Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Primary and Secondary VLAN

Issue is on BOLD.

CR1#show run int gi 0/0.10
Building configuration...

Current configuration : 478 bytes
!
interface GigabitEthernet0/0.10
description Manufacturing VLAN
encapsulation dot1Q 10
ip address 10.42.17.253 255.255.255.0 secondary
ip address 100.172.5.252 255.255.255.0
ip access-group 190 in
ip flow egress
ip tcp adjust-mss 1452
no ip mroute-cache
standby 10 ip 100.172.5.254
standby 10 ip 10.42.17.254 secondary
standby 10 timers 1 3
standby 10 priority 200
standby 10 preempt
standby 10 name hsrp_mftg_vlan_gw
standby 10 track Serial0/0/0:1.457 105
end

CR1#ping 10.42.17.45 source 10.42.17.253

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.42.17.45, timeout is 2 seconds:
Packet sent with a source address of 10.42.17.253
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms


CR1#ping 10.42.17.45 source GigabitEthernet0/0.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.42.17.45, timeout is 2 seconds:
Packet sent with a source address of 100.172.5.252
.....
Success rate is 0 percent (0/5)

Regards Vinayak
Everyone's tags (4)
10 REPLIES
Silver

Primary and Secondary VLAN

Hi

If  the default-gateway configured for the client 10.42.17.45 is wrong or missing, then the client can respond to ping if the sender is on the same subnet, but not if the sender is on a different subnet, as with the second try.

I also see You have an access-group configured, maybe the access-list have to be modified.

/Mikael

New Member

Primary and Secondary VLAN

  points

Hi Raman,

By default, if you use "source GigabitEthernet0/0"  or any interface, the ip address it will use if the primary interface. You can see this from your ping output  "source address of 100.172.5.252".

This is like pinging 10.0.0.1 from 192.168.0.1 which will not work.

New Member

Primary and Secondary VLAN

without the default gateway set on 10.42.17.45, will this host be able to ping the secondary VLAN 100.172.5.x series ?

Regards Vinayak
Silver

Primary and Secondary VLAN

No it wouldn't.

It could only ping host on the own network (10.42.17.x), to reach hosts on other networks than the own, a default-gateway needs to be´configured.

/Mikael

New Member

Primary and Secondary VLAN

NEED A CLARIFICATION:

I thought the broadcast domain100.172.5.X and 10.42.17.X would get merged as we configure it as primary and secondary under the sub-interface. correct me if I am wrong.. Then, what would be the logic behind having multiple subnets configured under same VLAN inerface? Can you refer me to some documentation which will help me understand primary and secondary VLAN concept. We are having such set up as part of address translation from 100.X to 10.X.. Thanks a lot.

Regards Vinayak
Silver

Primary and Secondary VLAN

You are correct in that the broadcast domain in layer 2 is the same. But as for layer 3 it's not the same subnet.

When a host will send data to another host it will compare the detination ip address with it's own ip address using the subnetmask as help. If the host find out that the destination is within it's own ip subnet, then the host will arp for the destination. If the host finds out that the destination is not in it's own ip subnet, the host will send it to the default-gateway. If default-gateway is not configured the packet will be dropped by the host

There are a situation when the router can act as a proxy for arp requests. It's when a host has such a subnetmask that it beleives the destination is in the same ip subnet, and therefor arp:s for the destination directly. see this link for proxy arp.

http://www.cisco.com/en/US/partner/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

/Mikael

New Member

Primary and Secondary VLAN

the link you posted is forbidden for my CCO ID. would you mind mailing it ? thank you very much

Regards Vinayak

Primary and Secondary VLAN

I believe this should work. I tested this it worked. I see that its picking the primary IP when we reference the Interface instead if IP.  What is the IOS on the router that you have ?

Also are debugs possible? if yes please paste those as well.

New Member

Primary and Secondary VLAN

IRVEXTCR1#show ver
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(24)T
1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Fri 19-Jun-09 15:13 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)T7, RELEASE SOFTWARE (fc1)

Regards Vinayak
New Member

Re: Primary and Secondary VLAN

Yes it will work if  you have a default gateway set on the ip you are pinging.

1784
Views
5
Helpful
10
Replies
CreatePlease to create content