Hi guys,
Here is what I came up with based on what you all told me yesterday. Does
this look correct for routing both tagged and untagged VLANS (one of each
shown here) to the Linux host?
I really appreciate the pointers on this. Since the software isn¹t working
right on the Linux side and
On 06/04/2010 17:26, Security Team wrote:
interface Port-channel32
[...]
switchport nonegotiate
!
interface GigabitEthernet4/32
[...]
switchport nonegotiate
Are you sure you want to disable autonegotiation? Unless the other side
also configures this, the link will not come up.
Also, make
On 4/6/10 10:50 AM, Nick Hilliard n...@inex.ie wrote:
On 06/04/2010 17:26, Security Team wrote:
interface Port-channel32
[...]
switchport nonegotiate
!
interface GigabitEthernet4/32
[...]
switchport nonegotiate
Are you sure you want to disable autonegotiation? Unless the other
On 06/04/2010 18:02, Security Team wrote:
I do have the bonding LACP part actually working and moving Native VLAN IP
traffic. It's the simultaneous tagging/untagging part I'm worried about.
oh, that looks fine. Just make sure you have the vlans defined on your
switch, otherwise it won't work.
Hi,
switchport nonegotiate
!
interface GigabitEthernet4/32
[...]
switchport nonegotiate
Are you sure you want to disable autonegotiation? Unless the other side
also configures this, the link will not come up.
The other side is hard wired to GigE so it's OK in this case.
'switchport nonegotiate' is more tricksie than that - it stops the ends of
the link from negotiating whether they are trunk or access - ie it stops
a host from asking an access port to become a trunk...or a trunk
link from providing just an access layer. its a security mechanism
and isnt to
Hi,
On Tue, Apr 06, 2010 at 05:50:10PM +0100, Nick Hilliard wrote:
On 06/04/2010 17:26, Security Team wrote:
interface Port-channel32
[...]
switchport nonegotiate
!
interface GigabitEthernet4/32
[...]
switchport nonegotiate
Are you sure you want to disable autonegotiation?
On 6 Apr 2010, at 20:51, Gert Doering g...@greenie.muc.de wrote:
(You're thinking of speed nonegotiate and/or no speed auto or
something, depending on catalyst version and breed...)
Indeed yes. You're completely correct on both counts.
Nick
___
hi,
On Tue, Apr 06, 2010 at 09:51:54PM +0200, Gert Doering wrote:
Are you sure you want to disable autonegotiation? Unless the other side
also configures this, the link will not come up.
That's not link autonegotiation, that's VTP negotiation.
Mostly DTP, to be precise, as others have
On 06/04/2010 21:10, Gert Doering wrote:
But I seem to remember VTP is also in the mix...
All hail SXI which brought in the no vtp enable command!
That's if you aren't using vtp mode transparent already.
Nick
___
cisco-nsp mailing list
I haven't ever tried to make this work before so this is a new application.
I want to use VLAN tagging so that I can create VLANs with numbers like 999,
1000, 1001 and send those VLANs (in different non-overlapping subnets) all
to a Linux machine over a bonded LACP link.
Here's a config snippet
CJ,
We do something similar to this all the time in our HPC environment,
though not with LAGs. You don't need to set an access VLAN, and you do
need to set the portchannel to be in trunk mode - switchport mode trunk.
Here's a snippet from our config for one of our (non-LAG) ports:
It sounds like you intend for the 10.1.1.0/24 subnet to be UNtagged?
interface Vlan309
description Linux Host
ip address 10.1.1.1 255.255.255.0
!
interface Port-channel32
desc LACP bonded 3 GigE interfaces
switchport
switchport access vlan 309
With a tagging (trunk) interface,
On 05/04/2010 17:10, Security Team wrote:
I know that the LACP bonding works to the Linux bond0 interface, I think the
weak part here is the VLAN tagging I am using in the Catalyst.
.1q tagging works fine over link aggregates (port channels in Cisco speak,
bonded interfaces in linux). Just
On Mon, 5 Apr 2010, Security Team wrote:
interface Port-channel32
desc LACP bonded 3 GigE interfaces
switchport
switchport access vlan 309
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 309,999,1000,1001
AFAIK, switchport access vlan is only applicable when the port is an
Nick Hilliard:
Just avoid using tags 1002-1005, as Cisco
has
made claims to these particular vlans.
According to Cisco Press, the problem is bigger than just VLANs 1002-1005:
Numbers 1001 to 1024 are reserved by Cisco and cannot be configured.
Bonded interfaces aside (I haven't done it with bonded interfaces, so
I'm not sure)
You'll want to use the vconfig command in linux to create your vlan
sub-interfaces. Different distributions package it under different
names. I think it's vlan under debian.
Basic syntax will be something
-Original Message-
From: cisco-nsp-boun...@puck.nether.net
[mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of
christopher.mar...@usc-bt.com
Sent: Monday, April 05, 2010 11:53 AM
To: n...@inex.ie; ci...@peakpeak.com
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Question - VLAN tagging
On Mon, Apr 05, 2010 at 11:07:54AM -0700, Mack McBride wrote:
Vlans between 1005 and 1024 are used for routed links and other things in the
6500 platform.
Vlan 1005 to 1019 are used on SXH5.
This range can be larger if you are using a large number of routed links as
each routed port uses a
...@inex.ie; ci...@peakpeak.com
Kopi: cisco-nsp@puck.nether.net
Emne: Re: [c-nsp] Question - VLAN tagging Catalyst 6500 to Linux Host
Nick Hilliard:
Just avoid using tags 1002-1005, as Cisco
has
made claims to these particular vlans.
According to Cisco Press, the problem is bigger than just VLANs
20 matches
Mail list logo
