cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1327
Views
0
Helpful
9
Replies

Test Switch

Good day all, 

I'm perplexed by an issue I am having. So I am setting up and Cisco ISE solution on my network. The thought was '"hey let me use a test switch to be sure things will jive before production". So I set up a 3850 and setup a trunk port to my existing switch on the production network which is a 9300. I get link lights on both ends but for some reason the test switch (3850) cant ping across to the switch it's trunked to. I have set the no ip routing and configured the 9300 switch to be the default gateway. I even tried enabling ip routing and setting the 9300 switch as the default gateway and its been a no go both ways. What is throwing me for a loop is the fact its populating IP in the routing table for both the 9300 and the actual legit gateway on my network whenever I change them back and forth. But the test switch (3850) cant ping the 9300 its trunk to on a regular old ethernet port. Any takes on this issue I have look at the routing table even the mac-address table and ip arp for the particular IP the Hardware address is "Incomplete"

9 Replies 9

balaji.bandi
Hall of Fame
Hall of Fame

As i understand the setup :

 

Cat 9300 configured Layer 3 SVI x.x.x.1  you made a Layer 2 Trunkl with Cat 3850 setup VLAN interface config x.x.x.100 (example) default-gateway x.x.x.1 setup on 3850, you are not able to ping from Cat 3850 to x.x.x.1 - is this correct ?

 

On Cat 3850 are you able to ping local IP x.x.x.100 ?

 

can you post below information :

 

show vlan (from both swithes)

show ip interface brief (from both the switches)

show etherchannel summary (both the switches)

 

show run interface port-channel X ( from both the switches)

show ip route from 3850

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Its actually trunking to another Layer 2 switch which is the 9300 so technically I'm trying to add another Layer 2 access switch to an existing Layer 2 switch where users are to test my Cisco ISE solution. So I don't interrupt my actual users should something go wrong I am just testing things on this 3850 

Agreed, Do you small network topology to understand the issue ?

 

But the test switch (3850) cant ping the 9300 its trunk to on a regular old ethernet port.

where is your Layer 3  IP you are pinging ? what VLAN number is this ?  it would be nice if you can post the config.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I am gathering the config now but yes my Layer 3 IP can ping the first 9300 but can reach the 3850 that is trunked to it. I put the Layer 3 IP in the default-gateway and the Layer 2 9300 just to see. They where put in the routing table but neither worked below is the config you asked for 

 

3850 sho vlan bri


3850switch1#sho vlan bri

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1       active
10     active
100   active
103   active
104   active Gi1/0/24
105   active
111   active Gi1/0/26
112   active
114   active
199   active
200   active Gi1/0/7, Gi1/0/8, Gi1/0/9 Gi1/0/10, Gi1/0/11, Gi1/0/13Gi1/0/16, Gi1/0/17, Gi1/0/18
201   active Gi1/0/5, Te1/1/2
202   active
203   active
204   active
300   active
666 DISABLED active Gi1/0/2, Gi1/0/3, Gi1/0/4 Gi1/0/6, Gi1/0/12, Gi1/0/14

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
Gi1/0/15, Gi1/0/19, Gi1/0/20
Gi1/0/21, Gi1/0/22, Gi1/0/23
Gi1/0/25, Gi1/0/27, Gi1/0/28
Gi1/0/29, Gi1/0/30, Gi1/0/31
Gi1/0/32, Gi1/0/33, Gi1/0/34
Gi1/0/35, Gi1/0/36, Gi1/0/37
Gi1/0/38, Gi1/0/39, Gi1/0/40
Gi1/0/41, Gi1/0/42, Gi1/0/43
Gi1/0/44, Gi1/0/45, Gi1/0/46
Gi1/0/47, Gi1/0/48, Te1/1/1
991   active
998 NATIVE  active
999 NETWORK_MGNT active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup

3850 # sho ip int bri
Vlan1 unassigned YES NVRAM administratively down down
Vlan201 172.16.1.2 YES NVRAM up up
Vlan202 unassigned YES unset up up
Vlan203 172.16.3.1 YES NVRAM up up
Vlan999 172.16.0.11 YES NVRAM up up
GigabitEthernet0/0 unassigned YES NVRAM down down
GigabitEthernet1/0/1 unassigned YES unset up up

3850 sho ip route

H168-switch1#sho ip route
Extended Host Mode is enabled
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 172.16.0.2 to network 0.0.0.0

S* 0.0.0.0/0 [0/0] via 172.16.0.2 (This is the Layer 2 9300) weather it is this IP or the Layer 3 ip which is  (172.16.0.1) it's populated to the routing table but I still cant ping across
172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Vlan999
L 172.16.0.11/32 is directly connected, Vlan999
C 172.16.1.0/24 is directly connected, Vlan201
L 172.16.1.2/32 is directly connected, Vlan201
C 172.16.3.0/24 is directly connected, Vlan203
L 172.16.3.1/32 is directly connected, Vlan203

9300 sho vlan bri
9300-Switch1#sho vlan bri

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
10 active
100 active
200 active Gi1/0/21, Gi1/0/22, Gi1/0/23, Gi1/0/24, Gi1/0/25, Gi1/0/26, Gi1/0/27, Gi1/0/28, Gi1/0/29, Gi1/0/30, Gi1/0/31, Gi1/0/32, Gi1/0/33, Gi1/0/34
Gi1/0/35
201 active Te1/1/1
202 active
203 active
300 active
666 DISABLED active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4, Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8, Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18, Gi1/0/19, Gi1/0/20, Gi1/0/37, Gi1/0/38, Gi1/0/39, Gi1/0/40, Gi1/0/41, Gi1/0/42, Gi1/0/43, Gi1/0/44, Gi1/0/45
Gi1/0/46, Gi1/0/47, Gi1/0/48, Te1/1/2, Te1/1/3, Te1/1/4, Te1/1/5, Te1/1/6, Te1/1/7
998 NATIVE_VLAN active
999 NETWORK_MGNT active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

9300-Switch1#sho ip int bri
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM administratively down down
Vlan999 172.16.0.2 YES NVRAM up up
Output omitted
GigabitEthernet1/0/36 unassigned YES unset up up (This is port trunking to 3850)

 

 

On 3850 configure default-gateway to 172.16.0.1

Make sure 172.16.0.11 address free not conflicting

 

further to know better

 

Cat 9300 post below information ( alow post where this connect to uplink port)

show run GigabitEthernet1/0/36

show run interface vlan 999

show ip route

 

Cat 3850 post below information

show run GigabitEthernet1/0/X - where the port connected Cat 9300

show run interface vlan 999

show ip route

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

The IP is definitely free, the default gateway has been on 172.16.0.1 when I do a show ip arp and filter on the Layer 3 it definitely shows me 172.16.0.11 with the vlan and mac address so there is definitely something I am missing as they still cannot ping but obviously see each other here is the config you asked for  below:

 

9300-Switch1#sho run int gi1/0/36
Building configuration...

Current configuration : 244 bytes
!
interface GigabitEthernet1/0/36
description
switchport access vlan 999
switchport mode trunk
switchport nonegotiate
switchport block unicast
storm-control broadcast level bps 1g
spanning-tree guard root
ip dhcp snooping trust
end

9300-Switch1#sho run int vlan999
Building configuration...

Current configuration : 93 bytes
!
interface Vlan999
description Management
ip address 172.16.0.2 255.255.255.0
end

9300-Switch1#sho ip route
Extended Host Mode is enabled
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 172.16.0.1 to network 0.0.0.0

S* 0.0.0.0/0 [0/0] via 172.16.0.1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Vlan999
L 172.16.0.2/32 is directly connected, Vlan999

3850-switch2#sho run int gi1/0/1
Building configuration...

Current configuration : 161 bytes
!
interface GigabitEthernet1/0/1
description Trunk to Access Switch1 P36
switchport access vlan 200
switchport trunk native vlan 998
switchport mode trunk
end

3850-switch2#sho run int vlan999
Building configuration...

Current configuration : 94 bytes
!
interface Vlan999
description Management
ip address 172.16.0.11 255.255.255.0
end

3850-switch2#sho ip route
Extended Host Mode is enabled
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is 172.16.0.1 to network 0.0.0.0

S* 0.0.0.0/0 [0/0] via 172.16.0.1
172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.16.0.0/24 is directly connected, Vlan999
L 172.16.0.11/32 is directly connected, Vlan999
C 172.16.1.0/24 is directly connected, Vlan201
L 172.16.1.2/32 is directly connected, Vlan201
C 172.16.3.0/24 is directly connected, Vlan203
L 172.16.3.1/32 is directly connected, Vlan203

 

 

Thanks for the information, its much better now.

 

1. From 3850 can you able to ping  172.16.0.11 (Locally ?)

2. From 3850 can you able to ping  172.16.0.2

3. From Cat 9300 can you able to ping  172.16.0.1 ?

4. From Cat 9300 can you able to ping  172.16.0.11 ?

 

 

On cat 9300 remove this command and test it.

interface GigabitEthernet1/0/36
no switchport block unicast

 

On  3850  ( gig 1/0/1 is connected Cat 9300) if so let leave it as trunk port rather than access port

 

interface GigabitEthernet1/0/1
no switchport access vlan 200

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

 

post the full running configs of both switches (sh run) and indicate (by putting a description on the interfaces) which two interfaces are used for the connection between the 3850 and the 9300. 

 

There probably is a mismatch somewhere...seeing the full configs should reveal any issues.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: