09-11-2023 08:02 AM
I have a router - switch - switch configuration that has worked reliably for a long time and has not been overtly changed recently. Suddenly, I can't ping by name from the second switch even though I can ping the destination host and the DNS server by number. I would appreciate a suggestion for where to look to resolve this issue.
The essential configuration is as follows:
Internet
FIOS
Router (RV130W; 192.168.105.1) --- forwards incoming VLAN 4 to 105.2
Switch A (CBS350-24P-4G; 192.168.105.2) --- forwards incoming VLAN 4 to 105.3
Trunk carrying VLANs 4 and 105
Switch B (SG300-10; 192.168.105.3) --- contains VLAN 4
VLAN 4 (on switch B) knows its way to the internet and back: I can ping my test destination www.yahoo.com by number, and I can also ping the DNS server 8.8.8.8. However, I can no longer ping yahoo.com by name from switch B ("net unreachable"), although this used to work. But from switch A, that ping by name works.
It used to be that the Host Mapping table on switch B had no static entries, but things still worked fine. I tried entering as static several of the yahoo.com IP addresses (both pingable by number), but that did not help.
It is almost certainly the case that this issue arose after a transient power outage. Since then, I have recycled the power to all devices one or more times, but that did not help. What configuration on switch A or B might have secretly changed to trigger the "net unreachable" message even though everything is pingable by number all the way through from switch B?
Thanks for your advice.
09-12-2023 08:02 AM
If ping by address works but ping by name does not it indicates some issue with DNS name resolution. If the switch used to work and has a problem after a power outage it suggests that some configuration change was made but was not saved to startup and was lost in the power outage. As a starting point compare the working switch config with the not working switch config, focusing on DNS related elements. If you do not identify the issue then post both configs (masking sensitive information such as Public IPs and passwords).
09-28-2023 05:08 AM
Thanks, Richard. It turns out that the power outage was a red herring. The issue that led me to investigate turned out to be a misconfiguration of one of the DHCP servers, which I have fixed. But a basic issue remains: I can't do an administrative ping by name from any of several SG300's that are connected to the CBS350. A simplified diagram is as follows:
Router (RV130-W; 192.168.105.1) --- configured as gateway (recommended), DNS set to retrieve from ISP (also tried 8.8.8.8)
<->
Switch (CBS350; 192.168.105.2) --- DNS pointed to the router 105.1 (all pings by name work)
<->
Switch (SG300; 192.168.105.3) --- DNS pointed to the router 105.1 (administrative pings by name DO NOT WORK)
Although the administrative pings by name do not work from the SG300, named pings from my laptop connected to VLAN 105 on that switch (laptop static IP; gateway set to 105.3) do work.
To try to debug this, I connected Wireshark to a port on the CBS350 that mirrors VLAN 105, then did an administrative ping by name from the SG300. It sends two DNS queries from 105.3 to 105.1, and they are answered: one with an ipv6 address, and one with an ipv4 address. The SG300 announces "Ping failed - net unreachable", but this is not true: I have connectivity all the way through to the internet. Administrative pings by number work, and as I said, I can ping by name from my laptop connected to the SG300; it's something about the administrative ping by name (which works from the CBS350). Perhaps I have a misconception about how that's supposed to work or be configured --- but what?
Thanks,
John
09-12-2023 09:43 AM
This looks for me DNS issue, can you post both the device config
09-28-2023 05:10 AM
Thanks, Balaji. I agree it's somehow related to DNS. Please see my response to Richard Burt that I just posted.
10-02-2023 09:53 PM
John
Thanks for the information. I agree that config details from the switch that does not work would be helpful.
10-13-2023 11:58 PM
ok as i understand that issue only with SG300 switch right ?
what is administrative ping in your view (post some examples ?)
Switch (SG300; 192.168.105.3) --- DNS pointed to the router 105.1 (administrative pings by name DO NOT WORK)
from this switch (removing all sensitive data) post show run
Although the administrative pings by name do not work from the SG300, named pings from my laptop connected to VLAN 105 on that switch (laptop static IP; gateway set to 105.3) do work.
- Hope Laptop got the IP address from DHCP . (post ipconfig /all output) and nslookup google.com
then did an administrative ping by name from the SG300. It sends two DNS queries from 105.3 to 105.1, and they are answered: one with an ipv6 address, and one with an ipv4 address.
- you can disable ipv6 here, Do you run DNS Server on SG300, then disable that and use 105.1 as DNS Server and test it
10-13-2023 11:22 PM
Hello
does that specific switch have ip domain lookup enabled?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide