This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Switching & Routing
- ExtremeSwitching (EXOS/Switch Engine)
- Default VLAN disfunctional, DHCP not working on un...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Default VLAN disfunctional, DHCP not working on untagged ports
Default VLAN disfunctional, DHCP not working on untagged ports
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-17-2015 10:27 PM
I am sure that I have something configured wrong. This is my first Extreme switch. It is connected via a fiber connection to a trunked Cisco port (port 50 on my Extreme side).
For hosts with static IP addresses, everything works fine. But for my DHCP hosts, they are pulling VLAN 1 IP addresses regardless of the VLAN they are on. This is the native VLAN in my Cisco environment, and my Default vr on my Extreme switch. That is, 10.0.44.0/22. I thought that maybe I needed to do something like an "ip-helper" in the Cisco realm. Hence the bootprelay stuff in my config ... which does not appear to be working!
Also, I can no longer ssh to my switch (it used to work before I rebooted it?). And I cannot seem to ping out from the switch itself, so I am having to do all my changes through a console connection.
Help! 🙂
And now, my configuration ...
#
# Module devmgr configuration.
#
configure sys-recovery-level switch reset
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-54
configure vr VR-Default add ports 1-54
configure vlan default delete ports 1-48
create vlan "EduTrailerData"
configure vlan EduTrailerData tag 470
create vlan "EMC"
configure vlan EMC tag 200
create vlan "Imaging"
configure vlan Imaging tag 5
create vlan "MainHosp1fl"
configure vlan MainHosp1fl tag 10
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
configure ports 53 auto off speed 10000 duplex full
configure ports 54 auto off speed 10000 duplex full
configure vlan Default add ports 49-54 untagged
configure vlan EduTrailerData add ports 50 tagged
configure vlan EduTrailerData add ports 1-2, 4-9, 11-14, 17-48 untagged
configure vlan EMC add ports 10 untagged
configure vlan Imaging add ports 3 untagged
configure vlan MainHosp1fl add ports 50 tagged
configure vlan MainHosp1fl add ports 15-16 untagged
configure vlan Default ipaddress 10.0.45.3 255.255.252.0
enable ipforwarding vlan Default
#
# Module fdb configuration.
#
#
# Module rtmgr configuration.
#
configure iproute add default 10.0.45.1
#
# Module mcmgr configuration.
#
#
# Module aaa configuration.
#
configure account admin encrypted "**SNIP**"
#
# Module acl configuration.
#
#
# Module bfd configuration.
#
#
# Module ces configuration.
#
#
# Module cfgmgr configuration.
#
#
# Module dosprotect configuration.
#
#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#
#
# Module edp configuration.
#
#
# Module elrp configuration.
#
#
# Module ems configuration.
#
#
# Module epm configuration.
#
#
# Module erps configuration.
#
#
# Module esrp configuration.
#
#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
#
# Module exsshd configuration.
#
enable ssh2
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
#
# Module ipSecurity configuration.
#
#
# Module ipfix configuration.
#
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#
#
# Module msdp configuration.
#
#
# Module netLogin configuration.
#
#
# Module netTools configuration.
#
configure bootprelay add 10.60.60.10 vr VR-Default
configure bootprelay add 10.60.60.11 vr VR-Default
enable bootprelay ipv4 vlan EduTrailerData
#
# Module ntp configuration.
#
#
# Module poe configuration.
#
#
# Module rip configuration.
#
#
# Module r.png configuration.
#
#
# Module snmpMaster configuration.
#
configure snmpv3 add group "v1v2cNotifyGroup" user "v1v2cNotifyUser1" sec-model snmpv2c
configure snmpv3 add community "SNIP" name "SNIP" user "v1v2c_rw"
configure snmpv3 add community "v1v2cNotifyComm1" name "SNIP" user "v1v2cNotifyUser1"
configure snmpv3 add target-addr "v1v2cNotifyTAddr1" param "v1v2cNotifyParam1" ipaddress 10.60.60.150 transport-port 162 tag-list "defaultNotify"
0 transport-port 162 tag-list "defaultNotify"
configure snmpv3 add target-params "v1v2cNotifyParam1" user "v1v2cNotifyUser1" mp-model snmpv2c sec-model snmpv2c sec-level noauth
#
# Module stp configuration.
#
configure mstp region 000496989e7f
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default
#
# Module synce configuration.
#
#
# Module techSupport configuration.
#
debug tech-support configure max-collectors 2
configure tech-support collector 12.38.14.200 tcp-port 800 ssl off
#
# Module telnetd configuration.
#
disable telnet
#
# Module tftpd configuration.
#
#
# Module thttpd configuration.
#
enable web http
#
# Module vmt configuration.
#
#
# Module vsm configuration.
#
For hosts with static IP addresses, everything works fine. But for my DHCP hosts, they are pulling VLAN 1 IP addresses regardless of the VLAN they are on. This is the native VLAN in my Cisco environment, and my Default vr on my Extreme switch. That is, 10.0.44.0/22. I thought that maybe I needed to do something like an "ip-helper" in the Cisco realm. Hence the bootprelay stuff in my config ... which does not appear to be working!
Also, I can no longer ssh to my switch (it used to work before I rebooted it?). And I cannot seem to ping out from the switch itself, so I am having to do all my changes through a console connection.
Help! 🙂
And now, my configuration ...
#
# Module devmgr configuration.
#
configure sys-recovery-level switch reset
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-54
configure vr VR-Default add ports 1-54
configure vlan default delete ports 1-48
create vlan "EduTrailerData"
configure vlan EduTrailerData tag 470
create vlan "EMC"
configure vlan EMC tag 200
create vlan "Imaging"
configure vlan Imaging tag 5
create vlan "MainHosp1fl"
configure vlan MainHosp1fl tag 10
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
configure ports 53 auto off speed 10000 duplex full
configure ports 54 auto off speed 10000 duplex full
configure vlan Default add ports 49-54 untagged
configure vlan EduTrailerData add ports 50 tagged
configure vlan EduTrailerData add ports 1-2, 4-9, 11-14, 17-48 untagged
configure vlan EMC add ports 10 untagged
configure vlan Imaging add ports 3 untagged
configure vlan MainHosp1fl add ports 50 tagged
configure vlan MainHosp1fl add ports 15-16 untagged
configure vlan Default ipaddress 10.0.45.3 255.255.252.0
enable ipforwarding vlan Default
#
# Module fdb configuration.
#
#
# Module rtmgr configuration.
#
configure iproute add default 10.0.45.1
#
# Module mcmgr configuration.
#
#
# Module aaa configuration.
#
configure account admin encrypted "**SNIP**"
#
# Module acl configuration.
#
#
# Module bfd configuration.
#
#
# Module ces configuration.
#
#
# Module cfgmgr configuration.
#
#
# Module dosprotect configuration.
#
#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#
#
# Module edp configuration.
#
#
# Module elrp configuration.
#
#
# Module ems configuration.
#
#
# Module epm configuration.
#
#
# Module erps configuration.
#
#
# Module esrp configuration.
#
#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
#
# Module exsshd configuration.
#
enable ssh2
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
#
# Module ipSecurity configuration.
#
#
# Module ipfix configuration.
#
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#
#
# Module msdp configuration.
#
#
# Module netLogin configuration.
#
#
# Module netTools configuration.
#
configure bootprelay add 10.60.60.10 vr VR-Default
configure bootprelay add 10.60.60.11 vr VR-Default
enable bootprelay ipv4 vlan EduTrailerData
#
# Module ntp configuration.
#
#
# Module poe configuration.
#
#
# Module rip configuration.
#
#
# Module r.png configuration.
#
#
# Module snmpMaster configuration.
#
configure snmpv3 add group "v1v2cNotifyGroup" user "v1v2cNotifyUser1" sec-model snmpv2c
configure snmpv3 add community "SNIP" name "SNIP" user "v1v2c_rw"
configure snmpv3 add community "v1v2cNotifyComm1" name "SNIP" user "v1v2cNotifyUser1"
configure snmpv3 add target-addr "v1v2cNotifyTAddr1" param "v1v2cNotifyParam1" ipaddress 10.60.60.150 transport-port 162 tag-list "defaultNotify"
0 transport-port 162 tag-list "defaultNotify"
configure snmpv3 add target-params "v1v2cNotifyParam1" user "v1v2cNotifyUser1" mp-model snmpv2c sec-model snmpv2c sec-level noauth
#
# Module stp configuration.
#
configure mstp region 000496989e7f
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default
#
# Module synce configuration.
#
#
# Module techSupport configuration.
#
debug tech-support configure max-collectors 2
configure tech-support collector 12.38.14.200 tcp-port 800 ssl off
#
# Module telnetd configuration.
#
disable telnet
#
# Module tftpd configuration.
#
#
# Module thttpd configuration.
#
enable web http
#
# Module vmt configuration.
#
#
# Module vsm configuration.
#
15 REPLIES 15
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-27-2015 09:03 PM
I was able to get this up and running this past week. I was actually facing two issues that was keeping my configuration from working.
#1 - It seemed like just when I was about done configuring the extreme switch, my entire network would hit the wall. I figured this had to have something to do with my default VLAN and it seemed like I had a loop somewhere. Turns out that when I hastily removed my dying Cisco switch and connected the Extreme switch, I had patched in a copper connection that was setup as a trunk port. This was in addition to the fiber connection that I was using as a trunk port. Oops! The copper connection was a precursor to the fiber run and should have never been reconnected.
#2 - I don't think that my Cisco side was setup properly. I had a hard time finding a good example of what my Cisco port should look like that was connected to my Extreme switch. You know, the whole "trunk port" versus "tagged port" thing.
Here is what my Cisco side port currently looks like:
interface GigabitEthernet10/14
description EDUCATION TRAILER EXTREME NETWORKS SWITCH
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,470,475
switchport mode trunk
no ip address
spanning-tree bpdufilter enable
spanning-tree link-type point-to-point
!
Note that I thought I would need "allowed VLAN 1" in addition to the others, but that proved to be a mistake.
Also, related but unrelated --- once I had taken care of these two problems, DHCP worked just like it was supposed to with setting up VLAN's 10 and 270 as untagged, but then tagged on port 50 (my fiber uplink port). And then I also fooled around with using a voice VLAN. With my Cisco switch, I can add a "voice vlan" to a port in the config, and my Cisco phone will automatically jump on it. With the Extreme switch, I needed to add port 475 as TAGGED on an untagged 470 port. And then, I needed to go onto the Cisco phone and set the Admin VLAN port setting to 475.
Here is my final Extreme config for the curious ...
#
# Module devmgr configuration.
#
configure sys-recovery-level switch reset
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-54
configure vr VR-Default add ports 1-54
configure vlan default delete ports 1-46, 48
create vlan "MainHosp1FL"
configure vlan MainHosp1FL tag 10
create vlan "TrailerData"
configure vlan TrailerData tag 470
create vlan "TrailerVoice"
