07-24-2004 03:13 AM - edited 03-02-2019 05:17 PM
Dears,
I configuring a remote site switches to making up and running and make it able to connect to my central site through a router.
The site is like a following:
I have two buildings,
Building#1:
Two 2950 swith (as access switch for users)
Two 3550 L3 switches (distribution and L3 redundancy)
One 2600 rouoter.
Building#2
One 2950 switch(access switch for users)
The design like a following:
Vlan1:for managment
Vlan2:VLAN for Building#1 users
Vlan3:Vlan for building#2 users
The configuration I've implemented:
-In bldg#1
For the two access switches
Buld#1 2950 access switchs
Vlan1 :port 25,26 (trunk dot1q)
Vlan2:port 1-24 (switchport access) 25,26 (trunk dot1q)
In the 3550 L3 siwtch;
Vlan1: port 1-10 (trunk dot1q) àto bldg#1 1st access switch
Vlan2:port 1, 2 (trunk dot1q)àto bldg#1 2nd access switch
Vlan3:port 3 (trunk dot1q) à to bldg#2 access switch
And the same port assignment for the second 3550.
-In bldg#2 switch
Vlan1:port 25,26 (trunk dot1q)
Vlan3:port 1-24 (switchport access) 25,26 (trunk dot1q)
-L3 configuration is like following:
Vlan1 ip address 10.1.1.252/24
Vlan2 ip address 10.1.2.252/24
Vlan3 ip address 10.1.3.252/24
And ip routing is enabled and the interfaces is up , and I can communicate in each vlan, but the problem when Im trying to ping from host 10.1.3.100 (vlan3) to any ip in the Vlan2 (i.e 10.1.2.254) it gives time out, in the same time I can ping 10.1.2.252 from my 10.1.3.100 host !!!!! do you believe that,?!!! I tied the extended ping using the source 10.1.3.252 and destination 10.1.2.252 and I failed which means the intervlan routing is not okay, or I have a problem related to that. !!! so I need advises.
With regards
07-24-2004 12:22 PM
Hello,
when you say your 3550 switches are redundant, does that mean that you run HSRP between them ?
Regards,
Georg
07-24-2004 08:48 PM
No, not yet implemented the HSRP, but it will be after I finished the basic connectivity.
07-24-2004 11:16 PM
Hello,
so the Layer 3 configuration where the routing takes place is only configured on one of the 3550s ? Can you post the configuration of the 3550 where the L3 routing is occurring ?
Regards,
Georg
07-25-2004 01:08 AM
Dear,
Honstly the other L3 switch is configured also, but with different IP address for the vlan interfaces( I mean, instead of using 10.1.1.252 for VLAN1 10.1.1.253 is used and so on), is there a problem to configure the two L3 with out implementing the HSRP???
And the configuration in the following:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Building configuration...
Current configuration : 2227 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname
!
!
ip subnet-zero
ip routing
!
ip dhcp-server 10.1.2.201
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,4-4094
switchport mode trunk
no ip address
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2
switchport mode trunk
no ip address
!
interface GigabitEthernet0/3
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,3
switchport mode trunk
no ip address
!
interface GigabitEthernet0/4
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/5
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/6
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/7
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/8
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/9
switchport trunk encapsulation dot1q
no ip address
!
interface GigabitEthernet0/10
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-3,10
no ip address
!
interface GigabitEthernet0/11
switchport access vlan 2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2
no ip address
spanning-tree portfast
!
interface GigabitEthernet0/12
switchport access vlan 2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2
no ip address
spanning-tree portfast
!
interface Vlan1
ip address 10.1.1.252 255.255.255.0
!
interface Vlan2
ip address 10.1.2.252 255.255.255.0
!
interface Vlan3
ip address 10.1.3.252 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.2.254
ip http server
!
!
