cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
597
Views
0
Helpful
10
Replies

a simple querry on LAN Switching

Jacob Samuel
Level 1
Level 1

Hi Friends,

I have a testing LAN in my network. The switch i used here is cisco 3560.

i have some vlan in this switch

vlan 10

server vlan

ip 192.168.1.1/24

vlan 20

app Vlan

ip 192.168.2.1/24

vlan1

routing vlan

ip 10.10.10.10/8

i have a link from this switch to the existing network, through an L2 switch connecting to the Router. Router interface IP is 10.10.10.1. On 3560 there is a defaultrote to the router (0 0 10.10.10.1). from this switch every thing is working fine.

Now i added one more switch on the Testing Lan and connecting over fiber to the 3560. The new switch is puley L2 only, not any IP address configured on it. i made a trunk dot1q between these two switches and allowed all vlans on it. From the new switch i am able to ping all the vlan, i can ping 192.168.1.1 and 192.168.2.1 and 10.10.10.10 also but i am not able to ping 10.10.10.1 and vise versa also.

Can any one tell me what could be the possible reason for this?

regards

Jacob

10 Replies 10

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Jacob,

>> The new switch is puley L2 only, not any IP address configured on it.

you need an ip source address so you have defined an ip address on it.

you may have a duplicated ip address in vlan1 and device with ip addr 10.10.10.1 may have a different mac address associated to the ip address you have given to the new switch.

you can check this with

sh ip arp x.x.x.x

Hope to help

Giuseppe

Hi Giusee,

sorry there was a mistake, i was pinging not from the switch but from the PC that is conneted to the new switch. i was able to ping the SVI IP (192.168.1.1, 2.1, 10.10.10.10) from the PC. But if i tried to ping router IP i was not able to ping, I was reaching up to the connected switch only not going further from there. From the Router i tried to ping the SVI IP's it is pinging but if tried to ping the PC that is connected in the new switch, i was not able to ping.

Lucien Avramov
Level 10
Level 10

From what ip are you trying to ping 10.10.10.1?

The router 10.10.10.1 needs to have a route to the ip you are pinging it from else it will drop the packet.

Hi,

I was pinging from a PC which is connected on the new L2 switch i added. Route is there, i am able to ping the SVI IPs (192.168.1.1 and 192.168.2.1)from the Router.

regards

Jacob

What is the PC IP address?

Do a debug ip icmp on the router and ping from the PC the router, post the output

Hi,

I was pinging from the PC, IP is 192.168.1.11.

My case is - I have a new L2 switch without any IP address on that, connecting to the 3560 L3 switch over a Trunk. The L3 switch is connecting to the existing network and a default route is there (ip route 0 0 10.10.10.1)pointing to the existing network router. (On L3 - Vlan 1 IP 10.10.10.10 pointing to IP 10.10.10.1, Int fe 0/0 of Router)

The PC 192.168.1.11 is connected to the L2 Switch it is able to ping 10.10.10.10, SVI IP of Vlan 1 on 3560 switch, ideally it should also be able to ping the IP of the router which is 10.10.10.1 and vise versa (router should ping 192.168.1.11) also, router can ping 192.168.1.1 but it is not pinging 192.168.1.11.

Regards

Jacob

Hello Jacob,

more clear now but something is still missing

in what vlan is the port of the L2 switch to which the PC is connected?

who owns ip address 192.168.1.1 and in what L2 vlan is associated (it is another SVI on the L3 switch I guess)

You say router can ping 192.168.1.1 verify with

sh ip route 192.168.1.1 on the router where the router thinks to send a packet to that destination.

you can also use traceroute to 192.168.1.1 from the router.

if PC can ping 10.10.10.10 this means it has a correct default gateway.

Hope to help

Giuseppe

Hi Giusee,

All the ports on the L2 switch are configured as the memeber of Vlan 10

!

int fa 0/1-48

sw acc vlan 10

!

int gig 0/1 is the dot1q trunk connected to the L3 3560 switch, allowed all vlans(1,10,20).

Below are the SVI IPs and config on L3 switch.

!

int vlan 10

192.168.1.1

!

int vlan 20

192.168.2.1

!

int vlan1

101.10.10.10

Interface config

!

int fa 0/1-23

sw acc vlan 20

!

int vlan fa0/24

des *** connecting to existing network Router via some L2 Switch ***

sw acc vlan 1

!

int gig 0/1

des *** Trunk to New L2 Switch ***

sw mode trunk

sw trunk encap dot1q

sw trunk allowed vlan 1,10,20

!

!

#on L3 3560- the routing default route -

!

ip route 0.0.0.0 0.0.0.0 10.10.10.1

How come the router can ping the Vlan IP but not the PC on that VLAN. How come the PC can ping their gateways and the vlan 1 ip 10.10.10.10 but not the IP of the router 10.10.10.1 ???? default route is there and it is working fine, i can ping from L3 switch.

Am i missing some command here on the L3, ip routing? is that could be the problem ? does it require in this scenario? if yes how i was pinging the vlan ip 192.168.1.1 from the router?

appreciate your input

thanks and regards

Jacob

Hi

1st I would say you don't need to truck the 2 switch ports up, if everything is staying in vlan 10, then you could try removing the trunking and placing connecting ports also in vlan 10.

2nd, we really could do with a sh ip route on the router, at the very least a sh ip route 192.168.1.11 on that router.

Thanks

Kev

Hello Jacob,

for a successful ping also the return path has to work.

Check on the router if it knows network 192.168.1.0/24 by any means

use

sh ip route 192.168.1.0

if the output says subnet not in table you have found the root cause of your issue.

you may need

Router#

ip route 192.168.1.0 255.255.255.0 10.10.10.10

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: