[PLUG] OT VLAN Setup between 2 Cisco switches

Sun Sep 6 16:39:35 UTC 2020

Mike,
I finally got the switches to give up the config files. Getting these
things from firmware 1.2 to 1.4.11 took 4 firmware  upgrades and
1 boot upgrade. Below is the url to the switch config files
*http://www.fileconvoy.com/dfl.php?id=g440c3055c46aeeae1000279093dea129f9edbcfc24
<http://www.fileconvoy.com/dfl.php?id=g440c3055c46aeeae1000279093dea129f9edbcfc24>*

On Sun, Aug 30, 2020 at 10:16 AM Chuck Hast <wchast at gmail.com> wrote:

> Well, I have been trying to get a backup file out of this so I can
> send it to you, but so far when I try to do http/https backup it
> fails the only thing is I get a network error, and if I look in the
> switch logs, it says it cannot find the file.
>
> I have a SG300-28 at home, it was never this cantankerous,
> I can do file backups and uploads to it with no issues whatsoever.
>
> They must have cut some major corners somewhere with these
> switches.
>
>
> On Sun, Aug 23, 2020 at 11:30 AM Chuck Hast <wchast at gmail.com> wrote:
>
>> Well, I went to pull the backed up config files out of both switches
>> and got a "network failure." I setup a tftp server on my
>> laptop and tried to go that way and got a "file not found" error.
>>
>> Appears that I have to upgrade to a later rev of the firmware/boot
>> file. Both switches are presently at Rev 1.2.9.44, which has no
>> ssh, and appears that it "likes" some old version of i.e. So perhaps
>> doing that upgrade will take care of these issues. Who knows.
>> Once I do the upgrades I will let you know what happens, if it still
>> does not want to pass the vlan 20 to switch 02 I will pull the
>> config file and send it. This rev level has NO CLI whatsoever,
>> but it is installed in one of the later revs, got to get to that.
>>
>>
>> On Mon, Aug 17, 2020 at 11:38 PM Chuck Hast <wchast at gmail.com> wrote:
>>
>>> Let me get you the config files, let us not break our heads on it
>>> until you can look at them. I know on the web screens I set up
>>> port 50 to have vlan 20 tagged on both ends. In my megre work
>>> in this area, it seems that I always did the same thing, the link
>>> carrying the camera VLAN went on a separate path to keep
>>> possible latence down due to competition for the link path.
>>>
>>> This is the same case the cameras are on VLAN 20, it is a
>>> total network island because the stinking cameras call home,
>>> and the best way to avoid it is just to put them on and island
>>> network. This is the first time I can recall having this issue. in
>>> the past I just tagged the two ends of the link and my video
>>> data went that direction. All the rest went with VLAN 1 on
>>> the other link.
>>>
>>> On Mon, Aug 17, 2020 at 4:15 AM Mike C. <mconnors1 at gmail.com> wrote:
>>>
>>>> >
>>>> > That is what I was thinking based on the other Cisco doc I read all I
>>>> need
>>>> > to do is set both of the two fibre links up as trunks and it should
>>>> work,
>>>> > but there is another one that also said the part about tagging. I
>>>> have VLAN
>>>> > 20 (the VLANS are 1, 10 and 20) on port 50 on both ends, I have also
>>>> removed
>>>> > it but still no joy.\
>>>>
>>>>
>>>> Just to be clear, with port based vlans, which is what you have, a port
>>>> can
>>>> only belong to 1 untagged vlan. So when you have a port set to untagged
>>>> w.
>>>> the pvid set, then that port will only be in the default / native vlan,
>>>> which is VLAN 1 on most network equipment vendors. This is often used as
>>>> the management vlan.
>>>>
>>>> However, you can only have 1 untagged vlan per port. Any other vlans you
>>>> want that port to handle must be tagged. Otherwise, all those packets
>>>> will
>>>> be treated as they're part of the default / native vlan.
>>>>
>>>> Which seems to be what you have configured. VLAN 1 untagged pvid on P49
>>>> and
>>>> VLAN 20 untagged pvid on P50 on both switches.
>>>>
>>>> And that makes me reconsider my earlier statement:
>>>>
>>>> Switch B
>>>> >
>>>> > 49 GE49 Enabled Disabled STP Root 20000 128 Forwarding
>>>> > 32768-f0:29:29:f5:43:bd 128-97 0 1
>>>> > 50 GE50 Enabled Disabled STP Alternate 20000 128 Discarding
>>>> > 32768-f0:29:29:f5:43:bd 128-98 0 0
>>>> > This one says discarding for port 50, so suspect that is the issue.
>>>> >
>>>>
>>>> Normally, the way this is designed and configured when there's multiple
>>>> uplinks is to create a LAG or MLT, a trunk group that carries all VLANs.
>>>> This provides more bandwidth and failover redundancy.
>>>>
>>>> But you haven't said anything about a LAG configuration and if you don't
>>>> have any traffic traversing P50, if memory serves until you take the
>>>> fibre
>>>> link down on P49. Is that correct?
>>>>
>>>> Therefore, if you want this to work you will have to tag vlan 10, 20 on
>>>> port 49 and port 50 and you will have only 1 active uplink over which
>>>> all
>>>> VLANs traverse.
>>>>
>>>> Then in the event of a failure of the active uplink, Spanning Tree will
>>>> reconfigure and use P50.
>>>>
>>>> Does that make sense at all? This is difficult to troubleshoot and
>>>> explain
>>>> over email without the configs.
>>>> _______________________________________________
>>>> PLUG: https://pdxlinux.org
>>>> PLUG mailing list
>>>> PLUG at pdxlinux.org
>>>> http://lists.pdxlinux.org/mailman/listinfo/plug
>>>>
>>>
>>>
>>> --
>>>
>>> Chuck Hast  -- KP4DJT --
>>> I can do all things through Christ which strengtheneth me.
>>> Ph 4:13 KJV
>>> Todo lo puedo en Cristo que me fortalece.
>>> Fil 4:13 RVR1960
>>>
>>>
>>
>> --
>>
>> Chuck Hast  -- KP4DJT --
>> I can do all things through Christ which strengtheneth me.
>> Ph 4:13 KJV
>> Todo lo puedo en Cristo que me fortalece.
>> Fil 4:13 RVR1960
>>
>>
>
> --
>
> Chuck Hast  -- KP4DJT --
> I can do all things through Christ which strengtheneth me.
> Ph 4:13 KJV
> Todo lo puedo en Cristo que me fortalece.
> Fil 4:13 RVR1960
>
>

-- 

Chuck Hast  -- KP4DJT --
I can do all things through Christ which strengtheneth me.
Ph 4:13 KJV
Todo lo puedo en Cristo que me fortalece.
Fil 4:13 RVR1960