07-25-2004 02:02 AM
Hello,
can you post the following from the 3550 and one of the 2950 switches:
show vtp status
show interfaces trunk
Regards,
Georg
07-25-2004 04:10 AM
note that I have two buildings
building#1 (dis1,dis2,bldg1sw1 and bldg1sw2)
building#2 (bldg2sw)
and the physcial connections
(bldg1sw1: gi0/1-->dis1 gi0/1 and gi0/2 --> dis2 gi0/1)
(bldg1sw2: gi0/1-->dis1 gi0/2 and gi0/2 --> dis2 gi0/2)
(bldg2sw1: gi0/1-->dis1 gi0/3 and gi0/2 --> dis2 gi0/3)
dis1#sh vtp status
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : xyz
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x90 0x4F 0xD0 0x9D 0x57 0x77 0x97 0x9C
Configuration last modified by 0.0.0.0 at 3-1-93 00:38:08
Local updater ID is 10.1.1.252 on interface Vl1 (lowest numbered VLAN interface
found)
dis1#sh int tru
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
Gi0/10 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-2,4-4094
Gi0/2 1-2
Gi0/3 1,3
Gi0/10 1-3,10
Port Vlans allowed and active in management domain
Gi0/1 1-2
Gi0/2 1-2
Gi0/3 1,3
Gi0/10 1-3
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1-2
Gi0/2 1-2
Gi0/3 1,3
Gi0/10 1-3
dis2#sh vtp sta
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : xyz
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x90 0x4F 0xD0 0x9D 0x57 0x77 0x97 0x9C
Configuration last modified by 0.0.0.0 at 3-1-93 00:38:08
Local updater ID is 10.1.1.253 on interface Vl1 (lowest numbered VLAN interface
found)
Dis2#sh int tr
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/3 on 802.1q trunking 1
Gi0/10 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-2,10
Gi0/3 1,3
Gi0/10 1-3,10
Port Vlans allowed and active in management domain
Gi0/1 1-2
Gi0/3 1,3
Gi0/10 1-3
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 none
Gi0/3 3
Gi0/10 1-2
bldg1sw1#sh vtp st
TP Version : 2
onfiguration Revision : 1
aximum VLANs supported locally : 250
umber of existing VLANs : 7
TP Operating Mode : Client
TP Domain Name : xyz
TP Pruning Mode : Disabled
TP V2 Mode : Disabled
TP Traps Generation : Disabled
D5 digest : 0x90 0x4F 0xD0 0x9D 0x57 0x77 0x97 0x9C
onfiguration last modified by 0.0.0.0 at 3-1-93 00:38:08
bldg1sw1#sh interfaces tr
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-2
Gi0/2 1-2
Port Vlans allowed and active in management domain
Gi0/1 1-2
Gi0/2 1-2
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1-2
Gi0/2 1-2
07-25-2004 04:11 AM
bldg1sw2#sh vtp sta
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 250
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : xyz
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x90 0x4F 0xD0 0x9D 0x57 0x77 0x97 0x9C
Configuration last modified by 0.0.0.0 at 3-1-93 00:38:08
bldg1sw2#sh int tr
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-2
Port Vlans allowed and active in management domain
Gi0/1 1-2
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1-2
bldg2sw1#sh vtp stat
VTP Version : 2
Configuration Revision : 1
Maximum VLANs supported locally : 250
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : xyz
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x90 0x4F 0xD0 0x9D 0x57 0x77 0x97 0x9C
Configuration last modified by 0.0.0.0 at 3-1-93 00:38:08
bldg1sw1#sh int tr
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Gi0/2 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1,3
Gi0/2 1,3
Port Vlans allowed and active in management domain
Gi0/1 1,3
Gi0/2 1,3
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1,3
Gi0/2 1,3
07-25-2004 07:02 AM
Hello,
the configs look ok, as far a I can see. Stupid question maybe, but can your hosts ping their default gateways, which should be the IP addresses of their respective VLAN interfaces ?
Regards,
Georg
07-25-2004 09:07 PM
Dear Goerge,
Let me explain, I have to access VLANs,
Vlan2:10.1.2.0/24 with gateway 10.1.2.252/24
Vlan3:10.1.3.0/24 with gateway 10.1.3.252/24
I have a server on vlan2 with 10.1.2.130/24 and host 10.1.2.10/24 , the router f0/1 I tried to connect it once to bldg1sw1 and another dis1 in vlan2 port. And having the ip 10.1.2.254/24.
The users in the vlan2 has no problem with their gateways , the local server, the 10.1.3.252/24 vlan3 gateway-!!! even they connecting to my central network.
But the problem with vlan3 user, if I connect a Pc , e.g. 10.1.3.100 and tried to ping the router interface which is in different vlan=vlan2-, I counter request time out,
The strange it can ping the vlan2 gateway 10.1.2.252 ????!!!! do you believe that!! But cant ping any ip in vlan2 10.1.2.x ??
I make extended ping in dis1 using the source 10.1.3.252 and dest. 10.1.2.252, and it didnt work, which make me believe Im countering inter-vlan issues problem,
Please when replaying , I would like you to explain and discuss.
With regards
07-25-2004 11:00 PM
Pinging vlan 2 GW from host in vlan 3 is ok since vlan 3 GW IP is also hosted by the same GW(3550).
But the problem may not be even on your 3550..., It could be on the server you are trying to access from Vlan 3. Make sure whether the server has a default GW configured pointing to the vlan 2 GW.
If you still have issues..,
Please send follwing o/p from your Both 3550`s.
show ip route
show spanning-tree
traceroute from vlan 3 host to vlan 2 host/server
traceroute from vlan 2 host/server to vlan 3 host
Thanks
Solomon
07-26-2004 04:08 AM
Dear Goerge & Solomon
Thanks for being interested and for the help you gave, I solved my problem today (thanks god ;) )
I tried to ping from vlan3 to the server and it is working today, I think yesterday and the days b4 I did many changes in the same time in routing and port configuration which made me confused.
Today I fall back and make a check up in all configuration, and found that I can ping to my server in the vlan2 , but the problem I countered that cant ping my router Ethernet interface 10.1.2.254/24 I checked the routing table, and traced and tested all the routed starting from my central location through my site, which use eigrp routing to connect to my central site). And discovered the I should add a route to my vla3 10.1.3.0/24 to make it routed. And I got a replay and all my access vlan (2,3) from the remote site can reach my central network. And all done.
Thanks for you all gentlemen. And hope to keep in touch, because I learned a lot from you. And we can change the knowledge all the times.
With regards
Mohammed Al-mozanen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide