cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
338
Views
0
Helpful
6
Replies

Trying to Understand

superrob1
Level 1
Level 1

My inquire is I am trying to understand why this works.

I have 4 internal routers (2620) connecting directly to a switch (2900XL) the switch is directly connected to a server running OpenBSD 3.9. The server has 2 NICs it is setup as a bridge. The NIC_1 on the server is directly connected to Switch 2900XL. NIC_2 is directly connected to a router the outer_router. The network between the routers, Switch, and NIC_1 on the server is 10.10.100.0/24. NIC_2 and the outer_router are using 10.10.200.0/24.

The internal routers default gateway is set to the switch 2900XL

The switch 2900XL default gateway is set to NIC_1 on the server OpenBSD

The server's default gateway is set to the outer_router

There is no blocking or security setup on this test network. The Bridge is setup to look at all traffic coming from NIC_1 and NIC_2

Now my question is this, when the routers are set to use the switch as the default gateway, I am unable to ping the outer_router. I am thinking the switch that the routers are in should know where the outer_router is because the switches gateway is NIC_1 on the server and the server knows where the outer_router is.

When I set the default gateway of the internal routers to NIC_1 on the server, I am able to ping the outer_router just fine. The traffic must pass thru the switch, the only thing I changed is the default gatway of the inner routers. If I use the switch as the default gateway on the inner routers I cannot ping the outer_router. If I use NIC_1 on the server as the default gateway on the inner_routers I can ping the outer_router. I am puzzled as there is no routing protocol being used just a straight static IP setup.

6 Replies 6

ahmednaas
Level 4
Level 4

Can you ping NIC_1 in the original setup?

You do not mention VLANs in your post. Are all ports in the same VLAN? or are the internal routers in a different VLAN from the server?

Yes in the orignal setup the inner_routers can ping NIC_1 of the Server.

There is 15 seperate Vlans

All the ports on the 2900XL are set to allow all the vlans

The internal routers are all in the same network range of 10.10.100.xxx. NIC_1 of the server is in the 10.10.100.xxx range and the switch's VLAN_1 address is in the 10.10.100.xxx range

No other network is being used other than the 10.10.200.xxx range which is being used on NIC_2 and the outer_router.

Now I am confused. Can you post the config from the switch?

superrob1
Level 1
Level 1

version 11.2

no service pad

service timestamps debug datetime localtime

service password-encryption

no service udp-small-servers

no service tcp-small-servers

hostname SuperSwitch_1

spanning-tree vlan 1 max-age 200

spanning-tree vlan 1 hello-time 10

spanning-tree vlan 1 forward-time 200

no spanning-tree vlan 1

no ip domain-lookup

ip domain-name local.rmc

ip name-server 221.x.139.x

interface VLAN1

ip address 10.10.100.5 255.255.255.0

interface FastEthernet0/1

speed 100

duplex full

switchport multi vlan 1-15

spanning-tree portfast

interface FastEthernet0/2

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/3

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/4

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

no cdp enable

interface FastEthernet0/5

description << Super_Router_4_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/6

description << Super_Router_2_1st_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/7

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/8

description << LAPTOP -- Vaio -- System >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/9

description << Main WorkStation -- XXX >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/10

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/11

description << Cable Modem - Linksys - Router >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/12

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/13

description << Super_Router_2_2nd_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/14

description << Super_Router_1_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/15

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/16

description << Super_Router_1_2nd_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/17

description << Super_Router_3_1st_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/18

description << Super_Router_3_2nd_Connection >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/19

description << DSL Modem - Linksys - Router >>

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

interface FastEthernet0/20

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/21

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/22

speed 100

duplex full

switchport multi vlan 1-15

switchport mode multi

spanning-tree portfast

interface FastEthernet0/23

switchport multi vlan 1-5

switchport mode multi

spanning-tree portfast

interface FastEthernet0/24

switchport multi vlan 1-5

switchport mode multi

spanning-tree portfast

ip default-gateway 10.10.100.254

Hi

Could you just clarify. When you say the server is setup as a bridge what do you mean exactly. The server has 2 interfaces in different networks would it not be routing between the two networks ?

Your switch is a layer 2 switch. The vlan interface on the switch is only used for managing the switch. It is not a router. So it does not forward traffic on based on a layer 3 routing decision.

When you set the default gateway to be NIC_1 that server has connections in both networks so it can forward on the packet hence your ping works.

HTH

Jon

Hi,

The Server is setup as bridge to allow traffic to pass from one network to other network. No routing is done by the Server. This is done to watch different going from network 1 to network 2 and vice versa.

Now I see where my error was, thinking that switch would know where to send packets because its default gateway is NIC_1 on the server. Now that you made that clear the switch would not know how to send requests from the inner_routers to NIC_2 on the server.

Thanks, much appriecated.

Rob

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco