Re: InterVLAN Routing Issues

sdascher · ‎09-26-2005

I have setup 2 new vlans and their assosiated routes according to http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008015bf9a.shtml#topic1. I have 5 other vlans that my 2 new vlan configurations mimic (aside from obvious differences). Unfortunately I cannot get across to any other vlan from the newly defined ones, even though the config looks good and routing b/t all other vlans is still funtional. Please excuse me if I sound a little inexperienced with this b/c I unfortunately am. I was put in this situation for a "trial by fire" re-organizatioin after my old boss left. Best way to learn right?

ToddWarren · ‎09-26-2005

How are your routes being learned? Are you using trunking? Can you paste your InterVLAN configs?

glen.grant · ‎09-26-2005

You'll need to post your configs to see what is wrong . Make sure both the L2 vlan definition and the layer SVI interface is created otherwise you will not be able to route between your new vlans . If you do a show vlan" do your new vlans show up and active and what port they were assigned to ????

sdascher · ‎09-26-2005

Yes, if I show vlan on the Catalyst (6509) I see both new VLANs as up and active. Once connected to the router module, looking at the ip interface for one of the new VLANs this is what I see:

"Vlan10 is up, line protocol is up

Internet address is 10.1.1.3/16

Broadcast address is 255.255.255.255

Address determined by setup command

MTU is 1500 bytes

Helper address is not set

Directed broadcast forwarding is disabled

Multicast reserved groups joined: 224.0.0.9

Outgoing access list is not set

Inbound access list is not set

Proxy ARP is enabled

Local Proxy ARP is disabled

Security level is default

Split horizon is enabled

ICMP redirects are never sent

ICMP unreachables are always sent

ICMP mask replies are never sent

IP fast switching is disabled

IP fast switching on the same interface is disabled

IP Flow switching is disabled

IP Fast switching turbo vector

IP Null turbo vector

IP multicast fast switching is disabled

IP multicast distributed fast switching is disabled

IP route-cache flags are No CEF, No Distributed

Router Discovery is disabled

IP output packet accounting is disabled

IP access violation accounting is disabled

TCP/IP header compression is disabled

RTP/IP header compression is disabled

Probe proxy name replies are disabled

Policy routing is disabled

Network address translation is disabled

WCCP Redirect outbound is disabled

WCCP Redirect inbound is disabled

WCCP Redirect exclude is disabled

BGP Policy Mapping is disabled

IP mls switching is enabled

IP multicast multilayer switching is disabled"

This mimics most of the other funtional VLANs here.

Vlan10 is up, line protocol is up

Hardware is Cat6k RP Virtual Ethernet, address is 0030.7b92.d678 (bia 0030.7b9

2.d678)

Internet address is 10.1.1.3/16

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:57, output never, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

7308 packets input, 780228 bytes, 0 no buffer

Received 5688 broadcasts (112 IP multicast)

0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

1926 packets output, 137574 bytes, 0 underruns

0 output errors, 4 interface resets

0 output buffer failures, 0 output buffers swapped out

Your help is greatly appreciated!

glen.grant · ‎09-26-2005

Are these all just on the 6500 or are they trunked to lower switches ???? Think we need to se the config and how your stuff is setup .

sdascher · ‎09-26-2005

These are all on the Cataylst and its Routing module. At this point there aren't any other switches or routers in the mix. Are you looking to see the router module's config or the Catalyst itself?

glen.grant · ‎09-26-2005

I would post the catos side , there really isn't a whole lot you have to do on the layer3 side other than create the SVI and put an address on it .

sdascher · ‎09-26-2005

I have attatched a txt file w/our current Catalyst configuration.

glen.grant · ‎09-26-2005

Don't see anything wrong with the catos side , only see 1 port set into vlan 10 , 6/9 so I assume that you cannot ping anything from this port to other subnets , silly question , did you set the ip address on your nic so that it falls within the vlan 10 address space and also point your default gateway at the vlan 10 SVI interface ? Unless your gateway on your nic is pointed at the SVI you won't get off that subnet.

sdascher · ‎09-27-2005

Yes, I double checked as well to be sure I wasn't "fat fingering" anything. One of the things that concerns me is that I can't ping the vlan 10 SVI interface form any other vlan, but can ping the SVI of any other vlan from any other vlan. I see my previous superior setup the other interfaces as *.*.*.3, i.e:

interface Vlan100

description Root

ip address 10.10.100.3 255.255.255.0

no ip redirects

no ip route-cache

no ip mroute-cache

interface Vlan101

description Corporate

ip address 10.10.101.3 255.255.255.0

no ip redirects

no ip route-cache

no ip mroute-cache

But we use *.*.*.1 as our DG on all vlans. I am able to ping those interfaces from all vlans but 10 as well. Is this a sign that something was configured improperly?