I have a testing LAN in my network. The switch i used here is cisco 3560.
i have some vlan in this switch
i have a link from this switch to the existing network, through an L2 switch connecting to the Router. Router interface IP is 10.10.10.1. On 3560 there is a defaultrote to the router (0 0 10.10.10.1). from this switch every thing is working fine.
Now i added one more switch on the Testing Lan and connecting over fiber to the 3560. The new switch is puley L2 only, not any IP address configured on it. i made a trunk dot1q between these two switches and allowed all vlans on it. From the new switch i am able to ping all the vlan, i can ping 192.168.1.1 and 192.168.2.1 and 10.10.10.10 also but i am not able to ping 10.10.10.1 and vise versa also.
Can any one tell me what could be the possible reason for this?
>> The new switch is puley L2 only, not any IP address configured on it.
you need an ip source address so you have defined an ip address on it.
you may have a duplicated ip address in vlan1 and device with ip addr 10.10.10.1 may have a different mac address associated to the ip address you have given to the new switch.
you can check this with
sh ip arp x.x.x.x
Hope to help
sorry there was a mistake, i was pinging not from the switch but from the PC that is conneted to the new switch. i was able to ping the SVI IP (192.168.1.1, 2.1, 10.10.10.10) from the PC. But if i tried to ping router IP i was not able to ping, I was reaching up to the connected switch only not going further from there. From the Router i tried to ping the SVI IP's it is pinging but if tried to ping the PC that is connected in the new switch, i was not able to ping.
From what ip are you trying to ping 10.10.10.1?
The router 10.10.10.1 needs to have a route to the ip you are pinging it from else it will drop the packet.
I was pinging from a PC which is connected on the new L2 switch i added. Route is there, i am able to ping the SVI IPs (192.168.1.1 and 192.168.2.1)from the Router.
I was pinging from the PC, IP is 192.168.1.11.
My case is - I have a new L2 switch without any IP address on that, connecting to the 3560 L3 switch over a Trunk. The L3 switch is connecting to the existing network and a default route is there (ip route 0 0 10.10.10.1)pointing to the existing network router. (On L3 - Vlan 1 IP 10.10.10.10 pointing to IP 10.10.10.1, Int fe 0/0 of Router)
The PC 192.168.1.11 is connected to the L2 Switch it is able to ping 10.10.10.10, SVI IP of Vlan 1 on 3560 switch, ideally it should also be able to ping the IP of the router which is 10.10.10.1 and vise versa (router should ping 192.168.1.11) also, router can ping 192.168.1.1 but it is not pinging 192.168.1.11.
more clear now but something is still missing
in what vlan is the port of the L2 switch to which the PC is connected?
who owns ip address 192.168.1.1 and in what L2 vlan is associated (it is another SVI on the L3 switch I guess)
You say router can ping 192.168.1.1 verify with
sh ip route 192.168.1.1 on the router where the router thinks to send a packet to that destination.
you can also use traceroute to 192.168.1.1 from the router.
if PC can ping 10.10.10.10 this means it has a correct default gateway.
Hope to help
All the ports on the L2 switch are configured as the memeber of Vlan 10
int fa 0/1-48
sw acc vlan 10
int gig 0/1 is the dot1q trunk connected to the L3 3560 switch, allowed all vlans(1,10,20).
Below are the SVI IPs and config on L3 switch.
int vlan 10
int vlan 20
int fa 0/1-23
sw acc vlan 20
int vlan fa0/24
des *** connecting to existing network Router via some L2 Switch ***
sw acc vlan 1
int gig 0/1
des *** Trunk to New L2 Switch ***
sw mode trunk
sw trunk encap dot1q
sw trunk allowed vlan 1,10,20
#on L3 3560- the routing default route -
ip route 0.0.0.0 0.0.0.0 10.10.10.1
How come the router can ping the Vlan IP but not the PC on that VLAN. How come the PC can ping their gateways and the vlan 1 ip 10.10.10.10 but not the IP of the router 10.10.10.1 ???? default route is there and it is working fine, i can ping from L3 switch.
Am i missing some command here on the L3, ip routing? is that could be the problem ? does it require in this scenario? if yes how i was pinging the vlan ip 192.168.1.1 from the router?
appreciate your input
thanks and regards
1st I would say you don't need to truck the 2 switch ports up, if everything is staying in vlan 10, then you could try removing the trunking and placing connecting ports also in vlan 10.
2nd, we really could do with a sh ip route on the router, at the very least a sh ip route 192.168.1.11 on that router.
for a successful ping also the return path has to work.
Check on the router if it knows network 192.168.1.0/24 by any means
sh ip route 192.168.1.0
if the output says subnet not in table you have found the root cause of your issue.
you may need
ip route 192.168.1.0 255.255.255.0 10.10.10.10
Hope to help