I just was stumbled and confused by the way that they worded the question. The wording made me think, "Well I can't use a trunk port on fa0/11."

trackit

i dont know the exact wording of the question, but you just cant send traffic from many vlans through access port to other switch, ist just not possible. You must enable trunking on those ports that connect 2 switches together. (there is no need to use VTP though, cause those vlan-s are already created on those switches. Even if you dont "create" vlan-s beforehand, when you issue command like "switchport access vlan x" the vlan will be automatically created.)

billscott92787

Sure,

I've definitely seen that before as well. I didn't think there was any possibility to do it either. I kept checking around in the IOS, and I figured that I would have to trunk it because I've created similar labs in Packet Tracer. I guess that the question is just meant to through you off. I'll go back to the simulator tonight and get to that question and get the exact wording and just enable the trunk on fa0/11. In the simulation they made it an access, port, which disables its ability to trunk. I have even put the ports into the different vlans and seen that it will only work for one VLAN at a time. So, I figured it had to be me just misunderstanding the wording of the question. That's why I posted it here to see if anyone could shed some light on it. They did a good job of confusing me. I'll go back and configure it to trunk so they can communicate and see if the simulator accepts that answer as correct. I appreciate you guys posts

billscott92787

Thanks for your help guys. I definitely just got tripped up on how the question was worded. I appreciate your help