Routing between two 3750s issue

Unanswered Question
Jul 31st, 2009
User Badges:

Hi Eveyybody,

I have two 3750s interconnected via L3 port channel (second switch will be placed on WAN after finished additional config).

I have RIP enabled for subnets on both sides, everything seems to be working perfectly fine, routing is OK...etc.


The problem I have been experiencing is:

1. Let's say VLAN1 is 10.0.0.1/24 (on switch_1) and VLAN1 L3 interface is not present on switch_2.

I can get from hosts on both sides to each other, that is not an issue, but when TRYING TO get to any clients on VLAN 1 (only, work when vlan 2...etc.) from switch_2 (itself), IT ALWYAS times out!?!


I am attaching configuration files from both switches for your review, plus routing tables. Please let me know if you need more info.


Any help with this issue will be highly appreciated!


Best regards,


Ed


SWITCH_1#sho ip rout


Gateway of last resort is 10.0.0.254 to network 0.0.0.0


C 10.1.0.0/24 is directly connected, Vlan151

10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks

C 10.192.200.0/24 is directly connected, Vlan200

C 10.10.10.0/30 is directly connected, Port-channel10

C 10.192.100.0/24 is directly connected, Vlan150

C 10.192.101.0/24 is directly connected, Vlan149

C 10.192.10.0/24 is directly connected, Vlan110

C 10.192.2.0/24 is directly connected, Vlan102

C 10.192.3.0/24 is directly connected, Vlan100

C 10.192.1.0/24 is directly connected, Vlan101

R 10.196.2.0/24 [120/1] via 10.10.10.1, 00:00:21, Port-channel10

R 10.196.3.0/24 [120/1] via 10.10.10.1, 00:00:21, Port-channel10

C 10.192.4.0/24 is directly connected, Vlan601

R 10.196.1.0/24 [120/1] via 10.10.10.1, 00:00:21, Port-channel10

C 10.192.20.0/24 is directly connected, Vlan120

C 10.0.0.0/24 is directly connected, Vlan1

C 192.168.1.0/24 is directly connected, Vlan900

S* 0.0.0.0/0 [1/0] via 10.0.0.254

--------------------------------------

SWITCH_2#sho ip rout


Gateway of last resort is 10.10.10.2 to network 0.0.0.0


R 10.1.0.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks

R 10.192.200.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

C 10.10.10.0/30 is directly connected, Port-channel10

R 10.192.100.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.192.101.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.192.10.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.192.2.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.192.3.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.192.1.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

C 10.196.2.0/24 is directly connected, Vlan104

C 10.196.3.0/24 is directly connected, Vlan103

R 10.192.4.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

C 10.196.1.0/24 is directly connected, Vlan602

R 10.192.20.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

R 10.0.0.0/24 [120/1] via 10.10.10.2, 00:00:12, Port-channel10

S* 0.0.0.0/0 [1/0] via 10.10.10.2




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Fri, 07/31/2009 - 11:31
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

The only difference between connecting from the subnets vs the switch is the subnets from switch2 are 192.168.x.x while switch2 will source from 10.10.10.x


Can you verify the devices on Vlan1 have the correct subnet mask 255.255.255.0?


If they don't - they won't reply back to their default gateway as they will interpret 10.10.10.x to be on their same subnet.


You can try isolating this issue by source ping from another Vlan on Switch2, say Vlan 602 with a ping to Vlan 1 on switch 1.


HTH,


__


Edison.

cmeljakovo Fri, 07/31/2009 - 12:53
User Badges:

OK, I will try your recommendation.


Thx, I'll let you know.

cmeljakovo Tue, 08/04/2009 - 09:31
User Badges:

That i snot the issue.


...what is very interesting is:


1. When I ping any host on subnet 10.0.0.0/24 (on Switch_1) from any host on subnets 10.196.x.0/24 (on Switch_2) it works and I am getting response.


2. When I ping from Switch_2 itself to subnet 10.0.0.0/24, sepecifically any hosts on that subnet (connected to Switch_1), I am not getting replies. I get replies only when VLAN interface 10.0.0.1/24 pinged.

But when hosts on any other subnets pinged, it works just fine.


I do not understand what the problem could be...

John Blakley Tue, 08/04/2009 - 10:09
User Badges:
  • Purple, 4500 points or more

Here's what I would do.


Try sourcing your packet from Switch2 to switch one from a vlan that works, and see if this resolves the issue.


If the 10.196.x.0/24 svi resides on Switch_2 and those hosts work, then ping from switch_2 sourcing that svi:


ping 10.0.0.x sourc 10.196.x.1


If that replies, then your Switch_2 is sourcing traffic out with a subnet that your Switch_1 doesn't have a route for.


I may be missing the real problem completely, but this is my 2 cents. :)


HTH,

John

cmeljakovo Tue, 08/04/2009 - 13:02
User Badges:

Hi John,


Yeah I will do, I think we are getting closer to resolution. Here is the problem I've been facing:


1. When I ping any host on subnet 10.0.0.0/24 (on Switch_1) from any host on subnets 10.196.x.0/24 (on Switch_2) it works and I am getting response.


2. When I ping from Switch_2 itself to subnet 10.0.0.0/24, sepecifically any hosts on that subnet (connected to Switch_1), I am not getting replies. I get replies only when VLAN interface 10.0.0.1/24 pinged.

But when hosts on any other subnets pinged, it works just fine.


So only hosts on VLAN1 (Switch_1) cannot be reached.

Edison Ortiz Tue, 08/04/2009 - 17:27
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Please post the IPCONFIG /ALL from a device in the 10.0.0.0/24 subnet.


__


Edison.

cmeljakovo Wed, 08/05/2009 - 05:30
User Badges:

I've tried what you suggested.The results:

1. Ping from switch_2:

ping 10.0.0.1 source 10.196.1/2/3.1 replies

ping 10.0.0.x source 10.196.1/2/3.1 replies


ping 10.0.0.x timed out ;-)


ping from host 10.196.1/2/3.2 to 10.0.0.x replies as well


2. Ping from switch_1:

ping 10.196.1/2/3.x source 10.192.1/2/3.1 replies


ping 10.196.1/2/3.x source 10.0.0.1 replies


ping from host 10.0.0.x to 10.192.1/2/3.1 replies as well


Findings:

- when pinging from switch_2 to any network on switch_1 with specified "source" getting replies.

- when pinging from hosts, it works as well

- But when pinging from switch_2 without source IP, getting times out


Please help ;-)


Ed

Edison Ortiz Wed, 08/05/2009 - 05:44
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Disable 'auto-summay' on both devices with the command no auto-summary under RIP.


HTH,


__


Edison.

John Blakley Wed, 08/05/2009 - 05:55
User Badges:
  • Purple, 4500 points or more

Ed,


What ip addresses do you have on Switch2's Vlan1? Can you post the config of:


sh run int vlan1


John

cmeljakovo Wed, 08/05/2009 - 06:29
User Badges:

I disabled IP interface VLAN 1 on switch_2.

But I tried with VLAn 1 IP if enabled as well, the same result.

And to your question: There was none IP.

John Blakley Wed, 08/05/2009 - 06:32
User Badges:
  • Purple, 4500 points or more

Can you post the config of the native vlan's svi?

cmeljakovo Wed, 08/05/2009 - 07:01
User Badges:

...and I just found out from ICMP denug:


trace 10.10.10.131 source 10.196.3.1


*Mar 5 19:00:44.121: ICMP: time exceeded rcvd from 10.10.10.2

*Mar 5 19:00:44.121: ICMP: time exceeded rcvd from 10.10.10.2

*Mar 5 19:00:44.121: ICMP: time exceeded rcvd from 10.10.10.2

*Mar 5 19:00:44.129: ICMP: dst (10.196.3.1) port unreachable rcv from 10.10.10.131

*Mar 5 19:00:44.129: ICMP: dst (10.196.3.1) port unreachable rcv from 10.10.10.131

*Mar 5 19:00:44.138: ICMP: dst (10.196.3.1) port unreachable rcv from 10.10.10.131

John Blakley Wed, 08/05/2009 - 07:12
User Badges:
  • Purple, 4500 points or more

Are there any acl's on the svis?

Actions

This Discussion