a simple querry on LAN Switching

Unanswered Question
Aug 16th, 2009

Hi Friends,

I have a testing LAN in my network. The switch i used here is cisco 3560.

i have some vlan in this switch

vlan 10

server vlan


vlan 20

app Vlan



routing vlan


i have a link from this switch to the existing network, through an L2 switch connecting to the Router. Router interface IP is On 3560 there is a defaultrote to the router (0 0 from this switch every thing is working fine.

Now i added one more switch on the Testing Lan and connecting over fiber to the 3560. The new switch is puley L2 only, not any IP address configured on it. i made a trunk dot1q between these two switches and allowed all vlans on it. From the new switch i am able to ping all the vlan, i can ping and and also but i am not able to ping and vise versa also.

Can any one tell me what could be the possible reason for this?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Sun, 08/16/2009 - 11:48

Hello Jacob,

>> The new switch is puley L2 only, not any IP address configured on it.

you need an ip source address so you have defined an ip address on it.

you may have a duplicated ip address in vlan1 and device with ip addr may have a different mac address associated to the ip address you have given to the new switch.

you can check this with

sh ip arp x.x.x.x

Hope to help


Jacob Samuel Sun, 08/16/2009 - 21:01

Hi Giusee,

sorry there was a mistake, i was pinging not from the switch but from the PC that is conneted to the new switch. i was able to ping the SVI IP (, 2.1, from the PC. But if i tried to ping router IP i was not able to ping, I was reaching up to the connected switch only not going further from there. From the Router i tried to ping the SVI IP's it is pinging but if tried to ping the PC that is connected in the new switch, i was not able to ping.

Lucien Avramov Sun, 08/16/2009 - 13:09

From what ip are you trying to ping

The router needs to have a route to the ip you are pinging it from else it will drop the packet.

Jacob Samuel Sun, 08/16/2009 - 21:05


I was pinging from a PC which is connected on the new L2 switch i added. Route is there, i am able to ping the SVI IPs ( and the Router.



Lucien Avramov Sun, 08/16/2009 - 22:46

What is the PC IP address?

Do a debug ip icmp on the router and ping from the PC the router, post the output

Jacob Samuel Sun, 08/16/2009 - 23:04


I was pinging from the PC, IP is

My case is - I have a new L2 switch without any IP address on that, connecting to the 3560 L3 switch over a Trunk. The L3 switch is connecting to the existing network and a default route is there (ip route 0 0 to the existing network router. (On L3 - Vlan 1 IP pointing to IP, Int fe 0/0 of Router)

The PC is connected to the L2 Switch it is able to ping, SVI IP of Vlan 1 on 3560 switch, ideally it should also be able to ping the IP of the router which is and vise versa (router should ping also, router can ping but it is not pinging



Giuseppe Larosa Mon, 08/17/2009 - 08:11

Hello Jacob,

more clear now but something is still missing

in what vlan is the port of the L2 switch to which the PC is connected?

who owns ip address and in what L2 vlan is associated (it is another SVI on the L3 switch I guess)

You say router can ping verify with

sh ip route on the router where the router thinks to send a packet to that destination.

you can also use traceroute to from the router.

if PC can ping this means it has a correct default gateway.

Hope to help


Jacob Samuel Mon, 08/17/2009 - 22:22

Hi Giusee,

All the ports on the L2 switch are configured as the memeber of Vlan 10


int fa 0/1-48

sw acc vlan 10


int gig 0/1 is the dot1q trunk connected to the L3 3560 switch, allowed all vlans(1,10,20).

Below are the SVI IPs and config on L3 switch.


int vlan 10


int vlan 20


int vlan1

Interface config


int fa 0/1-23

sw acc vlan 20


int vlan fa0/24

des *** connecting to existing network Router via some L2 Switch ***

sw acc vlan 1


int gig 0/1

des *** Trunk to New L2 Switch ***

sw mode trunk

sw trunk encap dot1q

sw trunk allowed vlan 1,10,20



#on L3 3560- the routing default route -


ip route

How come the router can ping the Vlan IP but not the PC on that VLAN. How come the PC can ping their gateways and the vlan 1 ip but not the IP of the router ???? default route is there and it is working fine, i can ping from L3 switch.

Am i missing some command here on the L3, ip routing? is that could be the problem ? does it require in this scenario? if yes how i was pinging the vlan ip from the router?

appreciate your input

thanks and regards


ktwaddell Mon, 08/24/2009 - 07:34


1st I would say you don't need to truck the 2 switch ports up, if everything is staying in vlan 10, then you could try removing the trunking and placing connecting ports also in vlan 10.

2nd, we really could do with a sh ip route on the router, at the very least a sh ip route on that router.



Giuseppe Larosa Mon, 08/24/2009 - 22:50

Hello Jacob,

for a successful ping also the return path has to work.

Check on the router if it knows network by any means


sh ip route

if the output says subnet not in table you have found the root cause of your issue.

you may need


ip route

Hope to help



This Discussion