configure vlan TrailerVoice tag 475
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
configure ports 53 auto off speed 10000 duplex full
configure ports 54 auto off speed 10000 duplex full
configure vlan Default add ports 47, 49-54 untagged
configure vlan MainHosp1FL add ports 50 tagged
configure vlan MainHosp1FL add ports 15 untagged
configure vlan TrailerData add ports 50 tagged
configure vlan TrailerData add ports 1-14, 16-46, 48 untagged
configure vlan TrailerVoice add ports 1-14, 16-46, 48, 50 tagged
configure vlan Default ipaddress 10.0.45.3 255.255.252.0
#
# Module fdb configuration.
#
#
# Module rtmgr configuration.
#
configure iproute add default 10.0.45.1
#
# Module mcmgr configuration.
#
#
# Module aaa configuration.
#
configure account admin encrypted "SNIP"
#
# Module acl configuration.
#
#
# Module bfd configuration.
#
#
# Module ces configuration.
#
#
# Module cfgmgr configuration.
#
#
# Module dosprotect configuration.
#
#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#
#
# Module edp configuration.
#
#
# Module elrp configuration.
#
#
# Module ems configuration.
#
#
# Module epm configuration.
#
#
# Module erps configuration.
#
#
# Module esrp configuration.
#
#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
#
# Module exsshd configuration.
#
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
#
# Module ipSecurity configuration.
#
#
# Module ipfix configuration.
#
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#
#
# Module msdp configuration.
#
#
# Module netLogin configuration.
#
#
# Module netTools configuration.
#
#
# Module ntp configuration.
#
#
# Module poe configuration.
#
#
# Module rip configuration.
#
#
# Module r.png configuration.
#
#
# Module snmpMaster configuration.
#
SNIP
#
# Module stp configuration.
#
configure mstp region 000496989e7f
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default
#
# Module synce configuration.
#
#
# Module techSupport configuration.
#
debug tech-support configure max-collectors 2
#
# Module telnetd configuration.
#
#
# Module tftpd configuration.
#
#
# Module thttpd configuration.
#
#
# Module vmt configuration.
#
#
# Module vsm configuration.
#
#1 - It seemed like just when I was about done configuring the extreme switch, my entire network would hit the wall. I figured this had to have something to do with my default VLAN and it seemed like I had a loop somewhere. Turns out that when I hastily removed my dying Cisco switch and connected the Extreme switch, I had patched in a copper connection that was setup as a trunk port. This was in addition to the fiber connection that I was using as a trunk port. Oops! The copper connection was a precursor to the fiber run and should have never been reconnected.
#2 - I don't think that my Cisco side was setup properly. I had a hard time finding a good example of what my Cisco port should look like that was connected to my Extreme switch. You know, the whole "trunk port" versus "tagged port" thing.
Here is what my Cisco side port currently looks like:
interface GigabitEthernet10/14
description EDUCATION TRAILER EXTREME NETWORKS SWITCH
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,470,475
switchport mode trunk
no ip address
spanning-tree bpdufilter enable
spanning-tree link-type point-to-point
!
Note that I thought I would need "allowed VLAN 1" in addition to the others, but that proved to be a mistake.
Also, related but unrelated --- once I had taken care of these two problems, DHCP worked just like it was supposed to with setting up VLAN's 10 and 270 as untagged, but then tagged on port 50 (my fiber uplink port). And then I also fooled around with using a voice VLAN. With my Cisco switch, I can add a "voice vlan" to a port in the config, and my Cisco phone will automatically jump on it. With the Extreme switch, I needed to add port 475 as TAGGED on an untagged 470 port. And then, I needed to go onto the Cisco phone and set the Admin VLAN port setting to 475.
Here is my final Extreme config for the curious ...
#
# Module devmgr configuration.
#
configure sys-recovery-level switch reset
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-54
configure vr VR-Default add ports 1-54
configure vlan default delete ports 1-46, 48
create vlan "MainHosp1FL"
configure vlan MainHosp1FL tag 10
create vlan "TrailerData"
configure vlan TrailerData tag 470
create vlan "TrailerVoice"
configure vlan TrailerVoice tag 475
configure ports 49 auto off speed 10000 duplex full
configure ports 50 auto off speed 10000 duplex full
configure ports 51 auto off speed 10000 duplex full
configure ports 52 auto off speed 10000 duplex full
configure ports 53 auto off speed 10000 duplex full
configure ports 54 auto off speed 10000 duplex full
configure vlan Default add ports 47, 49-54 untagged
configure vlan MainHosp1FL add ports 50 tagged
configure vlan MainHosp1FL add ports 15 untagged
configure vlan TrailerData add ports 50 tagged
configure vlan TrailerData add ports 1-14, 16-46, 48 untagged
configure vlan TrailerVoice add ports 1-14, 16-46, 48, 50 tagged
configure vlan Default ipaddress 10.0.45.3 255.255.252.0
#
# Module fdb configuration.
#
#
# Module rtmgr configuration.
#
configure iproute add default 10.0.45.1
#
# Module mcmgr configuration.
#
#
# Module aaa configuration.
#
configure account admin encrypted "SNIP"
#
# Module acl configuration.
#
#
# Module bfd configuration.
#
#
# Module ces configuration.
#
#
# Module cfgmgr configuration.
#
#
# Module dosprotect configuration.
#
#
# Module dot1ag configuration.
#
#
# Module eaps configuration.
#
#
# Module edp configuration.
#
#
# Module elrp configuration.
#
#
# Module ems configuration.
#
#
# Module epm configuration.
#
#
# Module erps configuration.
#
#
# Module esrp configuration.
#
#
# Module ethoam configuration.
#
#
# Module etmon configuration.
#
#
# Module exsshd configuration.
#
#
# Module hal configuration.
#
#
# Module idMgr configuration.
#
#
# Module ipSecurity configuration.
#
#
# Module ipfix configuration.
#
#
# Module lldp configuration.
#
#
# Module mrp configuration.
#
#
# Module msdp configuration.
#
#
# Module netLogin configuration.
#
#
# Module netTools configuration.
#
#
# Module ntp configuration.
#
#
# Module poe configuration.
#
#
# Module rip configuration.
#
#
# Module r.png configuration.
#
#
# Module snmpMaster configuration.
#
SNIP
#
# Module stp configuration.
#
configure mstp region 000496989e7f
configure stpd s0 delete vlan default ports all
disable stpd s0 auto-bind vlan default
enable stpd s0 auto-bind vlan Default
#
# Module synce configuration.
#
#
# Module techSupport configuration.
#
debug tech-support configure max-collectors 2
#
# Module telnetd configuration.
#
#
# Module tftpd configuration.
#
#
# Module thttpd configuration.
#
#
# Module vmt configuration.
#
#
# Module vsm configuration.
#
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-27-2015 09:03 PM
Glad you were able to get it going. Thanks for coming back to confirm and to share your config!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-17-2015 11:44 PM
For the SSH issue, can you please collect the following output?
show management. Need to ensure that the key is valid.
show management. Need to ensure that the key is valid.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-17-2015 11:44 PM
I started over with an empty config this morning. And everything seemed to be going well until I started adding ports to my VLAN 470.
Poking around on the Cisco side, I caught these messages in the logs ...
*Sep 18 06:51:03.160 EDT: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet4/25, changed state to up*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on GigabitEthernet10/14 VLAN470.*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-BLOCK_PVID_PEER: Blocking GigabitEthernet10/14 on VLAN0001. Inconsistent peer vlan.*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-BLOCK_PVID_LOCAL: Blocking GigabitEthernet10/14 on VLAN0470. Inconsistent local vlan.
It doesn't appear that I still have this same issue now, as the Cisco side has done a timeout recovery on the port and the error has not reappeared. This may have been while I was still adding and removing ports to VLANs.
Poking around on the Cisco side, I caught these messages in the logs ...
*Sep 18 06:51:03.160 EDT: %LINEPROTO-SP-5-UPDOWN: Line protocol on Interface GigabitEthernet4/25, changed state to up*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-RECV_PVID_ERR: Received BPDU with inconsistent peer vlan id 1 on GigabitEthernet10/14 VLAN470.*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-BLOCK_PVID_PEER: Blocking GigabitEthernet10/14 on VLAN0001. Inconsistent peer vlan.*Sep 18 06:55:28.872 EDT: %SPANTREE-SP-2-BLOCK_PVID_LOCAL: Blocking GigabitEthernet10/14 on VLAN0470. Inconsistent local vlan.
It doesn't appear that I still have this same issue now, as the Cisco side has done a timeout recovery on the port and the error has not reappeared. This may have been while I was still adding and removing ports to VLANs.
