On 14/11/2011 9:32 PM, Arie Vayner (avayner) wrote:
Reuben,
On the ME3600X you cannot have the same VLAN used as an SVI for Layer 3
bridge-domain on a service-instance, and at the same time also applied
as a regular allowed VLAN on a trunk or as the VLAN of an access port.
Check that VLAN780 is not allowed anywhere on the system (trunks and
access ports), and it is only used as "bridge-domain" on a single
service-instance EFP.
That'll be it. VLAN 780 is not set on any access ports or used anywhere
else, but there are a few trunk ports on that switch and some others
which have no restrictions on which VLANs can pass (eg switch-switch
within the same POP and rack which are "trusted") such as:
interface GigabitEthernet0/23
description NETWORK - Link to sw2.qld Gi0/23
port-type nni
switchport mode trunk
mtu 1546
storm-control broadcast level 2.50 1.50
storm-control action trap
end
Hrm, it's going to be fun to retrospectively restrict trunk ports on
both ends all through the network to get around this. Maybe EVC's just
isn't going to work for me afterall.
Thanks for the help Arie. Much appreciated.
Reuben
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
