×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco switch not communicating with Load balancing router

Unanswered Question
Nov 19th, 2011
User Badges:

Hi all,


My first post on here I believe.


I have an issue here. I have a Cisco network on a ship where I work, I have an Ericsson GSM Access point which picks up local GSM 3G signal and broadcasts it onboard. I have two of these units and they are connected to a D-Link Load balancing router which is in turn connected to a Cisco 3560 Series 8 poe switch.


Each unit is on a different subnet. The Cisco is on the DHCP server from my AD server (Windows 2003 Server) The Load balancing router has no DHCP and the Ericsson units have their own DHCP servers.


On the Cisco switch if I plug in with a laptop I get an IP address for the DHCP on my server. I cannot ping the load balancing router from it. If I connect to the Load balancing router and set a static address for that subnet I can access the internet via the Ericsson units. And if I connect to the Ericsson I can access the Internet.


The Cisco is on a 172.x.x.x subnet and the D-link/Ericsson are on a 192.x.x.x subnet, so I'm assuming there needs to be information in the Cisco i.e. static routing table. This is where I have hit a wall. My Cisco experience is limited and I've been trying to look at the routing table in the switch but I get this reponse


Using show ip route I get this:


Default gateway is 172.16.16.1

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty


It looks to me that there is no routing table at all. I've tried using a few commands to add the address of the load balancing router but there is no change. I'm sure which command to use in fact. I might be looking in the wrwong place?


Anyone any ideas? If you need me to show any info from the switch please give me the command to use to speed this up. Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
terenceward Sat, 11/19/2011 - 00:12
User Badges:

I forgot to mention, the Cisco network uses Cisco Works for management. I'm used to being able to use a web browser to access the switch and view it's workings from there, Cisco seems complicated and over engineered. I'm sure it would be great to use if I knew it... I feel some studying coming on!

terenceward Mon, 12/05/2011 - 05:42
User Badges:

Wow I'm surprised I've had noone come up with a solution here? For a Cisco tech it should be an easy fix no?


The short solution is how do I get a Cisco switch talking to another switch on a different subnet? Or how do I enter a static route on a Cisco switch (model listed in original post)?

mvsheik123 Mon, 12/05/2011 - 09:02
User Badges:
  • Gold, 750 points or more

Using show ip route I get this:


Default gateway is 172.16.16.1

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty


This o/p normally shows that you have ip default-gateway set on the switch and all the routed traffic being send to that IP.

hop on to 172.16.16.1 and see if it can reach 192.x. network.


If you want to add static route on switch, then try ip route x.x.x.x x.x.x.x ,and you may need to issue 'ip routing' command as well. Make sure to test in a maintenanace window as this might cause outage.


hth

MS

terenceward Mon, 12/05/2011 - 23:19
User Badges:

Hi there, thanks for the reply. 172.16.16.1 is the IP address of the Cisco router in question. I telnet in and I am unable to ping the load balancing router.


Can you tell me what you mean by , I'm not sure how to implement that? You mentioned IP routing also, this is different to IP route? I'm still new to all things Cisco.


Strange, but I just did show ip route command again and now I get this:


Gateway of last resort is 172.16.254.10 to network 0.0.0.0

     192.168.8.0/25 is subnetted, 1 subnets
O E2    192.168.8.0 [110/20] via 172.16.241.1, 7w0d, Vlan413
     172.16.0.0/16 is variably subnetted, 36 subnets, 3 masks
C       172.16.176.0/24 is directly connected, Vlan115
C       172.16.178.0/24 is directly connected, Vlan141
C       172.16.164.0/24 is directly connected, Vlan142
C       172.16.160.0/24 is directly connected, Vlan114
C       172.16.162.0/24 is directly connected, Vlan140
C       172.16.132.0/24 is directly connected, Vlan194
C       172.16.128.0/24 is directly connected, Vlan174
C       172.16.0.252/32 is directly connected, Loopback254
O E2    172.16.0.253/32 [110/20] via 172.16.240.1, 7w0d, Vlan412
C       172.16.254.0/24 is directly connected, Vlan450
O E2    172.16.0.254/32 [110/20] via 172.16.241.1, 7w0d, Vlan413

cadet alain Tue, 12/06/2011 - 02:19
User Badges:
  • Purple, 4500 points or more

Hi,


this means you've renabled  ip routing  and  now you're receiving routes. Now your ping should be successful.


Regards.


Alain

terenceward Tue, 12/06/2011 - 02:23
User Badges:

Hi,


Thanks for your feedback, however I've tried to ping the load balancer again and it's still not working. Surly to allow it to talk to a device on another subnet I need to add the subnet to the static route table??

cadet alain Tue, 12/06/2011 - 02:38
User Badges:
  • Purple, 4500 points or more

Hi,


if you do a sh ip route x.x.x.x where x.x.x.x is the Ip of load-balancer and you've got an entry then routing is ok on your side but you must have a toute back to your originating subnet on the load-balancer otherwise it can't work.

So take a look at the load-balancer Routing table.


Regards.



Alain

terenceward Tue, 12/06/2011 - 02:44
User Badges:

Tried that, it's not in there. Can you tell me the syntax to use to put it in?



CISF99_M1#sh ip route 192.168.50.1

% Network not in table

cadet alain Tue, 12/06/2011 - 03:54
User Badges:
  • Purple, 4500 points or more

Hi,


that's the correct syntax, on which device  did you enter this command?

Can you do a traceroute to this IP and post the output ?


Regards.


Alain.

terenceward Tue, 12/06/2011 - 04:22
User Badges:

I entered this on the telnet session on the Cisco unit.


Sorry my question about syntax was meant for the other poster who mentioned adding static route.

cadet alain Tue, 12/06/2011 - 05:01
User Badges:
  • Purple, 4500 points or more

Hi,


could you post a topology diagram.

issue following on the switch:

-config# no service timestamp debug

config# access-list 199 permit icmp any any      Rem:just make sure this ACL doesn't exist with sh access-list

config# logging buffered debug

# debug ip pack 199

# ping 192.168.50.1 rep 1

# show log


and post output.


Regards.


Alain

terenceward Tue, 12/06/2011 - 05:47
User Badges:

Hi, I'm having some problems entering your syntax? Do I type contents after -config#? I've tried both ways but I just get invalid input selected.

cadet alain Tue, 12/06/2011 - 05:53
User Badges:
  • Purple, 4500 points or more

the first 2 commands are enterd like this:

switch# config t

switch(config)# "The 2 commands"

then

you can either stay in config mode but prefix the other commands with the keyword do or exit this mode with the exit command and type the other 3.


Regards.


Alain

terenceward Tue, 12/06/2011 - 06:43
User Badges:

Ok here goes


CISF99_M1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
CISF99_M1(config)#no service timestamp debug
CISF99_M1(config)#access-list 199 permit icmp any any
CISF99_M1(config)#exit
CISF99_M1#debug ip pack 199
IP packet debugging is on for access list 199
CISF99_M1#ping 192.168.50.1 rep 1

Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 192.168.50.1, timeout is 2 se
.
Success rate is 0 percent (0/1)
CISF99_M1#show log
Syslog logging: enabled (0 messages dropped, 131 messages rate-
s, 0 overruns)
    Console logging: disabled
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 1213 messages logged
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled
    Trap logging: level notifications, 1060 message lines logge
        Logging to 172.16.10.10, 1060 message lines logged

cadet alain Tue, 12/06/2011 - 08:17
User Badges:
  • Purple, 4500 points or more

Hi,


where is the debug output ? it must be there after these lines you posted.


Regards.


Alain

terenceward Tue, 12/06/2011 - 08:35
User Badges:

That was everything:


CISF99_M1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
CISF99_M1(config)#no service timestamp debug
CISF99_M1(config)#access-list 199 permit icmp any any
CISF99_M1(config)#exit
CISF99_M1#debug ip pack 199
IP packet debugging is on for access list 199
CISF99_M1#ping 192.168.50.1 rep 1

Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 192.168.50.1, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
CISF99_M1#show log
Syslog logging: enabled (0 messages dropped, 131 messages rate-limited, 0 flushe
s, 0 overruns)
    Console logging: disabled
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 1213 messages logged
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled
    Trap logging: level notifications, 1060 message lines logged
        Logging to 172.16.10.10, 1060 message lines logged

CISF99_M1#[B

Jon Marshall Tue, 12/06/2011 - 09:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Terence


Can we step back a bit on this and cover the basics. Could you answer all of the following -


1) When you talk about the Cisco unit do you mean the 3560 ?


1) If you connect a laptop to the 3560 then it gets a DHCP address so -


i) what IP address does the laptop get ?


ii) where is the laptops default-gateway ie. it is an IP address that is assigned to a vlan interface on the 3560 ?  I'm assuming it is as it sounds like your 3560 is doing the inter vlan routing ?


2) What is the IP address of the D-link  that you are trying to ping ?


3) How is the D-link connected to the 3560 ie. on the 3560 port that connects to the D-link what vlan is that assigned to. And what is the L3 vlan interface IP address on the 3560 for that vlan.


If the D-link is directly connected to the 3560 and you are using a vlan for connectivity then you don't need a route on the 3560 as it will see it as directly connected. However you will need a route on the D-link for the laptop subnet so the D-link can return the ping packets.


You will probably need to use the web browser to look at and add routes to the D-link as the "ip route ...." syntax is for Catalyst switches and enterprise routers.


Jon

terenceward Tue, 12/06/2011 - 23:37
User Badges:

Hi,


Thanks for your message.


Yes I mean the 3560 unit when talking about hte Cisco unit.

If I connect a laptop to the Cisco unit I get an IP address, I think I mentioned that in my first post. It gets an IP address in the 172.x.x.x range.


The Cisco unit is one of many Cisco units onboard. there are a number of VLans onboard yes, but the 3560 is not controlling anything as far as I am aware, it's just a router that connects to the Ericsson GSM units (via the load balancer).


The IP address of the D-Link is 192.168.50.1

The IP address of the Cisco is 172.16.16.129 with a default gateway of 172.16.16.1


The port the D-Link is connected to is on Vlan 500 However I don't know how to asnwer the last part of that question (And what is the L3 vlan interface IP address on the 3560 for that vlan)


I wont be able to access the D-Link today as we are at sea and it's right on top of the ship (under the antenna in the deckhead (roof) and as I need direct access to connect to the D-Link I'll have to wait.)

Jon Marshall Wed, 12/07/2011 - 12:51
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

The IP address of the D-Link is 192.168.50.1

The IP address of the Cisco is 172.16.16.129 with a default gateway of 172.16.16.1

The D-link port on the 3560 is in vlan 500. So for the 3560 to be able to route to the D-link you will need a L3 vlan interface on the 3560 in vlan 500 with and ip address from the 192.168.50.x network eg on the 3560 -


int vlan 500

ip address 192.168.50.x  255.255.255.0  <---- where .x is an unused IP. I'm also assuming it is a /24 network.


The routing table you printed in a previous response - is it from the 3560 ? If it is then fine. If not can you post the output of the following command from the 3560 -


3560# sh ip int brief


** Edit - you still need routes on the D-link for the subnets you want to be able to communicate from on the 3560.


Jon

terenceward Wed, 12/07/2011 - 23:42
User Badges:

Hi,


Here is the info you requested. As for the previous one, I'm not certain it came from the right router as I have been away and may have telneted in to the wrong one.


Smilly#sh ip int brief

Interface              IP-Address      OK? Method Status                Protocol

Vlan1                  unassigned      YES NVRAM  up                    up

Vlan160                172.16.16.129   YES NVRAM  up                    up

FastEthernet0/1        unassigned      YES unset  down                  down

FastEthernet0/2        unassigned      YES unset  up                    up

FastEthernet0/3        unassigned      YES unset  down                  down

FastEthernet0/4        unassigned      YES unset  down                  down

FastEthernet0/5        unassigned      YES unset  down                  down

FastEthernet0/6        unassigned      YES unset  down                  down

FastEthernet0/7        unassigned      YES unset  down                  down

FastEthernet0/8        unassigned      YES unset  down                  down

GigabitEthernet0/1     unassigned      YES unset  up                    up

Smilly#

Jon Marshall Thu, 12/08/2011 - 08:32
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Terence


The switch is not routing for vlans. It's default-gateway is 172.16.6.1 - what is that device.


It's difficult to suggest an answer because the infomation you have provided is inconsistent. It looks like this switch is only acting as a layer 2 switch ie. when you connect a client it gets a default-gateway in it's config. This IP address (the default-gateway) is not on the 3560, it must be on another device.


So you cannot just connect the D-link on vlan 500 to this switch and expect it to work. If the D-link is directly connected to this switch then -


1) you need a L3 vlan 500 interface on the switch as described before


2) you need routes on the D-link for the subnets you want to ping from


but even then it won't work because when the client sends a ping it will go off to the clients default-gateway which is not this switch. You could enable ip routing on the 3560 but that still won't help unless you move all the clients default-gateways for all vlans to the 3560.


I can't suggest you do that because it could break the rest of your network.


So we need to know more about the setup. The device you printed the routing table off, what device is this and how is it related to the 3560 and the D-link ?


Jon

terenceward Fri, 12/09/2011 - 04:44
User Badges:

Hi Jon,


We use something called a NAS 3000 which allows us to change the type of Internet access based on what is best where we are located. We have GSM systems, VSat, Wireless antennas etc. and we can direct everything to use a particular default gateway based on what is strongest at any one time.


I'm certain the other list came from another Cisco switch I telnet to by mistake. I can't tell you which but there are many here.


I also don't know which phyisical device 172.16.16.1 is? I've only been here a few weeks and I am still learning the system.

Actions

This Discussion

Related Content