Dummy needs help!!! VLAN routing/ switching

Unanswered Question
Sep 28th, 2009

Hi,

I am having problems routing on our LAN. I have configured vlan in one network and need to use one of these port on another switch on another part of the network.

++++++++++++++++++++++++++++++++++++++++

6509_1 core_distrib

3750 access_1 (can access vlan 21)

cisco1 vtp

ospf area0

Created vlan 21

created static route to point 10.11.12.13 to 3750_distrib

++++++++++++++++++++++++++++++++++++++++

----------------------------------------------------------------------------------

3750_distrib

3750_access_2 (can't access vlan 21, named vlan, configured port as for 3750_access_1)

cisco2 vtp domain

ospf area1

----------------------------------------------------------------------------------

a) Created vlan 21 on distrib switch 6509_1

b) am able to ping and access all IPs etc in range from 3750_access_1.

c) now need to use a single port on this vlan on another vtp domain/ 3750_access2.

d) working backward: I have named the vlan on the access switch, configured the port/ interface.

e) named the vlan on the 3750_distrib switch

f) there is ospf connection between 6509_1 and 3750_distrib

g) created static route on 6509_1: ip route 10.11.12.13 255.255.255.255 10.50.60.71

h) traceroute from 6509_1 reaches 3750_distrib, then hops to 6509_1 as this is the default route.

i) how do i get the 3750_distrib to forward the packet to 3750_access_2?

Please assist, thank you in advance...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
platinum_jem Mon, 09/28/2009 - 20:00

The infos you gave is in bits and pieces.

What is the IP address for this new VLAN 21 ?

Are you trying to create this same VLAN 21 in both the VTP domains ?

max_gbp777 Mon, 09/28/2009 - 23:26

Hi,

I was just trying to simplyfy, sorry if it sounds like bits.

VLAN 21 ip is 10.11.12.2 subnet: 255.255.255.0 DG: 10.11.12.1

Just trying to use a single VLAN 21 IP (10.11.12.13) in the second VTP domain.

(VTP domains are configured as transparent.)

The distribution (6509_1 < == > 3750_dist) switches are connected with a layer 3 link. (no vlan pruning)

Please advise if I need to clarify further.

Thank you,

Max

ktwaddell Mon, 09/28/2009 - 23:39

Hi

As far as I know, you cannot have a port in a vlan where the switch is in a different VTP domain from the vlan you want to use!

Kev

max_gbp777 Tue, 09/29/2009 - 02:30

Hi Kev,

I was just drawing out the network layout when I read you response. I think that you have answered my question.

Thank you for your reply.

I have attached the diagram, just in case you have any ideas.

Regards

Max

Jon Marshall Tue, 09/29/2009 - 00:01

Max

It's not clear what you are trying to do. When you say you can't access vlan 21 on 3750_access_2 what do you mean by can't access. Where are you trying to access it from ?

Could you post config of 3750_access_2 and 3750_distrib switch.

Note also that if you have connected your 6500 and 3750_distrib by a L3 link then it's really not good design to try and use the same IP subnet on both sides of the link. With a L2 link that would be fine.

Jon

max_gbp777 Tue, 09/29/2009 - 02:36

Hi Jon,

Thank you for your reply.

I have posted a reply to Kev's response which I think he has answered.

Thank you for taking the time to assist.

Kind Regards

Max

Jon Marshall Tue, 09/29/2009 - 03:10

Max

Lets concentrate on PC_2 for the moment,

1) When you say no connection, how are you verifying that ?

2) PC_1 works. How are you verifying that ?

3) The 3550 distribution switch - is this routing for vlans ?

4) Where is the L3 SVI for vlan 21 meant to be - is it on the 6500 switch ?

5) Can you post config of 3550 switch ?

Jon

max_gbp777 Tue, 09/29/2009 - 05:05

Hi Jon,

Thank you for the reply. I have answered below:

(No DHCP for this IP Range all manually configured with DNS, etc.)

1) When you say no connection, how are you verifying that ?

Network card shows no received packets. Unable to ping to or from PC_2, etc.

2) PC_1 works. How are you verifying that ?

Able to connect to other devices on network, etc.

3) The 3550 distribution switch - is this routing for vlans ?

Yes, 3550_distrib_1 and 6509_core_dist both route Vlans.

4) Where is the L3 SVI for vlan 21 meant to be - is it on the 6500 switch ?

(Not quite sure of question, my ignorance.) The VLAN has been created on 6509_core_dist switch.

5) Can you post config of 3550 switch ?

Attached, note that diagram above is simplyfied.

Thank you,

Regards

Max

Attachment: 
Jon Marshall Tue, 09/29/2009 - 06:02

Max

Can you post output of

1)_"sh vlan"

2) "sh vtp status" from both the 3550 and the 3750 switch which is connected to PC_2.

Where is the L3 SVI for vlan 21 meant to be - is it on the 6500 switch ?

(Not quite sure of question, my ignorance.) The VLAN has been created on 6509_core_dist switch.

What this means is a vlan is a L2 concept. So when you type "sh vlan" on a switch you see all the L2 vlans that have been created. In order to route between vlans each vlan needs a L3 SVI (Switched Virtual Interface) ie.

int vlan 21

ip address x.x.x.x

so where is the L3 SVI for vlan 21 - it's not on the 3550 so i'm assuming the 6500.

Also which port on the 3550 is used to connect to the 6500 ?

Jon

max_gbp777 Wed, 09/30/2009 - 01:28

1)_"sh vlan"

Attached

2) "sh vtp status" from both the 3550 and the 3750 switch which is connected to PC_2.

Attached

Where is the L3 SVI for vlan 21 meant to be - is it on the 6500 switch ?

(Not quite sure of question, my ignorance.) The VLAN has been created on 6509_core_dist switch.

What this means is a vlan is a L2 concept. So when you type "sh vlan" on a switch you see all the L2 vlans that have been created. In order to route between vlans each vlan needs a L3 SVI (Switched Virtual Interface) ie.

int vlan 21

ip address x.x.x.x

so where is the L3 SVI for vlan 21 - it's not on the 3550 so i'm assuming the 6500.

Yes, the SVI is created on the 6500 switch.

Also which port on the 3550 is used to connect to the 6500 ?

Interface Gig0/7

Appologies for the delay, been upto my neck in it.

Kind Regards

Max

Jon Marshall Wed, 09/30/2009 - 03:25

Max

PC_2 cannot be in vlan 21 unless you create vlan 21 on both the 3750_access2 switch and the 3550 switch.

I haven't seen the config of the 3750_access_2 switch but you do not have a vlan 21 on the 3550 switch. As the 3550 switch is connected via a trunk link to the 6500 then you could add vlan 21 on the 3550 and the 3750_access_2 switch if it isn't already there and then PC_2 should be able to ping the L3 SVI for vlan 21 and also other clients in other vlans.

Note that only you are aware of the full topology of the network. If you do add vlan 21 to the 3550 and 3750 then you need to make sure you are not creating any STP loops in your infrastructure.

As for PC_3 this will never work in vlan 21 because 3750_distrib_1 is connected to the 6500 via a L3 routed link only so unless there is also a L2 connection between the 3750 and the 6500 that is not shown on your diagram you will have to use a different vlan.

Jon

Actions

This Discussion