inter vlan routing

Unanswered Question
Nov 5th, 2009
User Badges:

Please can someone help me here I am having trouble pinging between two vlans I have one 3640 L3 switch and two pc connected to it one is in vlan 2 and one is in vlan 3 and vlan2 machine connected to int fas0/2 and vlan machine connected to int fas0/3 and both machines can ping to its vlan interfaces but can ping each other I dont know what is wrong I am doing. Please see my configuration and advice what I have to do?

--------------------

switch#show running-config

Building configuration...


Current configuration : 1516 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname switch

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ip subnet-zero

!

!

ip cef

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

switchport access vlan 3

no ip address

!

interface FastEthernet0/1

switchport access vlan 2

no ip address

!

interface FastEthernet0/2

switchport access vlan 2

no ip address

!

interface FastEthernet0/3

switchport access vlan 3

no ip address

!

interface FastEthernet0/4

no ip address

shutdown

!

interface FastEthernet0/5

no ip address

shutdown

!

interface FastEthernet0/6

no ip address

shutdown

!

interface FastEthernet0/7

no ip address

shutdown

!

interface FastEthernet0/8

no ip address

shutdown

!

interface FastEthernet0/9

no ip address

shutdown

!

interface FastEthernet0/10

no ip address

shutdown

!

interface FastEthernet0/11

no ip address

shutdown

!

interface FastEthernet0/12

no ip address

shutdown

!

interface FastEthernet0/13

no ip address

shutdown

!

interface FastEthernet0/14

no ip address

shutdown

!

interface FastEthernet0/15

switchport mode trunk

no ip address

shutdown

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2

ip address 172.16.20.1 255.255.255.0

!

interface Vlan3

ip address 172.16.30.1 255.255.255.0

!

ip http server

no ip http secure-server

ip classless

ip route 0.0.0.0 0.0.0.0 172.16.40.1

!

!

!

!

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

!

!

end


--------------------

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Muhammad Anser Khan Thu, 11/05/2009 - 08:35
User Badges:

Dear Khalid,


You need to enable routing for the communication of two different VLANs:


Switch(config)#ip routing


Switch#show run

!

!

ip subnet-zero

ip routing

!


Regards,

Anser

khalid.meraj Thu, 11/05/2009 - 08:46
User Badges:

I hit this command hudered times but I don't know its not turning it on ?

and strangely its not showing any error as well when I hit ip routing command

any suggestion

Reza Sharifi Thu, 11/05/2009 - 08:56
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

khalid,


Do you have default gateway configured on your PCs?


HTH

Reza

khalid.meraj Thu, 11/05/2009 - 09:04
User Badges:

yes the default gateways are configured on my pc's, default gateway for the machines is the vlan management address


glen.grant Thu, 11/05/2009 - 09:06
User Badges:
  • Purple, 4500 points or more

Have you turned off any software firewalls you have running on the pc's ? The windows FW or any others like Zonealarm or Norton etc...

khalid.meraj Thu, 11/05/2009 - 09:16
User Badges:

Great as I turn the firewall off it worked rightward but I have two question which is in my mind first why windows firewall blocking it as it doesn't have any link to this setup and 2nd why ip routing command not showing unable in show run ?


--------------


switch#show run

Building configuration...


Current configuration : 1523 bytes

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname switch

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

ip subnet-zero

!

!

ip cef

!

!


--------------

and still its routing ?

this confusing me please help

Muhammad Anser Khan Thu, 11/05/2009 - 09:20
User Badges:

You need to troubleshoot:


# sh ip int br

Vlan interfaces should be UP/UP


# sh spanning-tree vlan 2 & 3

Vlan should belongs to the spanning tree.


Try shut then no shut under interface vlan 2 & 3


Regards,

Anser

khalid.meraj Thu, 11/05/2009 - 09:22
User Badges:

please see this you might find something wrong


-------------------

switch#show ip int br

switch#show ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES unset up down

FastEthernet0/1 unassigned YES unset up down

FastEthernet0/2 unassigned YES unset up up

FastEthernet0/3 unassigned YES unset up up

FastEthernet0/4 unassigned YES unset administratively down down

FastEthernet0/5 unassigned YES unset administratively down down

FastEthernet0/6 unassigned YES unset administratively down down

FastEthernet0/7 unassigned YES unset administratively down down

FastEthernet0/8 unassigned YES unset administratively down down

FastEthernet0/9 unassigned YES unset administratively down down

FastEthernet0/10 unassigned YES unset administratively down down

FastEthernet0/11 unassigned YES unset administratively down down

FastEthernet0/12 unassigned YES unset administratively down down

FastEthernet0/13 unassigned YES unset administratively down down

FastEthernet0/14 unassigned YES unset administratively down down

FastEthernet0/15 unassigned YES unset administratively down down

Vlan1 unassigned YES NVRAM administratively down down

Vlan2 172.16.20.1 YES NVRAM up up

Vlan3 172.16.30.1 YES NVRAM up up

switch#

switch#

switch#

switch#

switch#show sp

switch#show spanning-tree vl

switch#show spanning-tree vlan ?

<1-1005> VLAN id


switch#show spanning-tree vlan 2


VLAN2 is executing the ieee compatible Spanning Tree protocol

Bridge Identifier has priority 32768, address cc00.10b4.0000

Configured hello time 2, max age 20, forward delay 15

We are the root of the spanning tree

Topology change flag not set, detected flag not set

Number of topology changes 1 last change occurred 00:30:41 ago

from FastEthernet0/2

Times: hold 1, topology change 35, notification 2

hello 2, max age 20, forward delay 15

Timers: hello 0, topology change 0, notification 0, aging 0


Port 3 (FastEthernet0/2) of VLAN2 is forwarding

Port path cost 19, Port priority 128, Port Identifier 128.3.

Designated root has priority 32768, address cc00.10b4.0000

Designated bridge has priority 32768, address cc00.10b4.0000

Designated port id is 128.3, designated path cost 0

Timers: message age 0, forward delay 0, hold 0

Number of transitions to forwarding state: 1

BPDU: sent 935, received 0


switch#show spanning-tree vlan 3


VLAN3 is executing the ieee compatible Spanning Tree protocol

Bridge Identifier has priority 32768, address cc00.10b4.0001

Configured hello time 2, max age 20, forward delay 15

We are the root of the spanning tree

Topology change flag not set, detected flag not set

Number of topology changes 1 last change occurred 00:30:48 ago

from FastEthernet0/3

Times: hold 1, topology change 35, notification 2

hello 2, max age 20, forward delay 15

Timers: hello 0, topology change 0, notification 0, aging 0


Port 4 (FastEthernet0/3) of VLAN3 is forwarding

Port path cost 19, Port priority 128, Port Identifier 128.4.

Designated root has priority 32768, address cc00.10b4.0001

Designated bridge has priority 32768, address cc00.10b4.0001

Designated port id is 128.4, designated path cost 0

Timers: message age 0, forward delay 0, hold 0

Number of transitions to forwarding state: 1

BPDU: sent 938, received 0


iyde Fri, 11/06/2009 - 10:55
User Badges:
  • Silver, 250 points or more

Hi.


What model of switch is it? I am a little amazed to see 12.3 mentioned as the IOS version for the switch as to my knowledge all Cisco switches are at the most at IOS 12.2S.

!

version 12.3


Is it a switch module in a router?


Regards, Ingolf

glen.grant Fri, 11/06/2009 - 13:49
User Badges:
  • Purple, 4500 points or more

Ip routing does not show up because it is the default config for a router. If you do a no ip routing command it will show up because it is something other than the default . The FW blocks anything incoming if the conversation did not originate on that pc, thats what the FW is for so it will block any ping responses coming from anywhere else. this is obviously a router with a 16 port switchcard installed into it if its running 12.3 code.

iyde Fri, 11/06/2009 - 14:40
User Badges:
  • Silver, 250 points or more

Right - the interface FastEthernet0/0 also tells that it's a router with a switch module.

khalid.meraj Sat, 11/07/2009 - 10:06
User Badges:

yes you are right I am using 3640 series IOS on GNS3 to test the configuration before implementing but I am not understanding why its not able to show ip routing in show run.


Actions

This Discussion