04-26-2010 07:08 PM - edited 03-06-2019 10:49 AM
Tryin to set up a new network in the current LAN..using secondary IP address..currently using glbp
so 172.20.255.17 would be the GW of the device in it.
From the WAN i can hit the gw ip addres and the real ip address on g0/0...but from the directly connected switch on g0/0 i can not.
interface GigabitEthernet0/0
ip address 192.168.120.1 255.255.255.0 secondary
ip address 172.20.255.18 255.255.255.248 secondary
ip address 192.168.119.246 255.255.255.0
duplex auto
speed auto
media-type rj45
glbp 1 ip 192.168.119.247
glbp 1 ip 172.20.255.17 secondary
glbp 1 weighting track 1 decrement 100
router1#sh cdp ne
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
switch1 Gig 0/0 148 R S I WS-C4006 Fas 2/1
swtich1# sh cdp neigh det
Device ID: XR1.IAD1
Entry address(es):
IP address: 192.168.119.246
IP address: 192.168.120.1
IP address: 172.20.255.18-----------------------------------------------new network
Platform: Cisco 3845, Capabilities: Router Switch IGMP
Interface: FastEthernet2/1, Port ID (outgoing port): GigabitEthernet0/0
switch1#sh run int fastethernet 2/1
interface FastEthernet2/1
switchport access vlan 119
qos trust dscp
end
so it looks like the switchport on the switch is configured as an accessport which is connected to the router..
is there any way to make this work without creating subinterfaces on the router gig port and trunking on the switch?
04-26-2010 07:18 PM
Hi,
You have a switch (4006) connected to Gig0/0 of the router 3845 correct?
From that switch you can PING the real IP of the Gig0/0 (192.168.119.246) but not the secondary IP (172.20.255.18) correct?
I would think that is because the 4006 does not have an IP from the 172.20.255.x subnet?
If you check the IP routing table of the 4006, which is the next-hop to reach 172.20.255.x?
Federico.
04-26-2010 07:36 PM
swtich1#sh ip int br
Interface IP-Address OK? Method Status Protoco
Vlan1 unassigned YES manual up up
Vlan119 192.168.119.155 YES manual up up
Vlan172 172.20.255.21 YES manual up up
GigabitEthernet1/1 unassigned YES unset up up
you are correct about being able to ping 119.246..and not the 172.20.255.17 or .18
as you can see..i do have an interface configured on that network
I looked at another router/switch on our network
and i noticed in that worknig situation...the gig interface on the switch is not configured for any vlan
however in that sitatution there are not vlans configured, everything is on vlan 1
04-26-2010 07:47 PM
The connection from the 4006 to the Gig0/0 of the 3845 is an access port on VLAN 119
The interface VLAN on 4006 that has an IP of 172.20.255.x is part of VLAN 172
I would have this scenario working with trunk on the switch and subinterfaces on the router
(why don't you want this setup)?
In terms of routing, if you do a ''sh ip route'' on the 4006, do you get a directly connected entry for
172.20.255.x through port Fas2/1?
Federico.
04-26-2010 09:41 PM
This is what I think is happening (I may be wrong ;-))
At Layer2, Switch 4006 Fas2/1 is directly connected to Router 3845 Gig0/0
When you try to PING from the 4006 to 172.20.255.128, the 4006 sends an ARP for 172.20.255.18, it will send that ARP in its broadcast domain
(VLAN 172 which is where the SVI for 172.20.255.x resides)
This broadcast is not going to be propagated out Fas2/1 (since Fas2/1 is an access port on VLAN 119)
So, if you check the ARP table on 4006, you will not get an entry for 172.20.255.18
This is why you don't get a PING to that IP from the switch.
Federico.
04-27-2010 11:22 AM
when i do a show ip route
Gateway of last resort is not set
172.20.0.0/29 is subnetted, 1 subnets
C 172.20.255.16 is directly connected, Vlan172
C 192.168.119.0/24 is directly connected, Vlan119
however when i remove the ip address from int vlan 172 on the 4006
i only get
Gateway of last resort is not set
C 192.168.119.0/24 is directly connected, Vlan119
im not sure why i would need an interface vlan configured with an IP address on it.....we have many
situation where there are no IP addresses associated with a vlan on a layer 2 switch
in any event...the gw is unpingable with or without an ip address on vlan 172
04-27-2010 01:10 PM
If you change Fas2/1 on the 4006 to be an access port on VLAN 172, you can then PING 172.20.255.x from the 4006 correct?
I think that the problem is that the only connection between 4006 and 3845 is a single physical interface Fast2/1 (which is an access port on VLAN 119)
If you configure Fas2/1 to a trunk port or access port on VLAN 172 (just to do the test), can you then PING the 172.20.255.x?
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide