inter-vlan routing troubles drving me crazy!!!

Unanswered Question
Mar 21st, 2007

I'm reposting this because I inadvertantly marked my question as solved, but it isn't. I still can't get inter-vlan routing going on my 3750 ip-base switch. The 3750 has two VLANs, each linking to its own 2950. I just want vlan 1 hosts on one 2950 to route to vlan 2 hosts on the other 2950. It's driving me crazy...

Okay, here's my config on the 3750. As you can see, my vlan SVIs are up and running and I can ping a host on vlan 1. however, when i try to use extended ping to reach that same vlan 1 host from vlan 2's SVI, it times out. my vlans do indeed have the vlan 1 SVI as their default gateways.

Please help!!

Matt

Switch#

Switch#show run

Building configuration...

Current configuration : 1136 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

!

no aaa new-model

switch 1 provision ws-c3750g-12s

ip subnet-zero

ip routing

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet1/0/1

description TO VLAN 1 2950 SWITCH

switchport trunk encapsulation dot1q

switchport mode trunk

!

!

!other interfaces omitted...

!

!

interface GigabitEthernet1/0/12

description TO VLAN 2 2950 SWITCH

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,2

switchport mode trunk

!

interface Vlan1

ip address 20.40.254.254 255.255.0.0

!

interface Vlan2

ip address 10.135.254.254 255.255.0.0

!

ip classless

ip http server

!

!

control-plane

!

!

line con 0

line vty 0 4

no login

line vty 5 15

no login

!

!

end

Switch#show int trunk

Port Mode Encapsulation Status Native vlan

Gi1/0/1 on 802.1q trunking 1

Gi1/0/12 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi1/0/1 1

Gi1/0/12 1-2

Port Vlans allowed and active in management domain

Gi1/0/1 1

Gi1/0/12 1-2

Port Vlans in spanning tree forwarding state and not pruned

Gi1/0/1 1

Gi1/0/12 1-2

Switch#ping 20.40.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.40.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/9 ms

Switch#ping

Protocol [ip]:

Target IP address: 20.40.1.1

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 10.135.254.254

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.40.1.1, timeout is 2 seconds:

Packet sent with a source address of 10.135.254.254

.....

Success rate is 0 percent (0/5)

Switch#

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sundar.palaniappan Wed, 03/21/2007 - 16:00

Matt,

What's the IP/subnet_mask of the host 20.40.1.1. What's the default gateway set to on this host?

Though this mayn't be causing this problem, configure the ports as access ports as shown below as all the hosts connected to the 2950 switches belong to just one VLAN. Configure the port(s) on the 2950 as an access port as well in their respective VLANs.

interface GigabitEthernet1/0/1

description TO VLAN 1 2950 SWITCH

switchport mode access

switchport access vlan 1

nterface GigabitEthernet1/0/12

description TO VLAN 2 2950 SWITCH

switchport mode access

switchport access vlan 2

The problem appears to be with the host configuration.

HTH

Sundar

acomiskey Wed, 03/21/2007 - 17:25

From your first post...

"my vlans do indeed have the vlan 1 SVI as their default gateways."

Both vlans would not have the same gateway. vlan 1 gateway is 20.40.254.254, vlan 2 gateway is 10.135.254.254.

mahmoodmkl Wed, 03/21/2007 - 23:46

Hi

u need to have the SVI's ip address as the gateway address for r u r respective clinets in the respective vlans.

Ensure that ip routing is enabled on u r switch.

From where u r performing the extended ping.

The source interface should be one of the interfaces in u r switch.

Thanks

Mahmood

matt_heff Thu, 03/22/2007 - 09:30

So, I got an identical 3750, copied the config over, and everything works fine. Hooked up the original 3750, and it still doesn't work.

Very, very strange...

Thanks to all for the help!

Matt

cdakhlia Tue, 04/03/2007 - 05:31

Hi,

I have tried as you, and the same it does not work. But I tried this:

Validate reply data? [no]:y

and it worked

Chokri

Actions

This Discussion