02-16-2007 07:32 AM - edited 03-05-2019 02:24 PM
My inquire is I am trying to understand why this works.
I have 4 internal routers (2620) connecting directly to a switch (2900XL) the switch is directly connected to a server running OpenBSD 3.9. The server has 2 NICs it is setup as a bridge. The NIC_1 on the server is directly connected to Switch 2900XL. NIC_2 is directly connected to a router the outer_router. The network between the routers, Switch, and NIC_1 on the server is 10.10.100.0/24. NIC_2 and the outer_router are using 10.10.200.0/24.
The internal routers default gateway is set to the switch 2900XL
The switch 2900XL default gateway is set to NIC_1 on the server OpenBSD
The server's default gateway is set to the outer_router
There is no blocking or security setup on this test network. The Bridge is setup to look at all traffic coming from NIC_1 and NIC_2
Now my question is this, when the routers are set to use the switch as the default gateway, I am unable to ping the outer_router. I am thinking the switch that the routers are in should know where the outer_router is because the switches gateway is NIC_1 on the server and the server knows where the outer_router is.
When I set the default gateway of the internal routers to NIC_1 on the server, I am able to ping the outer_router just fine. The traffic must pass thru the switch, the only thing I changed is the default gatway of the inner routers. If I use the switch as the default gateway on the inner routers I cannot ping the outer_router. If I use NIC_1 on the server as the default gateway on the inner_routers I can ping the outer_router. I am puzzled as there is no routing protocol being used just a straight static IP setup.
02-16-2007 08:46 AM
Can you ping NIC_1 in the original setup?
You do not mention VLANs in your post. Are all ports in the same VLAN? or are the internal routers in a different VLAN from the server?
02-16-2007 09:01 AM
Yes in the orignal setup the inner_routers can ping NIC_1 of the Server.
There is 15 seperate Vlans
All the ports on the 2900XL are set to allow all the vlans
The internal routers are all in the same network range of 10.10.100.xxx. NIC_1 of the server is in the 10.10.100.xxx range and the switch's VLAN_1 address is in the 10.10.100.xxx range
No other network is being used other than the 10.10.200.xxx range which is being used on NIC_2 and the outer_router.
02-16-2007 09:35 AM
Now I am confused. Can you post the config from the switch?
02-16-2007 05:24 PM
version 11.2
no service pad
service timestamps debug datetime localtime
service password-encryption
no service udp-small-servers
no service tcp-small-servers
hostname SuperSwitch_1
spanning-tree vlan 1 max-age 200
spanning-tree vlan 1 hello-time 10
spanning-tree vlan 1 forward-time 200
no spanning-tree vlan 1
no ip domain-lookup
ip domain-name local.rmc
ip name-server 221.x.139.x
interface VLAN1
ip address 10.10.100.5 255.255.255.0
interface FastEthernet0/1
speed 100
duplex full
switchport multi vlan 1-15
spanning-tree portfast
interface FastEthernet0/2
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/3
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/4
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
no cdp enable
interface FastEthernet0/5
description << Super_Router_4_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/6
description << Super_Router_2_1st_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/7
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/8
description << LAPTOP -- Vaio -- System >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/9
description << Main WorkStation -- XXX >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/10
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/11
description << Cable Modem - Linksys - Router >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/12
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/13
description << Super_Router_2_2nd_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/14
description << Super_Router_1_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/15
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/16
description << Super_Router_1_2nd_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/17
description << Super_Router_3_1st_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/18
description << Super_Router_3_2nd_Connection >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/19
description << DSL Modem - Linksys - Router >>
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
interface FastEthernet0/20
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/21
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/22
speed 100
duplex full
switchport multi vlan 1-15
switchport mode multi
spanning-tree portfast
interface FastEthernet0/23
switchport multi vlan 1-5
switchport mode multi
spanning-tree portfast
interface FastEthernet0/24
switchport multi vlan 1-5
switchport mode multi
spanning-tree portfast
ip default-gateway 10.10.100.254
02-17-2007 01:58 PM
Hi
Could you just clarify. When you say the server is setup as a bridge what do you mean exactly. The server has 2 interfaces in different networks would it not be routing between the two networks ?
Your switch is a layer 2 switch. The vlan interface on the switch is only used for managing the switch. It is not a router. So it does not forward traffic on based on a layer 3 routing decision.
When you set the default gateway to be NIC_1 that server has connections in both networks so it can forward on the packet hence your ping works.
HTH
Jon
02-17-2007 06:54 PM
Hi,
The Server is setup as bridge to allow traffic to pass from one network to other network. No routing is done by the Server. This is done to watch different going from network 1 to network 2 and vice versa.
Now I see where my error was, thinking that switch would know where to send packets because its default gateway is NIC_1 on the server. Now that you made that clear the switch would not know how to send requests from the inner_routers to NIC_2 on the server.
Thanks, much appriecated.
Rob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide