Having trouble routing two internal networks (192.168 and 10)

Unanswered Question
Sep 16th, 2008

My company is wanting to switch from the 192.168.x.x/24 network to 10.x.x.x/24. I know this is a major task ahead of me and that's why we are doing one thing at a time. I'm failing at my first step.

Here is what I have testing at the moment.

I have a Catalyst2960 that has 2 vlans setup. Vlan35 and Vlan200, Vlan1 is administratively down. 35 is our 35th floor which is on 192.168.35.X and 200 is 10.10.200.X

Vlan 35 has an ip address of 192.168.35.251 255.255.255.0

Vlan 200 has an ip address of 10.10.200.253 255.255.255.0

The 2960 has the Gi0/1 port mode set to trunk, allowing vlans 35,200, and native vlan 35.

Gi0/1 of the 2960 is going to our core switch, Cataylst 4507-RE. The 4507 has its Gi5/15 port set as trunk, allowing vlans 35,200, and native vlan 35.

The 4507 has Vlan 35 ip address of 192.168.35.254 255.255.255.0 and helper address of the dhcp server

and a Vlan 200 address of 10.10.200.1 255.255.255.0 and helper address of the dhcp server

the 4507 has EIGRP 101 setup and has all the networks setup.

Here is my problem.

If I am on the 192.168.X.X, I can ping the switch address of 10.10.200.253. If I have a machine sitting on vlan 200, with an ip address of 10.10.200.21, I can not ping the host.

To clarify, If my ip address is 192.168.35.100, I CAN ping 10.10.200.253 (2960 switch), but I cannot ping 10.10.200.21 (a host sitting on vlan 200 connected to the 2960).

The host 10.10.200.21 can ping the 2960 AND can ping 10.10.200.1 (the 4507). If the host tries to ping the 4507, but on a different vlan, the ping fails. For instance, 10.10.200.21 tries to ping 192.168.35.254 or 192.168.187.1, the ping fails.

If I have 2 hosts connected on Vlan200 ont he 2960, they can ping each other

If I connect a host to a port with vlan35, then that machine can get anywhere on the internal network with a 192.168 address

One more little bit of info. If you look at the 4507 config you will see that router eigrp 101 says network 10.0.0.0. For some reason the router changes the network to that even when I type 10.10.200.0. The only way it will stay 10.10.200.0 is if I add the wildcard mask.

Any and all help is VERY much appreciated. I hope i'm just missing some small step.

the Videooverp2p-confg.txt is the 2960 switch

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Tue, 09/16/2008 - 07:29

Hello Kendrick,

be aware that your switch isn't acting as a router

you are using the command ip default-gateway that is useful when ip routing is disabled.

But I see that all routing is done on the 4507 so this shouldn't be an issue

About the network command as you have discovered without the wildcard mask eigrp change the command to the major network (10/8) this is normal.

Verify what is the default gateway when the pc is in net 10.10.200.0 if it the router is fine if it is something else it is wrong

Hope to help

Giuseppe

the_crooked_toe Tue, 09/16/2008 - 07:36

i just tried doing that and the 2960 isn't allowing me to route.

i did

conf t

no ip default-gateway

ip routing (gave invalid input detected at the o of routing)

ip route 0.0.0.0 0.0.0.0 10.10.200.1 (gave invalid input detected at the o of route)

So do i need a switch that has a routing capability? If I just had the switch doing ONLY the 10.10.200.0 network, would it be able to work then?

Giuseppe Larosa Tue, 09/16/2008 - 07:40

Hello Kendrick

Sorry,

I was editing my post I realized that wasn't a real issue.

However, from your tests I'm afraid that only one vlan is up/up on 2960

I had this problem in 2950: if I created a new SVI the previous was shutted.

However this shouldn't have impact unless you used as a default gateway the switch ip address.

Hope to help

Giuseppe

the_crooked_toe Tue, 09/16/2008 - 07:46

I had this problem when I used a 2950 also, when I created a new Vlan it would shut the other one down. The 2960 is allowing me to create multiple vlans and have them up at the same time. I can ping each vlan ip without changing anything on the 2960. so i know that isn't the issue

deepak.pandey Tue, 09/16/2008 - 08:13

on 4507r-config.txt

Remove port fast from trunk interface Gi5/15(According to your configuration its configigured on the trunk interface gi5/15)

interface GigabitEthernet5/15

no spanning-tree portfast

enable ip routing in configuration mode.

ip routing

Check your vlan35 and vlan200 SVI Interface are up.using

show ip int brief.

On videooverp2p-config.txt

Remove ip default-gateway

no ip default-gateway 10.10.200.1

use default gateway as 192.168.35.254,according to your configuration native vlan is 35.

so the command should be

ip default-gateway 192.168.35.254

Deepak Pandey

the_crooked_toe Tue, 09/16/2008 - 10:06

Deepak,

i've done everything you asked and still no luck.

when i do sh ip int brief on the 4507 I it shows Vlan200 as status=up, protocol=up but method=manual. Most other vlan methods are set to NVRAM. The only other vlan methods set to manual are vlan 1 and 2.

I can still not ping the host sitting on vlan 200. I'm at ip 192.168.187.119 and my ip fails going to 10.10.200.21. But i CAN ping the switch 10.10.200.253. Which is still no change from before.

attached are the new configs with the changes recommended.

thanks for the help thus far

the_crooked_toe Tue, 09/16/2008 - 13:18

IT'S FIXED!

I have absolutely no clue why. I figured I would try to create another vlan, vlan 201. Then I would see if i could network between the two 10s. But once I created that vlan and had it setup on the 2960 and the 4507, i was able to ping all networks. i guess for some reason the network didn't like 10.10.200. so it looks like 10.10.201 wins, which I can live with. thanks to everyone for their input and help

Actions

This Discussion