routing not functioning

Unanswered Question
May 15th, 2008
User Badges:

Hello,

I am having problem routing from the old network (10.223.17.0)to the new network (10.223.12.0). I want these 2 network to communicate with each other.Below is the current config of our core switch(4507R). Any changes or ideas is greatly appreciated. Thank you for your support.


-chie



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Harold Ritter Thu, 05/15/2008 - 12:31
User Badges:
  • Cisco Employee,

Narciso,


These two subnets *10.223.17.0/24 and 10.223.12.0/22) are directly connected to the router. A frequent issue in such a scenario is a device connected to one subnet requires IP connectivity to the other subnet but doesn't have it default gateway set or set to the wrong default gateway.


Make sure devices connected to subnet 10.223.17.0/24 (vlan17) have 10.223.17.194 as their default gateway and devices connected to 10.223.12.0/22 (vlan12) have theirs set to 10.223.12.1.


Regards,

lazon Thu, 05/15/2008 - 13:05
User Badges:

Hello,


First thanks for your response, I am pretty sure that the subnet 10.223.17.0 is using 10.223.17.194 as their DG. I have to double check the subnet 10.223.12.0 if their DG is set to 10.223.12.1. So your saying that if these 2 network it not using the correct DG, routing between them is not possible? Thanks again.


-chie

t814687 Thu, 05/15/2008 - 12:35
User Badges:

Hi, the config does not show anything obvious. Some stuff can be cleaned up if not used... like vrf and vlan access-map..

did you check what default gateway machines on vlan 17 use? Can they ping the DG?



lazon Thu, 05/15/2008 - 12:59
User Badges:

First, thanks for responding to my question,

vlan 17 is using 10.223.17.194 as their DG, from 10.223.17.0 subnet I can ping the DG. One thing I notice is when I ping from the 10.223.17.0 network to a specific host on the 10.223.12.0 (like 10.223.12.13) it's saying host unreacheable via the 10.223.17.194 gateway. Also there is an ISP managed router 2620 which is the DG for the 10.223.17.0 network (IP assigned is 10.223.17.194) in between these 2 network. My assumption is that this router probably is the one preventing the routing between these 2 network. If I clean the vrf and access-mp's would it affect anything? Any recommendation or suggestion is greatly appreciated. Thanks again.


-chie

t814687 Thu, 05/15/2008 - 13:05
User Badges:

Hi Chie,

I did not understand exactly what IP is assigned to that 2650 and what vlan it's connected to. Can you please clarify?


lazon Thu, 05/15/2008 - 13:10
User Badges:

Hi,


The ISP managed router has an IP assigned address of 10.223.17.194 and is using vlan 17.


Any idea? Thanks again




t814687 Thu, 05/15/2008 - 13:18
User Badges:

The router can not have same IP address as your core switch, basically your machines use that router to get to another VLAN and fail. The router IP should be changed and proper routing should be established for the internet connectivity. One option could be via a transit VLAN between your core switch and the ISP router.


Thanks

serg


lazon Thu, 05/15/2008 - 13:25
User Badges:

Hello,


I gave the wrong information, the ISP managed router has assigned IP address of (10.223.17.14 255.255.255.0 - fa0/0) also an ip route statement of (ip route 10.223.12.0 255.255.252.0 10.223.17.194). I can give you more info on the router if that will help you analyze the issue. Thanks again.



t814687 Thu, 05/15/2008 - 14:34
User Badges:

ok, were you ever able to communicate between these vlans?


can you ping 10.223,12,1 from a host on VLAN 17?


post sh ip route from your core switch


what command you used to generate posted config?


serg

lazon Thu, 05/15/2008 - 16:02
User Badges:

Serg,


Here is the sh ip route info:

The command I used to generate posted info is

copy running-config tftp.


I have to double check on this:

I will check from a host on vlan 17 if I can ping 10.223.12.1.


Thanks again.




Attachment: 
Richard Burts Fri, 05/16/2008 - 06:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Narciso


The output of show ip route clearly shows that it knows both subnets and should be able to route between them, if the packets get to the switch. Which makes me wonder if the packets are really getting to the switch.


I notice that the switch has only 2 ports that belong in VLAN 17 (Gig 4/1 and 4/31). Can you tell us what devices these are? And where is the rest of VLAN 17 and what is its connectivity to the switch?


One other thing that might be an interesting test:

- do a ping from the switch to some device in VLAN 17 to demonstrate basic connectivity.

- then do an extended ping from the switch to that device. In the extended ping specify the same destination address as the simple ping and specify the source address as the vlan 12 interface address. If the extended ping fails it would point toward it being a problem with the default gateway configuration of the device.


HTH


Rick

lazon Fri, 05/16/2008 - 12:40
User Badges:

Hello rick,


First thank you for responding to my question, I have to identify what devices are connected to (Gig 4/1 and 4/31).

The only thing I can tell you right now is on the old subnet (10.223.17.0)there is an ISP managed router and an old

5500 series catalyst switch used as their old core switch. What I need to do is to trace some connections from the

old core switch and ISP managed router. Base on the previous configuration I sent, I can ping some devices in vlan 17

from the new core switch (4507R) but cannot ping an IP address assigned to the ISP managed router fa0/0 (10.223.17.14).

Thanks again for your advice.


-chie



Actions

This Discussion