VLAN Trunking between 6248 and 2848

Hi AviatorChris,

I appreciate the help. I got so far as to create the above config that was working on the L3 switch only with a DHCP server etc.

Thought I understood what needs to happen, but there could be something basic that I have completely not been getting.

I have followed the above instructions and got the stage above.

IP: 192.168.1.1
Subnet: 255.255.255.0
Gateway: 0.0.0.0

For this one I have used the switch which I have upgraded to the latest 3.2.0.7 firmware.

 Just a laptop exactly how you have recommended.

Hi Randy,

Very happy to hear you've arrived at this milestone!!

Now lets get some VLAN's going!!

• Open a web browser on the laptop and navigate to http://192.168.1.1 (the VLAN1 / Native VLAN IP for this Switch as configured in the wizard).
• Log-In to the Admin account as set in the Wizard.
• ... you are now greeted with the image of the switch port diagram as usual.

Now... navigate to: -

Switching > VLAN > VLAN Membership

Create your VLAN's as required but don't mark any ports as Tagged / Untagged just yet.

Ok... now assuming you have VLAN 100 - I will use this as the "Demonstration" VLAN ID.

Select VLAN100 from the list of VLAN's that you have just created and the tagged/untagged ports for this VLAN should be shown.

Place a "T" / Tag on the port that will link to your 2848 switch - I assume it will be XG1 as it uses Fibre? Apply these settings.

Now navigate to: - Switching > VLAN > Port Settings...

Select Port XG1 to bring up the Port Configuration. Set the Port VLAN Mode to "TRUNK".

- Please note, that this port is now the carrier for all VLAN information to other switches. I presume you know all about VLAN Trunks and how they work so I won't tell you how to suck eggs. If not, I can forward some useful information.

Now navigate to: - Routing > IP > Interface Configuration

Select VLAN100 and enter the IP Address and Subnet to act as the gateway for this VLAN. So all clients on this subnet will use this address as their Gateway.

For Example: -

192.168.100.254 / 255.255.255.0

I will pause at this point just to let you get to this stage... :emotion-1: Plus I need a coffee!!

Hi Randy,

Glad to hear its all up to date and configured. Sorry about the ordering, just looking around a live switch to help you out so can't really re-configure anything during work hours! 8o)

Sounds like your making progress though! I find its always a single option or selection that gets me, I miss it and the whole configuration doesn't work.

Ok lets continue...

Navigate to: Routing > RIP > Interface Configuration

Ensure that VLAN10 and VLAN20 have...

• RIP V2 ("RIP2") set in the Send Version.
• The Receive Drop-Down box is set to "BOTH".
• RIP Admin Mode is set to Enable
• That you see the IP Address of the VLAN (VLAN10 - 192.168.10.1 / VLAN20 - 192.168.20.1) in the Line marked "IP ADDRESS".

Ok - now you have RIP setup, you have some Inter-VLAN Routing configured.

Confirm this by navigating to: Routing > RIP > Interface Summary

Then navigate to: Routing > VLAN Routing > Summary

================= CONFIGURING THE 2848 =================

Ah... the joys of being on a different switch! Luckily I have a 6248 and I have a 2748 so at least I am close Menu-Wise with your task!!

Reset the 2848 Switch to Factory Defaults

Configure your Laptop NIC to talk to the Factory Default address.

Log In to the Default Address (192.168.1.2?) and set the IP Address to a VLAN1 address of your choice. I.e. 192.168.0.10 (assuming that VLAN1 on your 6248 is in the 192.168.0.X range?) and 255.255.255.0 Subnet Mask.

Set the Gateway of the Switch to the IP of the 6248 Switch VLAN1 IP Interface Address (192.168.0.1?).

Reboot the Switch to allow the new IP Address settings to Apply! Re-Configure your Laptop NIC to talk to the VLAN1 addresses again.

Plug back into the switch and open a browser to the VLAN1 address of the 2848 (192.168.0.10 in my demo above).

Ok so now your switch is on VLAN1, with the same IP Address Range as your 6248 VLAN1!

Navigate to: >VLAN Membership

Create VLAN 10 and VLAN 20, tagging only the port that will connect via copper to the 6248!

Remember - ports that are part of the VLAN, but not connected to VLAN-Aware devices (Workstations, Laptops, Printers), should be marked as Un-Tagged (U). This ensures the Tag is stripped from the Packet on Egress, so that the receiving device doesn't drop the packet because of a large MTU etc.

Now - connect a known good patch lead (preferably Cat6) between the Trunk Port on the 6248 and the Tagged Port on the 2848. Ensure you have comms across the switch-fabric by pinging the 6248 switch VLAN1 address (192.168.0.1?) from the laptop, via the 2848 Switch.

If you receive a positive 100% reading on ping, we can continue.

Cheers.

Chris,

Thanks again for the excellent instructions.

I have followed them exactly right down to the last word.

The Layer 2848 has an address of 192.168.1.2 as the VLAN 1 interface address is 192.168.1.1 on the 6248.

The switch default gateway on the 2848 is 192.168.1.1 as was your instructions, it matches the vlan1 interface address on the 2848.

The vlan rip settings have been configured on the 6248 as above in the Web interface. Port 3 is still the trunk on the 6248 with port 2 on the 2848 set as the trunk port.

The 2848 has VLAN 10 and 20 setup. Trunk on port 2 for both with port 3,4,5,6 set as U on VLAN10. 7,8,9,10 set as U on VLAN20.

Between the switches I used a cat5 Cable that was strait through, good cable that has been working on another device.

I have also tested this with a Brand new crossover cable which has been tested as working.

I can get to 192.168.1.1 interface in the 6248 only on the 6248 switch.

I can get to 192.168.1.2 management interface for the 2848 on the 2848.

When I plug a cable into the 2848 from the laptop,

NIC Settings are

IP address 192.168.1.33
Subnet 255.255.255.0
Default gateway 192.168.1.1

I cannot connect to or ping 192.168.1.1 on the 6248.

I have also tried this with the default gateway on the laptop not set at all. ( just blank)

Have you ever seen this happen before or have any idea what could be causing it?

Bear in mind I have stuck to all your instructions on these 2 switches the 6248 and 2848.

Previously though I had tried this on 2 different 2848's and 2 different 6248's as well as using different versions of  firmware.

Odds could be that 2 6248 switches I have are faulty or, Something else is going wrong here, I have definately gone over your settings and had a workmate double check the settings with me as he is as puzzled as myself.

 Thank you very much for your help so far Chris.

Regards,

Randy

Hi Randy,

I have your network drawn out on my notepad now - that means its gone postal haha! :emotion-2:

Your laptop with that IP address, should be plugged into a Port that is a member of the native VLAN, so in this case Port 1.

When you plug into Port 1 you should be able to reach all the VLAN1 devices?

When you plug into a VLAN1 port on the 6248 - can you ping the gateways for VLAN10 and VLAN20?

==================

Another thing to try in case a security feature is locking VLAN Routing on VLAN1 (this was developed over time as a way of stopping hackers traversing the native VLAN and bypassing access controls), is to plug into a VLAN10 port.

(1) With your laptop still in the VLAN1 address range, log on to the management of the 2848.

(2) Navigate to: >VLAN Interface Settings

(3) Select Port G3 from the drop-down list and choose a PVID of 10.

(4) Set your laptop to an IP in the VLAN10 address range and VLAN10 Gateway Address on the 6248.

(5) Plug the laptop into Port 3 on the 2848 - can you ping the VLAN10 gateway on the 6248?

If this is the case - a firmware version must indicate that Dell have locked VLAN1 from passing across the Trunk. As highlighted, they did this to add security.

The only way to bypass this security feature, is to change the port configuration of the Trunk Ports (Port 2 on both switches as you state) to General Mode, in which VLAN1 is allowed to cross this path to the next switch.

Its Friday 13th - suffice to say I am not pushing my luck and haven't booked any flying lessons this weekend! Going to be one heck of a September though - 6 lessons in 3 days!

All the best.

Chris

UK Crazy Networking Individual!

Hi Chris,

Thanks once again.

I plug my laptop into a VLAN on port 1 on the 6248 and I cannot ping the default gateways of VLAN 10 or VLAN 20. 192.168.10.1 192.168.20.1.

I can however get to the management port on the switch and ping it. 192.168.1.1

I have changed the port PVID to 10 on the 2848 which was port 2 as the T.

Cannot ping back up the switch.

When I check the config of the 6248 switch it appears that the ports are set as access mode and routing does look as thought it is enabled on the VLANs.

Seems as well the ports cannot be set as Trunk ports in general mode either. ( I will give this a try by removing the trunk and setting the port to general if you think this will help?)

Sorry I do not want to move the settings to far off what you have suggested.

Here is what the L3 config looks like at the moment.

 I just cannot for the life of me figure this out. If the issue is the switches I am going to completely freak out.

Cool, What sort of plane are you learning to fly in? Do they use Cessnas for the lessons? That sounds like an awesome hobby to get into. 

Regards,
Randy

!Current Configuration:

!System Description "Powerconnect 6248, 3.2.0.7, VxWorks 6.5"

!System Software Version 3.2.0.7

!Cut-through mode is configured as disabled

!

configure

vlan database

vlan 10,20,30

vlan routing 10 1

vlan routing 20 2

exit

stack

member 1 2

exit

ip address 192.168.1.1 255.255.255.0

interface vlan 10

name "VLAN10"

routing

ip address 192.168.10.1 255.255.255.0

ip local-proxy-arp

exit

interface vlan 20

name "VLAN20"

routing

ip address 192.168.20.1 255.255.255.0

ip local-proxy-arp

exit

interface vlan 30

name "VLAN30"

exit

username "administrator" password 5f4dcc3b5aa765d61d8327deb882cf99 level 15 encrypted

!

interface ethernet 1/g3

switchport mode trunk

switchport trunk allowed vlan add 10,20

exit

!

interface ethernet 1/g4

switchport access vlan 10

exit

!

interface ethernet 1/g5

switchport access vlan 10

exit

!

interface ethernet 1/g6

switchport access vlan 10

exit

!

interface ethernet 1/g7

switchport access vlan 20

exit

!

interface ethernet 1/g8

switchport access vlan 20

exit

!

interface ethernet 1/g9

switchport access vlan 20

exit

exit

Randy,

Could you tell me if your initial configuration worked without RIP activated and the other VLAN routing features enabled and just with Spanning-Tree Protocol Disable in the 2848 switch?

Do you have the config files for both switches? I have a very similar scenario, I have a 6224 and 3348 switches in different floors, and using VLAN 1 along with others VLANS.

Thank you.

Adrian.

@randymarsh Randy, i have created this account in dell community only to thank your solution. I've been struggling with this problem for months. Thank you very much.