I've got a 2960 switch WS-C2960S-48LPS-L running IOS 12.2(25). It has an access point connected to it but
guests were unable to connect to one of the wireless networks the AP provides.
One of my techs looked into it and said that VLAN 12 was not
configured on the Catalyst 2960 ; VLAN 12 is the VLAN the guest wireless network
uses. He just did "vlan 12" at
a conf t prompt and it all woke up. He
didn't add any interfaces to VLAN 12. So
question 1 is this: VLAN 12 exists on the AP, and the switch port the AP is on
is configured to trunk. Why was it necessary
to create VLAN 12 on the switch? None of
the resources accessed by users of the guest wifi are on that switch, they just
need to use its backbone to our internet router, which is also configured to
trunk.
Now I can see VLAN 12 in there when I do a "sho
vlan", but I can't see the command that creates VLAN 12 in the running
config. So question 2 is, when the
switch reboots or whatever, how does it know to re-create VLAN 12? Is the info stored somewhere other than the
running-config?
Asking because I can envision a time when the switch dies
and we go to swap in a replacement by throwing a copy of the old config on it,
then sit around scratching our heads because "everything should be
identical" when really the VLAN is not being created.
The answer:
The actual vlan info is kept in a file called vlan.dat .
Depending on the device this is normally in nvram.
What is kept in the startup-config file related to VLAN's
are the layer 3 definitions for the svi if you have any.
There can be two
parts of a VLAN definition. The VLAN
itself, which is what is in the vlan.dat file I referenced early. This allows the vlan to exist as a layer 2
resource.
Then there is the svi, which is the virtual interface which
is required if you want that vlan to exist at the layer 3 level. A layer 3 interface for the vlan is not
always required.
In a well-designed network you would push the Layer 3
outward and never have a lot of switches with the same vlans. So VTP is a tool
to manage a badly-designed network. Even when I've had to push vlans to a
number of switches, I prefer to manage it manually- because when VTP isn't used
correctly (i.e. the default "server" mode is left in place on all
switches), removing a vlan on one switch removes it everywhere!
And yes, you have to add the vlans to the switch, but that
had to be done anyway. Setting VTP to transparent means that the vlan
configuration is stored as part of the regular config where it can easily be
recreated on a replacement switch.
More about the Cisco 2960 FAQ, please visit:http://ciscoswichfaq.weebly.com/ |
没有评论:
发表评论