cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1619
Views
5
Helpful
4
Replies

Testing the Routing of Core Switch Catalyst 3650

daredavel
Level 1
Level 1

Hello, this switch was pre-configured by our vendor and I know very little about cli's. LAN1 and LAN2 has two different ISP address(for redundancy) pointing to our remote server. How can I test/ping/trace the connection of each ISP going to our remote server without shutting down the other port?

1 Accepted Solution

Accepted Solutions

Use the extended ping command:

https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping-trace.html#extend_ping

 

...specifying vlan SVI, however since you are trying to reach a server on the other end of a GRE tunnel, there is a good chance that only traffic encapsulated in that tunnel will be able to reach the server (no doubt there will be a firewall somewhere along the path). A ping sourced from the tunnel endpoint IP would probably not reach the server.

 

You could create two loopback interfaces with routable IP addresses (ie the remote server would be able to reach) and configure PBR to send traffic from int loopX via tunnel1 and loopY via tunnel2. The remote end router where the tunnels terminate would need a similar PBR setup to ensure that traffic is not asymmetrically routed back.

 

cheers,

Seb.

View solution in original post

4 Replies 4

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

I'm a little confused by your description. I think the correct answer is that you can source the ping from each of your configured VLAN SVIs.

 

Better still, could you share the running config with us so we can better understand the topology and what is trying to be achieved.

 

cheers,

Seb.

Hi Seb,

What I wanted to achieve is simply to ping our server specifically passing through my desired LAN port. Though it's doable by shutting down the other LAN port, I'm not into it. Is it possible to ping the server but I want it to pass through LAN 1, instead of LAN 2 and vice versa? It's just active checking of each ISP without shutting the other one down. Please see config below:

!
interface Tunnel1
description [TUNNEL TO SERVER VIA ISP1]
ip address 182.6.80.170 255.255.255.252
load-interval 30
tunnel source 11.18.1.2
tunnel destination 11.10.2.2
!
interface Tunnel2
description [TUNNEL TO SERVER VIA ISP2]
ip address 182.6.80.190 255.255.255.252
tunnel source 11.209.38.240
tunnel destination 11.209.31.15

====================================
!
interface GigabitEthernet1/0/1
description [LAN1]
switchport access vlan 50
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/2
description [LAN2]
switchport access vlan 60
switchport mode access

====================================
!
interface Vlan50
description ISP1_VLAN
ip address 11.18.1.2 255.255.255.0
!
interface Vlan60
description ISP2_VLAN
ip address 11.209.38.240 255.255.255.252

You can source the interface / IP address while ping to other device, so it will take that ISP path to reach the destination.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Use the extended ping command:

https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping-trace.html#extend_ping

 

...specifying vlan SVI, however since you are trying to reach a server on the other end of a GRE tunnel, there is a good chance that only traffic encapsulated in that tunnel will be able to reach the server (no doubt there will be a firewall somewhere along the path). A ping sourced from the tunnel endpoint IP would probably not reach the server.

 

You could create two loopback interfaces with routable IP addresses (ie the remote server would be able to reach) and configure PBR to send traffic from int loopX via tunnel1 and loopY via tunnel2. The remote end router where the tunnels terminate would need a similar PBR setup to ensure that traffic is not asymmetrically routed back.

 

cheers,

Seb.

Review Cisco Networking for a $25 gift card