With my new 3750X switch looking like it should be doing as intended, it’s time to connect the virtual to the physical and get it talking to the UNetLab topology.
I must admit, I haven’t tried to do this before, so it should be interesting. I did connect pnet0 to a Windows host to grab something before, but this needs to be completely isolated from the rest of the home network, otherwise the Wife will get upset that she can only browse to www.good.com, and not buy shoes.
The basic configuration in UNL is to connect a Pnet interface to a device (like SW3). I am using PNet1 as this is linked to Eth1:
Creating this “3750x” network is just a case of creating a new network, but setting it to be a pnet, instead of a bridge.
As you can see, UNetLab can see two NICs:
[email protected]:~# ifconfig -a | grep ^eth eth0 Link encap:Ethernet HWaddr 00:50:56:80:2a:6e eth1 Link encap:Ethernet HWaddr 00:50:56:80:a2:db [email protected]:~#
Inside ESXi things look like this:
We have a vSwitch created, and this includes one of the NICs from the Quad-port NIC card in the ESXi server:
We must accept promiscuous mode, otherwise, things won’t work properly:
UNL has this network connected.
Unsurprisingly things did not just magically work straight away.
So a quick reboot later, and once SW3 is fired up, we can start to see some errors, and these are the kind of errors you want, as it shows everything is working, and that the virtual switch is talking to the physical switch:
%SYS-5-RESTART: System restarted -- Cisco IOS Software, vios_l2 Software (vios_l2-ADVENTERPRISEK9-M), Version 15.2(CML_NIGHTLY_20150414)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, synced to DSGS_PI5_POSTCOLLAPSE_TEAM_TRACK_CLONE Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2015 by Cisco Systems, Inc. Compiled Wed 15-Apr-15 00:42 by mmen %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on GigabitEthernet0/0 (not full duplex), with 3750X GigabitEthernet3/0/1 (full duplex). SW3>en SW3#conf t Enter configuration commands, one per line. End with CNTL/Z. SW3(config)#int g0/0 SW3(config-if)#duplex full Autoneg enabled. Duplex cannot be set %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on GigabitEthernet0/0 (not full duplex), with 3750X GigabitEthernet3/0/1 (full duplex). %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on GigabitEthernet0/0 (not full duplex), with 3750X GigabitEthernet3/0/1 (full duplex). SW3(config-if)#no neg auto SW3(config-if)#duplex full SW3(config-if)#do sh cdp neigh | b Device Device ID Local Intrfce Holdtme Capability Platform Port ID SW4 Gig 0/3 170 R S I Gig 0/3 SW1 Gig 0/1 151 R S I Gig 0/3 SW2 Gig 0/2 147 R S I Gig 0/3 3750X Gig 0/0 130 S I WS-C3750X Gig 3/0/1 Total cdp entries displayed : 4 SW3(config-if)#
Nice! So, let’s add in some VTP, so that the 3750X gets all the VLAN goodness, and then plug in the IP Phone!
SW1(config)#vtp dom 802101 Changing VTP domain name from NULL to 802101 SW1(config)#vtp mo serv %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to 802101. Device mode already VTP Server for VLANS. SW1(config)#vtp ver 2 SW1(config)#vtp pass 802101 Setting device VTP password to 802101 SW1(config)#
The other devices are set up in client mode, using the same settings as above for the domain and password. However, we need to push some data across to the switch, and as I don’t want to keep having to find the laptop that I use for console access to the switch, it would make sense to create a VLAN for switch management:
SW1(config)#vlan 11 SW1(config-vlan)#name Switch-MGMT SW1(config-vlan)#exi SW1(config)#
This gets to the other switches:
SW2(config)#do sh vlan br VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/0, Gi1/0 4 Management active Gi1/1, Gi1/2, Gi1/3 7 DMZ active 9 Phones active 11 Switch-MGMT active 20 Users-1 active 21 Users-2 active 55 Failover active 99 Data-Phone active 1002 fddi-default act/unsup 1003 trcrf-default act/unsup 1004 fddinet-default act/unsup 1005 trbrf-default act/unsup SW2(config)#
But so far, not to the 3750X. It just has the VLANs I manually created for something else.
VTP/DTP is working, and I can see the messages in Wireshark:
I even switched to VTP version 3, and made SW3 the primary server. But the physical 3750X switch did not get the VLANs from the virtual switch environment.
So, where is the issue? Let’s expand it out a little, and either rule it down to or rule out an issue with my VTP configuration, by adding a phone into the mix.
Connecting a physical IP Phone to UNetLab
It’s a simple config:
int gi 3/0/3 switchport voice vlan 9 switchport mode access switchport access vlan 21
I switched the 3750X to transparent mode for a moment, so that I could add the VLANs needed. But still, there was no joy.
I used the command “sdm prefer vlan”, and did a reboot. Once everything came back up again, I could see the VLANs had been added through VTP, however, communicating with devices was a little unwilling.
So I messed around for a bit trying a bit of this and a bit of that, then I decided to ping Andrea a message and ask for help. He was busy, but I got a couple of minutes with him before he had to dash off to another meeting. He told me to try looking for “vmware switch trunk portgroup”, which lead me to this document: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004074.
Seems like I was pretty close with my first attempt, but needed to add the following settings:
I even rebooted the switch again… and when it came back up, OSPF formed an adjacency, and the phone has a DHCP address:
SW3(config)#router ospf 1 SW3(config-router)#router-id 184.108.40.206 SW3(config-router)#network 0.0.0.0 0.0.0.0 a 0 SW3(config-router)# %OSPF-5-ADJCHG: Process 1, Nbr 220.127.116.11 on Vlan4 from LOADING to FULL, Loading Done %OSPF-5-ADJCHG: Process 1, Nbr 18.104.22.168 on Vlan11 from LOADING to FULL, Loading Done SW3(config-router)#
Rather than posting a blurry photo of the phone’s screen, I’ll show you the successful DHCP lease for the phone:
So, I do not have a £899 paperweight, I have a working physical switch connected to my IOSv layer-2 switch. It is isolated from my home network, and once the Cisco AP gets delivered I should be able to play around with that.
Just one more bit of proof that it is working, here is the DHCP reservation for my MacBook, which was connected to the phone’s PC port:
And here is the screenshot from the Mac itself:
Even though it wasn’t exactly smooth sailing, I am where I need to be. The UNetLab hosts can talk to the physical hosts, and the floor is opening up for me to have some real fun!