×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Issues pinging from outside managment vlan

Answered Question
Nov 27th, 2013
User Badges:

Switches: C6509 port 5/1 (sup card) connected via copper to a 6505 port 6/47 (non sup card)



Both ports 5/1 and 6/47 are configured as a trunk


switchport

switchport trunk encapsulation dot1q

switch port mode turnk


My C6509 (client) pulled all the vlan information from my 6505 (server) no issues.

I am able to move ports to my production vlan on the C6509, connect them and able to ping all my other vlans but my managment vlan.

I have connected a laptop to my new C6509 and the laptop will pull an IP and i am able to ping my other vlan no issues but nothing from my Vlan999


My management vlan on the c6509 is config as:


Interface Vlan999

ip address 10.14.0.16 255.255.255.0

All my other switch are on Vlan999 10.14.0.x 255.255.255.0


I am able to ping from my c6509 to all my other swithced on that same vlan999 but unable to ping any other vlan on my network or servers, etc.

unable to ping 10.14.80.0 10.14.60.0 10.14.16.0, etc



Hope this makes since, any thought on what might be casuing the issues?

Correct Answer by Jon Marshall about 3 years 8 months ago

John


That's your problem.  Your 6500 doesn't know where to send any packets for remote vlans. You clients works because they use the SVIs (vlan interfaces) on the 6505.  You can't disable ip routing on the 6500 so just add this and it should work -


ip route 0.0.0.0 0.0.0.0


Are you intending to migrate the SVIs across to your 6509 in future ?


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Wed, 11/27/2013 - 09:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


Do you have other vlan interfaces on the 6509 or are they still on the 6505 ?


Can you post -


"sh ip route" from the 6509


Jon

John Stevens Wed, 11/27/2013 - 10:48
User Badges:

Jon


thanks for the reply.


On my new 6509 i only see the following...


10.0.0.0/24 is subnetted, 1 subnet

c     10.14.0.0 is direclty connected, vlan999


All my ip's for this site are on the 10.14.0.0 subnet, ie 10.14.16.0 10.14.16.80.0 10.14.16.40.0 etc


On my exsisting 6505, it shows all my routes around 50-100 of them

Correct Answer
Jon Marshall Wed, 11/27/2013 - 10:58
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


That's your problem.  Your 6500 doesn't know where to send any packets for remote vlans. You clients works because they use the SVIs (vlan interfaces) on the 6505.  You can't disable ip routing on the 6500 so just add this and it should work -


ip route 0.0.0.0 0.0.0.0


Are you intending to migrate the SVIs across to your 6509 in future ?


Jon

John Stevens Wed, 11/27/2013 - 11:29
User Badges:

Jon-


I was no intending to migrate the SVI's since this is an edge switch, same as my server rack switches.  Normally i just set up the IP on the mang vlan999 and the vlans come over from my core and we are good to go.


So on my 6509 it now shows the following


10.0.0.0/24 is subnetted, 1 subnets

C     10.14.0.0 is directly conencted, Vlan999

S*    0.0.0.0/0 is drectly connected, Vlan999



I am now able to ping my 6509 10.14.0.x via my laptop on 10.14.80.x.


Jon- thanks for taking the time to help me with this, much appreciated

Jon Marshall Wed, 11/27/2013 - 11:38
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


No problem, glad to have helped.


The reason i asked about the vlans was because although you cannot disable ip routing on a 6500 you can still in effect disable it by not having any L3 ports/routing protocols running. So instead of using the "ip route ..." command i gave you you should be able to replace that with -


ip default-gateway


the above is the command when your switch is only acting as a L2 switch. I have never done this on a 6500 so i don't know whether it works or not but it should do, and you may not want to bother, but i just thought it worth mentioning.


Jon

John Stevens Wed, 11/27/2013 - 11:57
User Badges:

Thanks for the information.


The new switch seems to be working fine.  I have assigned the ports to my enduser vlans (10.14.60.0.x), connected a Cisco phone and laptop.  The laptop pulls an ip and so does my Cisco phone.  As i said before, from that laptop i can ping all my other vlans. 


Do you think i need to look into L3 ports/routing protocols on this new edge switch?  I have two core 65xx's (redundant) in my data center with all my servers are and my main switch in my MPOE where all my fiber and circuits terminate from my providers, they all have the ip routes you are talk about.  My server rack switches and my edge switches that just provide network to office areas does not. 

Jon Marshall Wed, 11/27/2013 - 12:05
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


Do you think i need to look into L3 ports/routing protocols on this new edge switch?

No not at all and i apologise if i confused the issue. I was just trying to point out that traditionally if a switch is acting purely as L2 and not doing any routing then you would use the "ip default-gateway ..." command and you might want to use that just for consistency. But it's not a requirement.


Jon

John Stevens Wed, 11/27/2013 - 12:23
User Badges:

Understood, again thanks for letting me ping stuff off of you.  I am still learning and always appreciate the info and guidance.  Have a great Thanksgiving.

Actions

This Discussion