cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
538
Views
4
Helpful
12
Replies

routing not functioning

lazon
Level 1
Level 1

Hello,

I am having problem routing from the old network (10.223.17.0)to the new network (10.223.12.0). I want these 2 network to communicate with each other.Below is the current config of our core switch(4507R). Any changes or ideas is greatly appreciated. Thank you for your support.

-chie

12 Replies 12

Harold Ritter
Cisco Employee
Cisco Employee

Narciso,

These two subnets *10.223.17.0/24 and 10.223.12.0/22) are directly connected to the router. A frequent issue in such a scenario is a device connected to one subnet requires IP connectivity to the other subnet but doesn't have it default gateway set or set to the wrong default gateway.

Make sure devices connected to subnet 10.223.17.0/24 (vlan17) have 10.223.17.194 as their default gateway and devices connected to 10.223.12.0/22 (vlan12) have theirs set to 10.223.12.1.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hello,

First thanks for your response, I am pretty sure that the subnet 10.223.17.0 is using 10.223.17.194 as their DG. I have to double check the subnet 10.223.12.0 if their DG is set to 10.223.12.1. So your saying that if these 2 network it not using the correct DG, routing between them is not possible? Thanks again.

-chie

t814687
Level 1
Level 1

Hi, the config does not show anything obvious. Some stuff can be cleaned up if not used... like vrf and vlan access-map..

did you check what default gateway machines on vlan 17 use? Can they ping the DG?

First, thanks for responding to my question,

vlan 17 is using 10.223.17.194 as their DG, from 10.223.17.0 subnet I can ping the DG. One thing I notice is when I ping from the 10.223.17.0 network to a specific host on the 10.223.12.0 (like 10.223.12.13) it's saying host unreacheable via the 10.223.17.194 gateway. Also there is an ISP managed router 2620 which is the DG for the 10.223.17.0 network (IP assigned is 10.223.17.194) in between these 2 network. My assumption is that this router probably is the one preventing the routing between these 2 network. If I clean the vrf and access-mp's would it affect anything? Any recommendation or suggestion is greatly appreciated. Thanks again.

-chie

Hi Chie,

I did not understand exactly what IP is assigned to that 2650 and what vlan it's connected to. Can you please clarify?

Hi,

The ISP managed router has an IP assigned address of 10.223.17.194 and is using vlan 17.

Any idea? Thanks again

The router can not have same IP address as your core switch, basically your machines use that router to get to another VLAN and fail. The router IP should be changed and proper routing should be established for the internet connectivity. One option could be via a transit VLAN between your core switch and the ISP router.

Thanks

serg

Hello,

I gave the wrong information, the ISP managed router has assigned IP address of (10.223.17.14 255.255.255.0 - fa0/0) also an ip route statement of (ip route 10.223.12.0 255.255.252.0 10.223.17.194). I can give you more info on the router if that will help you analyze the issue. Thanks again.

ok, were you ever able to communicate between these vlans?

can you ping 10.223,12,1 from a host on VLAN 17?

post sh ip route from your core switch

what command you used to generate posted config?

serg

Serg,

Here is the sh ip route info:

The command I used to generate posted info is

copy running-config tftp.

I have to double check on this:

I will check from a host on vlan 17 if I can ping 10.223.12.1.

Thanks again.

Narciso

The output of show ip route clearly shows that it knows both subnets and should be able to route between them, if the packets get to the switch. Which makes me wonder if the packets are really getting to the switch.

I notice that the switch has only 2 ports that belong in VLAN 17 (Gig 4/1 and 4/31). Can you tell us what devices these are? And where is the rest of VLAN 17 and what is its connectivity to the switch?

One other thing that might be an interesting test:

- do a ping from the switch to some device in VLAN 17 to demonstrate basic connectivity.

- then do an extended ping from the switch to that device. In the extended ping specify the same destination address as the simple ping and specify the source address as the vlan 12 interface address. If the extended ping fails it would point toward it being a problem with the default gateway configuration of the device.

HTH

Rick

HTH

Rick

Hello rick,

First thank you for responding to my question, I have to identify what devices are connected to (Gig 4/1 and 4/31).

The only thing I can tell you right now is on the old subnet (10.223.17.0)there is an ISP managed router and an old

5500 series catalyst switch used as their old core switch. What I need to do is to trace some connections from the

old core switch and ISP managed router. Base on the previous configuration I sent, I can ping some devices in vlan 17

from the new core switch (4507R) but cannot ping an IP address assigned to the ISP managed router fa0/0 (10.223.17.14).

Thanks again for your advice.

-chie

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: