带有 VLAN 的端口在 Cisco 交换机上不起作用
Port with VLAN not working on Cisco switch
我在使用思科 SG550X-24 交换机时遇到问题。
交换机将 100U 显示为管理 VLAN 而不是操作 VLAN。我不确定这是为什么,插入这个端口不起作用。交换机正常,其他接口正常
附上配置页面的截图:
cisco vlan config
1 和 19 配置完全相同,端口 19 适用于 100U,但端口 1 不适用。
有什么想法吗?是否缺少禁用端口或 VLAN 的设置?
谢谢
config-file-header
CB-BR-Radon233
v2.5.5.47 / RTESLA2.5.5_930_364_286
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink te
unit-type unit 2 network gi uplink te
unit-type unit 3 network gi uplink te
unit-type unit 4 network gi uplink te
unit-type unit 5 network gi uplink te
unit-type unit 6 network gi uplink te
unit-type unit 7 network gi uplink te
unit-type unit 8 network gi uplink te
unit-type-control-end
!
port jumbo-frame
vlan database
vlan 2,69,100,201
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
link-flap prevention disable
no boot host auto-config
no boot host auto-update
bonjour interface range vlan 1
hostname IMS-CB-BR-Radon233
no passwords complexity enable
username root password encrypted 777f99c04f34de13899c397960ac60d7548cfeb4 privilege 15
username cisco password encrypted ffd1c8e37222f7a9f61aec3e1179e951695fdeba privilege 15
ip ssh server
snmp-server location CB-BR-Radon233
snmp-server contact
clock timezone J 0 minutes 0
!
interface vlan 1
ip address 192.168.1.233 255.255.255.0
no ip address dhcp
!
interface vlan 2
name Phone
!
interface vlan 69
name Dirty
!
interface vlan 100
name Admin
ip address 192.168.100.233 255.255.255.0
!
interface vlan 201
name Mocap
!
interface GigabitEthernet1/0/1
no switchport
switchport access vlan 100
switchport trunk native vlan 100
!
interface GigabitEthernet1/0/3
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/4
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 2
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/7
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/11
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 2
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/12
channel-group 1 mode auto
!
interface GigabitEthernet1/0/13
switchport mode trunk
switchport access vlan 100
switchport trunk allowed vlan none
!
interface GigabitEthernet1/0/19
switchport access vlan 100
switchport trunk native vlan 100
!
interface GigabitEthernet1/0/24
channel-group 1 mode auto
!
interface TenGigabitEthernet1/0/1
channel-group 2 mode auto
!
interface TenGigabitEthernet1/0/2
channel-group 2 mode auto
!
interface TenGigabitEthernet1/0/3
spanning-tree link-type point-to-point
switchport mode trunk
switchport trunk allowed vlan 1-2,69,100,201
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface Port-Channel1
description EthTrunk
spanning-tree link-type point-to-point
switchport mode trunk
switchport general allowed vlan add 2,69,100,201 tagged
switchport general allowed vlan add 1 untagged
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface Port-Channel2
description X1Trunk
switchport mode trunk
!
exit
假设您在连接到端口 1 和端口 19 时使用相同的设备和相同的以太网电缆,对吗?
您介意通过 SSH 连接到交换机并收集端口 1 和 19 的“show 运行”吗?
...好的,提供的配置:
这很奇怪,端口 1 配置为路由端口,但 vlan 设置仍然存在。
我的第一次尝试是:
(in the ssh shell)
conf t
interface GigabitEthernet1/0/1
switchport
end
应该修复 vlan 成员资格。
面向最终用户的界面的一个好的做法是添加:
conf t
interface GigabitEthernet1/0/1
spanning-tree portfast
spanning-tree bpduguard enable
end
我在使用思科 SG550X-24 交换机时遇到问题。
交换机将 100U 显示为管理 VLAN 而不是操作 VLAN。我不确定这是为什么,插入这个端口不起作用。交换机正常,其他接口正常
附上配置页面的截图:
cisco vlan config
1 和 19 配置完全相同,端口 19 适用于 100U,但端口 1 不适用。
有什么想法吗?是否缺少禁用端口或 VLAN 的设置?
谢谢
config-file-header
CB-BR-Radon233
v2.5.5.47 / RTESLA2.5.5_930_364_286
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink te
unit-type unit 2 network gi uplink te
unit-type unit 3 network gi uplink te
unit-type unit 4 network gi uplink te
unit-type unit 5 network gi uplink te
unit-type unit 6 network gi uplink te
unit-type unit 7 network gi uplink te
unit-type unit 8 network gi uplink te
unit-type-control-end
!
port jumbo-frame
vlan database
vlan 2,69,100,201
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
link-flap prevention disable
no boot host auto-config
no boot host auto-update
bonjour interface range vlan 1
hostname IMS-CB-BR-Radon233
no passwords complexity enable
username root password encrypted 777f99c04f34de13899c397960ac60d7548cfeb4 privilege 15
username cisco password encrypted ffd1c8e37222f7a9f61aec3e1179e951695fdeba privilege 15
ip ssh server
snmp-server location CB-BR-Radon233
snmp-server contact
clock timezone J 0 minutes 0
!
interface vlan 1
ip address 192.168.1.233 255.255.255.0
no ip address dhcp
!
interface vlan 2
name Phone
!
interface vlan 69
name Dirty
!
interface vlan 100
name Admin
ip address 192.168.100.233 255.255.255.0
!
interface vlan 201
name Mocap
!
interface GigabitEthernet1/0/1
no switchport
switchport access vlan 100
switchport trunk native vlan 100
!
interface GigabitEthernet1/0/3
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/4
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 2
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/7
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/11
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 2
switchport trunk allowed vlan 1
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!
interface GigabitEthernet1/0/12
channel-group 1 mode auto
!
interface GigabitEthernet1/0/13
switchport mode trunk
switchport access vlan 100
switchport trunk allowed vlan none
!
interface GigabitEthernet1/0/19
switchport access vlan 100
switchport trunk native vlan 100
!
interface GigabitEthernet1/0/24
channel-group 1 mode auto
!
interface TenGigabitEthernet1/0/1
channel-group 2 mode auto
!
interface TenGigabitEthernet1/0/2
channel-group 2 mode auto
!
interface TenGigabitEthernet1/0/3
spanning-tree link-type point-to-point
switchport mode trunk
switchport trunk allowed vlan 1-2,69,100,201
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface Port-Channel1
description EthTrunk
spanning-tree link-type point-to-point
switchport mode trunk
switchport general allowed vlan add 2,69,100,201 tagged
switchport general allowed vlan add 1 untagged
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface Port-Channel2
description X1Trunk
switchport mode trunk
!
exit
假设您在连接到端口 1 和端口 19 时使用相同的设备和相同的以太网电缆,对吗?
您介意通过 SSH 连接到交换机并收集端口 1 和 19 的“show 运行”吗?
...好的,提供的配置:
这很奇怪,端口 1 配置为路由端口,但 vlan 设置仍然存在。
我的第一次尝试是:
(in the ssh shell)
conf t
interface GigabitEthernet1/0/1
switchport
end
应该修复 vlan 成员资格。
面向最终用户的界面的一个好的做法是添加:
conf t
interface GigabitEthernet1/0/1
spanning-tree portfast
spanning-tree bpduguard enable
end