Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2523
Views
15
Helpful
9
Replies

Conflict between L2 and L3

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎08-06-2010 10:36 AM - edited ‎03-07-2019 12:34 AM

Hi All,

I need to locate a server that is located in the data centre. The problem is that I don't have physical access, so I'm doing the following:

The server has the IP 172.16.9.12

The CORE switch 4506 shows the IP directly connected and the MAC via Port-Channel 6:

sw1-4506#sh arp | i 172.16.9.12
Internet  172.16.9.12            18   0004.0d05.b12f  ARPA   Vlan14

sw1-4506#sh mac address-table address 0004.0d05.b12f
Unicast Entries
vlan   mac address     type        protocols               port
-------+---------------+--------+---------------------+--------------------
  14    0004.0d05.b12f   dynamic ip,ipx,assigned,other Port-channel6

So, from the above, I assume that the server is located through Port-Channel 6.

The problem is that Port-Channel 6 connects to a 3750 switch.

sw1-4506#

Port-channel: Po6
------+------+------+------------------+-----------
  0     00     Gi2/3    Desirable-Sl       0
  1     00     Gi3/6    Desirable-Sl       0

Both ports Gig2/3 and Gig3/6 are connected to the 3750

sw1-4506#

sw3750-central.ln.corp.nacion.com
                 Gig 3/6           138              S I   WS-C3750G Gig 1/0/50
sw3750-central.ln.corp.nacion.com
                 Gig 2/3           138              S I   WS-C3750G Gig 1/0/49

Now, this is the part that I don't understand:

The 3750 thinks that in order to reach the server 172.16.9.12, it should send the traffic back to the 4506.

sw3750-central#trace 172.16.9.12

  1 172.16.10.2 8 msec 0 msec 8 msec
  2 172.16.9.12 9 msec 8 msec 0 msec

sw1-4506#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  172.16.10.2     YES NVRAM  up                    up     

Could somebody explian this to me please???

Thank you!!

Federico.

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-06-2010 10:45 AM

Federico

If the 3750 is acting a L2 switch which it sounds like it is then it all depends on the subnet it's management vlan is in. So if the L3 SVI on the 3750 is not in the server subnet then the 3750  will send the packet to it's default-gateway, presumably on the 4500 and the 4500 will route the packet onto the server subnet and switch it back to the 3750 in the correct vlan.

From the traceroute output it looks like the 3750 L3 SVI for management is in 172.16.10.x subnet.

Jon

View solution in original post

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Federico Coto Fajardo

‎08-06-2010 11:58 AM

Federico

You won't see an arp entry on the 3750. The only arp entries you will see on the 3750 are arps for devices in the same subnet as the L3 SVI on the 3750 ie. any other switches in the 172.16.10.x network and obviously the default-gateway. Because the 3750 is only L2 switching it will only arp out for devices in it's own subnet. Because the 4500 is doing the inter-vlan routing that is where the full arp table will be.

What you should see on the 3750 is the mac-address of the server in the mac-address table because that is a L2 table.

Jon

View solution in original post

9 Replies 9

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎08-06-2010 10:45 AM

Federico

If the 3750 is acting a L2 switch which it sounds like it is then it all depends on the subnet it's management vlan is in. So if the L3 SVI on the 3750 is not in the server subnet then the 3750  will send the packet to it's default-gateway, presumably on the 4500 and the 4500 will route the packet onto the server subnet and switch it back to the 3750 in the correct vlan.

From the traceroute output it looks like the 3750 L3 SVI for management is in 172.16.10.x subnet.

Jon

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to Jon Marshall

‎08-06-2010 10:58 AM

John correct!

The 3750 is acting as a L2 switch and the management IP is 172.16.10.200

sw3750-central#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  172.16.10.200   YES NVRAM  up                    up    

I understand now why the 3750 sends the packet back to the 4506.

Now, I should see an ARP entry on the 3750 for the server?

sw3750-central#sh arp | i 172.16.9.12

sw3750-central#

If I understand correctly, the server is physically connected to a port on this 3750. I don't know why I don't see the ARP entry on the 3750 (I see it only on the 4506)

Federico.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Federico Coto Fajardo

‎08-06-2010 11:58 AM

Federico

You won't see an arp entry on the 3750. The only arp entries you will see on the 3750 are arps for devices in the same subnet as the L3 SVI on the 3750 ie. any other switches in the 172.16.10.x network and obviously the default-gateway. Because the 3750 is only L2 switching it will only arp out for devices in it's own subnet. Because the 4500 is doing the inter-vlan routing that is where the full arp table will be.

What you should see on the 3750 is the mac-address of the server in the mac-address table because that is a L2 table.

Jon

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to Jon Marshall

‎08-06-2010 12:03 PM

John,

Not much to say besides thank you very much!

It solved my problem.

sw3750-central#sh mac address-table address 0004.0d05.b12f
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  14    0004.0d05.b12f    DYNAMIC     Gi1/0/41

If I could ask you something else, it will be this:

The EtherChannel between two devices does not have to match the number correct?

i.e.

Port-Channel 6 (4506)  connects to Port-Channel 1 (3750)

Thank you again.

Federico.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Federico Coto Fajardo

‎08-06-2010 12:07 PM

Federico

No problem, glad to have helped.

No, port-channel numbers do not need to match between switches ie. they are locally significant on the switch only.

Jon

Go to solution
burleyman
Level 8
Level 8
In response to Jon Marshall

‎08-06-2010 01:51 PM

Jon,

Read through this post and the info was great so 5+ all around.

Mike

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to burleyman

‎08-06-2010 03:44 PM

Mike

Many thanks for the ratings and kind words.

Federico

Forgot to say many thanks for the ratings as well.

Jon

0 Helpful

Go to solution
Sudhanshu.Mishra1
Level 1
Level 1
In response to Jon Marshall

‎08-29-2017 01:19 AM

PLz check the following information

DC-MUM-SW-S01-CISCO4500#ping 192.168.1.126
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.126, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
DC-MUM-SW-S01-CISCO4500#sh ip ar
DC-MUM-SW-S01-CISCO4500#sh ip arp 192.168.1.126
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.126 0 00d0.8307.f1e4 ARPA Vlan192
DC-MUM-SW-S01-CISCO4500#tr
DC-MUM-SW-S01-CISCO4500#traceroute mac 00d0.8307.f1e4 00d0.8307.f1e4
Source and Destination on same port and no nbr!
DC-MUM-SW-S01-CISCO4500#sh mac add
DC-MUM-SW-S01-CISCO4500#sh mac address-table vlan 192 | inc 00d0.8307.f1e4
192 00d0.8307.f1e4 dynamic ip,ipx,assigned,other GigabitEthernet2/24
0 Helpful

Go to solution
Sudhanshu.Mishra1
Level 1
Level 1

‎08-29-2017 01:14 AM

I have the same problem Please suggest

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card