OK, thanks again for all your help.
I have resolved this, finally. The problem was that I configured VLAN 48 as the native VLAN on the trunk port.That was a mistake as apparently the native VLAN is the one where Cisco does not bother to tag packets.
For now I set the native VLAN to VLAN 1 and that works.
Cheers,
Boris.
On Sun, Jan 25, 2015 at 7:13 PM, Boris Epstein borepstein@gmail.com wrote:
And additionally here are the detailed port configs on the switch end:
hq>show interface Gi1/0/3 switchport Name: Gi1/0/3 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 48 (VLAN0048) Trunking Native Mode VLAN: 48 (VLAN0048) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL
Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none hq>show interface Gi1/0/3 trunk
Port Mode Encapsulation Status Native vlan Gi1/0/3 on 802.1q trunking 48
Port Vlans allowed on trunk Gi1/0/3 1-4094
Port Vlans allowed and active in management domain Gi1/0/3 1-3,7,48-50
Port Vlans in spanning tree forwarding state and not pruned Gi1/0/3 1-3,7,48-50 hq>
Boris.
On Sun, Jan 25, 2015 at 7:05 PM, Boris Epstein borepstein@gmail.com wrote:
Thank you everyone.
OK, the mystery deepens, I guess. The machine does need to support several VLAN's, it is currently on a trunkport (8021q encapsulated), it made it into the ARP table - which I specifically tested for by physically unplugging the table, clearing the ARP table and plugging it back in.
The ARP table currently looks like this:
hq#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 192.168.48.100 0 0025.6440.0301 ARPA Vlan48 Internet 192.168.48.101 - 001b.906a.bcc4 ARPA Vlan48 Internet 192.168.48.1 0 0025.6440.063f ARPA Vlan48 Internet 192.168.2.52 0 0025.6440.0547 ARPA Vlan2 Internet 192.168.3.1 - 001b.906a.bcc2 ARPA Vlan3 Internet 192.168.2.1 - 001b.906a.bcc1 ARPA Vlan2 Internet 192.168.7.1 - 001b.906a.bcc3 ARPA Vlan7 hq#
The network config on the machine currently looks like this: it has nothing assigned to eth0, eth0.48 = 192.168.48.100/24, eth0.49 = 192.168.49.100/24, eth0.50 = 192.168.50.100/24.
And - even though the ARP table seems to be OK - there is no connectivity!
Boris.
On Sun, Jan 25, 2015 at 11:42 AM, Les Mikesell lesmikesell@gmail.com wrote:
On Sun, Jan 25, 2015 at 8:38 AM, Andrew Holway andrew.holway@gmail.com wrote:
On 25 January 2015 at 15:12, Boris Epstein borepstein@gmail.com
wrote:
OK... but why does it need to be a trunk port?
Because a trunk port will "trunk" the vlan.
A VLAN is basically a 4 byte "tag" that gets injected into the packet header when the packet enters the VLAN network. When we trunk a VLAN
we say
to the switch "pass packets on VLAN x but do not strip the tag out".
You can either terminate the VLAN at the switch port (untagged) which
will
strip out the VLAN tag or you can pass the packet containing the VLAN
tag
to the computer or other device(tagged/trunk). This device can then
pull
out the tag. On linux this mechanism is done by an 8021q VLAN
interface.
Hope this is useful.
Just to add to that - normally if a host only needs to be on one subnet you would use an access port on the switch to select a single vlan and deliver those packets untagged so the host does not need to care about tags or vlan numbers. And to that end, switches default to treating everything as access ports on native/untagged vlan 0 unless configured otherwise. However, if the host needs interfaces on multiple subnets, you can do it on a single network connection by giving it a trunk connection from the switch and letting it split out the vlan interfaces internally.
-- Les Mikesell lesmikesell@gmail.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos