We have an odd problem on a LAN in our company. We just restructured a network at a remote site and almost everything seems to work great. The only problem is with the connectivity to one of our routers. In the network we have two 6509's with MSFC2's in the core. On these core switches msfc's we have in addition to VLAN1, which is our main VLAN, 5 other VLANS that are distributed through most of the switches, and one additional VLAN on each 6509/MSFC for our routers which connect to our WAN. These router VLAN's are not included in any trunks anywhere. There is a single connection going between the 6509's that is a gigabit trunk which includes the main VLAN's, but not the router VLAN's.
Routers #1 is connected directly into 6509 #1 via a port that is in router VLAN #1 and we are having no problems that we can find with this configuration.
Router #2 is connected into a 3550-12G (routing turned off). The 3550-12G has 2 connections to 6509 #2. The first is a trunked connection with the main VLANS. The second is an access mode port on router vlan #2. The router is connected into this switch on another access mode port on router VLAN #2 also.
All routing devices are running EIGRP and all routes to/from each other look fine. You can get to/from every device via telnet, and you can ping each other just fine. But, you can not do a traceroute from any device on the LAN to router #2. Nor can you do a traceroute from router #2 to 6509 #2. Anything to router #1 works fine. From a WAN standpoint, it works the same way from the majority of our WAN, unless your route brings you through a serial interface on router #2, in which case the traceroute works. Also, in any case, a windows 2000 traceroute (ICMP vs. UDP) works just fine to either router.
There are no ACL's applied to any interface on either of the MSFC's or routers. Since we've done this reconfiguration the traffic coming across the serial link on router #2 seems to be decreased markedly. If I turn UDP debugging on for either the MSFC #2 or router #2, I can see the UDP traceroute packets hitting them.
I'm somewhat at a loss of where to look next. Everything has been double checked. All VLANs look ok, all IP addresses involved look OK and have the correct netmasks. None of the IP addresses appear to be in use anywhere else on our WAN. There are no ACL's on the interfaces, nothing in channel mode. Any suggestions?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...