Trouble forwarding between 7600 and 6500

Unanswered Question
Jan 29th, 2009

Hi!

I have 7600 config:

gw#sh run int gi1/31

Building configuration...

Current configuration : 175 bytes

!

interface GigabitEthernet1/31

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 6

switchport trunk allowed vlan 6

switchport mode trunk

end

gw#sh run int vlan 6

Building configuration...

Current configuration : 140 bytes

!

interface Vlan6

ip address 1.2.3.9 255.255.255.248

no ip redirects

no ip proxy-arp

ip pim dr-priority 2

ip pim sparse-mode

end

and 6500:

core#sh run int gi5/1

Building configuration...

Current configuration : 217 bytes

!

interface GigabitEthernet5/1

core#sh run int vlan 128

Building configuration...

Current configuration : 202 bytes

!

interface Vlan128

ip address 1.2.3.10 255.255.255.248 secondary

ip address 192.168.1.1 255.255.255.0

no ip redirects

no ip proxy-arp

end

Pings from "gw" to "core":

gw#ping 1.2.3.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.2.3.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

But from another side ("core" to "gw"):

core#ping 1.2.3.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.2.3.9, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

VLANs is directly connected.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Thu, 01/29/2009 - 10:26

Can you try extend ping by specifing source IP as 1.2.3.10 when you ping from "core" to "gw"?

mkachalin Fri, 01/30/2009 - 00:31

core#ping

Protocol [ip]:

Target IP address: 1.2.3.9

Repeat count [5]:

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 1.2.3.10

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.2.3.9, timeout is 2 seconds:

Packet sent with a source address of 1.2.3.10

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

It seems, that "core" used first ip address on interface to send reply to "gw", when trying to use ordinary ping. Where is the root of problem, or it's normal behaviour?

Yudong Wu Fri, 01/30/2009 - 07:38

I am not 100% sure if it is the same on all platform. Here is a comment from someone else "An ICMP echo request will be generated by the router itself. In the assembly of the ICMP message by the router, the Source ip address that is used in the creation of the resulting ip ICMP message will be the primary ip address for the interface or sub-interface that the datagram is to be transmitted on. As an aside, routers never generate ip datagrams that use a SECONDARY ip address that may be attached to an interface. It will always use the PRIMARY address."

Roberto Salazar Thu, 01/29/2009 - 11:43

The core's interface gig 5/1 is not even a switchport per your show run:

interface GigabitEthernet5/1

So, the ping from core to gateway I understand why it will fail. But from gw pinging to 1.2.3.10 suggests there is another host responding to that ip address. can you look at show ip arp 1.2.3.10 from the gw and trace where the mac is learned from with "show mac address-table ".

mkachalin Fri, 01/30/2009 - 00:40

I apologise. There is full config, when I've posted config made it with no attention.

core#sh run int gi5/1

Building configuration...

Current configuration : 217 bytes

!

interface GigabitEthernet5/1

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 128

switchport trunk allowed vlan 128

switchport mode trunk

end

Actions

This Discussion