Hi Kerry;
Jose,
I am assuming that you created the sub interfaces on your PF interface so
that it is working like a trunk interface.
I created sub interfaces eth0.2 and eth0.3 in my centos host for the vlans.
Inside the vmware image the pf interfaces are eth0 eth1 eth2.
I configured the switch on port 24 to be on trunk. Is there anything else to
do? I really dont know not quite linux expert.
Looking at your switch config, I am assuming that your PF server interface
is connected to FastEthernet 0/24
Yes thats right. My eth0 physical is directly on the switch port 24.
It looks like port 0/24 is missing these two commands
switchport trunk encapsulation dot1q
switchport trunk native vlan ? (which sub interface on your PF server is
not being tagged?)
In cisco 2950 it is for default that if a port is in trunk mode it is
already dot1q encapsulation. Thats why it doesnt appear in the config,
others cisco switches may appear but this model I am sure of that.
The switchport trunk native vlan I put like this but also doesnt appear in
config file. I think thats because trunk port for default it is already
present in all vlans:
switchport trunk native vlan all
I didnt understand the tagged sub interface on PF server...
I am attaching all files.
Thanks for your help.
Jose
----- Original Message -----
From: "Melcher, Kerry" <[email protected]>
To: <[email protected]>
Sent: Tuesday, January 18, 2011 9:08 PM
Subject: Re: [Packetfence-users] Vlan administrative down
problemciscoswitch2950
Jose,
I am assuming that you created the sub interfaces on your PF interface so
that it is working like a trunk interface.
Looking at your switch config, I am assuming that your PF server interface
is connected to FastEthernet 0/24
It looks like port 0/24 is missing these two commands
switchport trunk encapsulation dot1q
switchport trunk native vlan ? (which sub interface on your PF server is
not being tagged?)
Thank You,
Kerry Melcher
-----Original Message-----
From: José Carlos França Jr [mailto:[email protected]]
Sent: Tuesday, January 18, 2011 11:00 AM
To: [email protected]
Subject: Re: [Packetfence-users] Vlan administrative down problemciscoswitch
2950
You said that several people told me to look ate my trunk ports but I didnt
see anyone answering my question. Only you did. You are right...I never
provided my configuration and I am attaching now in a text file.
I am still having problems to the vlans to communicate. I put one port in
every vlan just to do the test that the zen pdf file is telling to do but I
was unable to have them communicating and I dont know why.
Thanks for your assistance and time.
Jose.
----- Original Message -----
From: "Olivier Bilodeau" <[email protected]>
To: <[email protected]>
Sent: Tuesday, January 18, 2011 3:31 PM
Subject: Re: [Packetfence-users] Vlan administrative down problem cisco
switch 2950
Hi José,
On 17/01/11 2:39 PM, José Carlos França Jr wrote:
But I still cant get my vlans to work...I cant communicate with them.
Several people tried to tell you to look at your trunk ports and you never
provided the config.
Since your problem is not closely related to PacketFence I would suggest
that you seek assistance in a Cisco or network support forum. You have more
chances of people willing to help you out on a network setup problem there
rather than here.
Try to get two devices on two different switches to communicate on the same
VLAN. Once you get there come back here with your PacketFence questions and
we will be more than happy to help you out from there.
Have a nice day!
--
Olivier Bilodeau
[email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse
inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks Learn about various
malware tactics and how to avoid them. Understand malware threats, the
impact they can have on your business, and how you can protect your company
and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand
malware threats, the impact they can have on your business, and how you
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[root@localhost ~]# cat /proc/net/vlan/eth0.2
eth0.2 VID: 2 REORDER_HDR: 1 dev->priv_flags: 81
total frames received 0
total bytes received 0
Broadcast/Multicast Rcvd 0
total frames transmitted 50
total bytes transmitted 7518
total headroom inc 0
total encap on xmit 50
Device: eth0
INGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
EGRESSS priority Mappings:
[root@localhost ~]#
[root@localhost ~]# cat /proc/net/vlan/eth0.3
eth0.3 VID: 3 REORDER_HDR: 1 dev->priv_flags: 81
total frames received 0
total bytes received 0
Broadcast/Multicast Rcvd 0
total frames transmitted 305
total bytes transmitted 19033
total headroom inc 0
total encap on xmit 305
Device: eth0
INGRESS priority mappings: 0:0 1:0 2:0 3:0 4:0 5:0 6:0 7:0
EGRESSS priority Mappings:
[root@localhost ~]#
Sw1Labredes#sh run
Building configuration...
Current configuration : 6702 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Sw1Labredes
!
enable secret 5 $1$GHrD$NJMttwX3V8gT/PO8IQyHy1
enable password labredestest
!
ip subnet-zero
!
vtp mode transparent
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
vlan 2
name Normal
!
vlan 3
name Registration
!
vlan 4
name Isolation
!
vlan 5
name MAC_Detection
!
interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0001
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0002
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 3
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0003
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 4
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0004
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0005
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0006
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0007
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0008
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0009
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0010
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0011
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0012
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0013
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0014
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0015
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0016
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0017
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0018
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0019
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0020
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0021
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0022
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 5
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0023
no cdp enable
spanning-tree portfast
!
interface FastEthernet0/24
switchport mode trunk
no cdp enable
ip dhcp snooping trust
!
interface Vlan1
ip address 192.168.67.6 255.255.255.0
no ip route-cache
!
ip http server
no cdp run
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps port-security
snmp-server enable traps port-security trap-rate 1
snmp-server host 192.168.67.10 version 2c public port-security
!
line con 0
exec-timeout 0 0
line vty 0 4
password labredes
login
line vty 5 15
password labredes
login
!
mac-address-table notification interval 0
mac-address-table notification
mac-address-table aging-time 3600
!
end
# nVidia Corporation MCP67 Ethernet
DEVICE=eth0.2
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.2.2
NETMASK=255.255.255.0
VLAN=yes
TYPE=Ethernet
PEERDNS=yes
GATEWAY=192.168.2.10
NETWORK=192.168.2.0
# nVidia Corporation MCP67 Ethernet
DEVICE=eth0.3
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.3.2
NETMASK=255.255.255.0
VLAN=yes
TYPE=Ethernet
PEERDNS=yes
GATEWAY=192.168.3.10
NETWORK=192.168.3.0
# nVidia Corporation MCP67 Ethernet
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:1B:24:98:02:29
ONBOOT=yes
TYPE=Ethernet
NETMASK=255.255.255.0
IPADDR=192.168.67.2
GATEWAY=192.168.67.1
USERCTL=no
IPV6INIT=no
PEERDNS=yes
search Runio
search localdomain
nameserver 192.168.67.1
nameserver 200.175.182.139
nameserver 200.175.5.139
Sw1Labredes#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/24
2 Normal active Fa0/2
3 Registration active Fa0/3
4 Isolation active Fa0/4
5 MAC_Detection active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.67.255
IPADDR=192.168.67.10
NETMASK=255.255.255.0
NETWORK=192.168.67.0
ONBOOT=yes
TYPE=Ethernet
GATEWAY=192.168.67.1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.2.10
NETMASK=255.255.255.0
GATEWAY=192.168.2.10
NETWORK=192.168.2.0
DEVICE=eth2
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.3.10
NETMASK=255.255.255.0
GATEWAY=192.168.3.10
NETWORK=192.168.3.0
------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand
malware threats, the impact they can have on your business, and how you
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
