Configuring vlans on Cisco SG200 series switch with Ubuntu server

networking cisco ubuntu-10.04 vlan

11,332

After my initial comments and Mike's suggestion (see above) I did a bit of fact checking. (I was going from memory.) We have several dozen of SG200 switches lying around here. They have been causing issues in the past.

We found the following:
- Upgrade the SG200 to the latest firmware.
- For any port on the switch that you need to have as Trunk: Set it to Access and then back to Trunk.
Even though the web-gui shows "Trunk" the port will initially (or after factory-default reset) be in "General".
This is an auto-negotiate mode that often only works properly if the other end of the connection is also a Cisco switch in "General" mode. The setting to Access and then back to Trunk will insure it is really working as Trunk.

Disabling spanning-tree (STP) on the port is in this case probably also a good idea as the server is certainly not going to participate in STP elections.

11,332

clemens utschig

Updated on September 18, 2022

Comments

clemens utschig over 1 year

I created a vlan on Ubuntu with vconfig tool with 21 as id and eth1 as the host port. I connected eth1 to one of the ports on the swtich (GE23) as all ports trunk by default. In the webgui I created a vlan named test with the id 21 and I made GE2 are port as an access port. In port to vlan mapping I selected vlan 21 and added it port GE2 by selecting untagged option. I have assigned 192.168.1.1/24 as the ip of eth1.21 on Ubuntu. If I connect another cleint pc to GE2 port with a ip of 192.168.1.2/24 I cannot ping the server ip (192.168.1.1/24). Ping from server to client also does not work. I inspected packets that are sent out eth1 on the server and I could see the vlan 21 tag. And I connect the other end of the cable to a different Linux pc and inspected the packets but no vlan tags can be seen. What could be preventing me from getting vlans working?

Edit 1 screenshots:
- Mike Pennington almost 12 years
  
  when you ping from the ubuntu to the PC, do you see the Ubuntu's ARP frames on GE2 with wireshark? Vlan access ports can't use a vlan tag
- clemens utschig almost 12 years
  
  No Ubuntu arp frames come out of GE2.
- Mike Pennington almost 12 years
  
  Then one of the ports is in the wrong vlan, or one port has no physical link.
- clemens utschig almost 12 years
  
  Eth1 from Ubuntu is connect to GE23 which is trunk by default. I plugged in my laptop to GE2 to ping the ip of eth1.21 interface on Ubuntu.
- Mike Pennington almost 12 years
  
  Could you enable tagging on port 2 and ping again from the Ubuntu? Check to see whether those tagged ARP frames show up on port 2.
- Tonny almost 12 years
  
  That default trunking on the switch is known to be problematic. It actually tries to negotiate whether to trunk or not and that usually only works properly if the other end also does negotiation. I would recommend to explicitly set GE23 to dot1q mode.
- Mike Pennington almost 12 years
  
  @Tonny, you should put that in an answer
- clemens utschig almost 12 years
  
  @Tony There is no option to set an interfaces to dot1q mode in the webgui. However the interface modes that are avaiable are: General, Access, Trunk, and Customer(Q-in-Q). By default trunk mode is selected for all interfaces.
- alex9183 almost 11 years
  
  If you upgrade to the latest firmware (1.3.0.62) you now get SSH and SNMP access on these switches. In my case, I had to set the "SmartPort" feature to Static and "Switch", to make it work with my ESXi hosts.
clemens utschig almost 12 years

I did everything you said but still no success.
Tonny almost 12 years

Are you sure the vlan 21 is not excluded on port GE23 ? Some switches require the vlan to be enabled on the port, even if it is a trunk. Your 2nd screenshot shows 21 as not-enabled on the other trunks. (But it doesn't show the status of GE23.)
clemens utschig almost 12 years

Yes. It worked now. Even if I'd posted a partial screenshot, still you were able to imagine my issue and suggest a solution. In the port to vlan mapping page I selected access port (GE2) as untagged and the trunk port (GE23) as "tagged" and everything started to work.
Tonny almost 12 years

:-) I had a similar situation myself a few weeks ago with HP ProCurve switches. They have similar behavior. If it hadn't been for that I probably wouldn't have thought about it either.