Subscribe

Cannot Communicate when VLAN is enable

Hello,

I'm using a Fas2020 ( SIngle Controlller )and would like to implement a VLAN strategy on top of a Vif interface (e0a and e0b).

Ive been using https://now.netapp.com/Knowledgebase/solutionarea.asp?id=kb46272. I only need VLAN Id 200 and 1000 in my case , so I use "vlan create VI1 200 1000" to create Vlan. I did ifconfig command as well and I can check that everything looks good when using ifconfig, vlan, of vif command.

Problem : I'm not able to ping any servers, routers or anything in my Vlan subnet. ( I can just ping myself).

I 'm using a Ciscso switch 3560 G with the follwing configuration :

MYSWITCH#sho run int gi0/14

Building configuration...

Current configuration : 191 bytes

!

interface GigabitEthernet0/14

switchport trunk encapsulation dot1q

switchport trunk native vlan 200

switchport trunk allowed vlan 200

switchport mode trunk

spanning-tree portfast

end

does anyone have any idea ?

( as test purpose, I've tried to setup VLAN directly on e0a (no VIF) and the result is the same..)

Thanks a lot

ROmain

Re: Cannot Communicate when VLAN is enable

Hello,

I'm about to setup the same thing... I have a FAS2020 with only 2 NICs and want to have 2 VLANs talking to the filer with max throughput. I'm still trying to figure out just how exactly to set this up and would like to know for sure before I make changes to my filer which is in production mode. I see that you are using the same link for instructions that I've found. Have you gotten this to work yet? if so can you please tell me how? if not then let's hope someone can answer your question here.

thanks

Re: Cannot Communicate when VLAN is enable

Your Cisco config is wrong.

in fact if in cisco you config native vlan 200 when your fas send ethernet with vlan 200 tap the cisco drop it because for him ethernet packet should not have tag

and second the switchport trunk allowed vlan 200 allowe only ethernet packet with vlan 200 to bee authorized in this switchport.

So you should remove switchport trunk native vlan 200 with the command

no switchport trunk native vlan 200

and you should allowed vlan 1000 with command

switchport trunk allowed vlan add 1000

your result should bee like this:

MYSWITCH#sho run int gi0/14

Building configuration...

Current configuration : 191 bytes

!

interface GigabitEthernet0/14

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 200, 1000

switchport mode trunk

spanning-tree portfast

end

also verify that vlan 1000 is create in the cisco config "sh vlan" and normaly if you use a trunck port you can have the

spanning-tree portfast command (anyway it is inactive in trunck mode)

Re: Cannot Communicate when VLAN is enable

Hi,

Here's my last config which is working now .

I 've just changed ( my network colleague)  the VLAN we should NOW use  999  and 1000.

I've also read a couple of articles saying using VLAN ID 1 was not a good idea ( you can see a 200 in place of it)...

So here is config :

NETAPP SIDE :

vif create vif1 e0a e0b

vlan create vif1 999 1000

ifconfig vif1-999 192.168.250.1 netmask 255.255.255.0

ifconfig vif1-1000 192.168.252.1 netmask 255.255.255.0



CISCO SWITCH PORT SIDE :

interface GigabitEthernet0/15

description TO1-E0B

switchport access vlan 1000

switchport trunk encapsulation dot1q

switchport trunk native vlan 200

switchport trunk allowed vlan 999,1000

switchport mode trunk

speed 1000

channel-group 4 mode active

spanning-tree portfast

end

Cheers

Romain



Re: Cannot Communicate when VLAN is enable

I am definitely not a network expert. But since you are using a trunk don't you need to set spanning-tree to "portfast trunk"?

The cisco documentation trunk is needed when the interface is in a trunk: "Enables PortFast on the interface even while in the trunk mode".