Hi Luis,
just to extend a little more:
basically the configuration posted by Simon should work. Some more
explanations. There are some important considerations:
- All VLANs you want to use need to exist on the switch. That’s why they need
to be created using the vlan 100-200 statement
- The “switchport trunk allowed vlan 100-200” configuration is not strictly
necessary, but you should configure it. If you omit it, all existent VLANs will
be allowed on the trunk. This configuration hence acts as a filter, basically.
-
- The native VLAN will not get tagged (and for obvious reasons, there can only
be one such VLAN). As it is not tagged, you do not need to put it in the
allowed VLAN list
From my findings so far, I would also recommend to use the management VLAN as
untagged VLAN and give CloudStack the VLAN ID of your public interface. It will
use the VLAN automatically, and it will tag the traffic automatically.
One more note about adding/removing VLANs to the allowed list:
If you configured
switchport trunk allowed vlan 100-200
before and want to add one more VLAN, please remember to use the “add” keyword:
switchport trunk allowed vlan add 65
If you omit the “add” keyword, all other VLANs configured so far will be
removed from the list instead.
If you run spanning tree, you might also want to configure “spanning-tree
portfast trunk” on the port to avoid spanning-tree to go through its usual
listening/learning states.
Regards
Daniel
--
Daniel Herrmann
Network Architect – Fraunhofer Private Cloud
CCIE #55056 (Routing and Switching)
Fraunhoferstraße 5, 64283 Darmstadt
Tel.: +49 6151 155346
Mail: daniel.herrm...@zv.fraunhofer.de
Am 14.08.17, 20:02 schrieb "Simon Weller" <swel...@ena.com.INVALID>:
Luis,
So Cisco don't use tagged/untagged. You build the vlan (or vlan range) and
then apply it to a trunk interface.
The 'native' keyword in the interface 'switchport trunk native' stanza
sets the default untagged vlan for that particular port.
Try something like this:
vlan 65
name public
vlan 100-200
name my-guest-vlans
exit
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 65
switchport trunk allowed vlan 100-200
exit
Now be really careful with the number of vlans you allocate if you're
running spanning tree, as spanning-tree will start to have problems with large
numbers of vlans.
With Cloudstack in advanced mode, we find that running the management
network as native is often a better design. You can then allocate a vlan for
public and just tell CloudStack what the vlan is and it will use it. You can
then just include that vlan in your vlan allowed statement: switchport trunk
allowed vlan 65,100-200
- Si
________________________________
From: Luis <lmartinez...@yahoo.com.INVALID>
Sent: Monday, August 14, 2017 12:42 PM
To: users@cloudstack.apache.org
Subject: CS VLAN configuration in a Cisco 3560 switch
Hi
I have a question, following the manual for an advance networking I am
trying to configure VLAN's in a Cisco 3560 but i am cofuse, is this all I need
Can somebody post a complete example base on their experience?
Thank you.
This is what I have
untagged VLAN 65 for public traffice
tagged VLAN traffic for ranges 600-1000
for tagged trafficeinterface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100-900
exit
