Solved: Able to ping all hosts on subnet except one (SG350-28)

asahukar · ‎11-13-2024

For the host 172.25.18.4, (VLAN18), I am able to ping and run traceroute utilities from the when the source IP is set to 'Auto'. However, when the source IP is set to 172.25.12.2 (VLAN 1), neither ping or traceroute succeed.

Tracing the route to 172.25.18.4 (172.25.18.4), 30 hops max, 64 byte packets
Type Esc to abort.
1 172.25.18.4 (172.25.31.4) <10 ms <20 ms <10 ms

Trace complete.

RA-SG350#traceroute ip 172.25.18.4 source 172.25.12.2
Tracing the route to 172.25.18.4 (172.25.18.4) from 172.25.12.2, 30 hops max, 64 byte packets
Type Esc to abort.
1 * * *
2 *
Trace aborted.

Oddly, for the host 172.25.18.2, 3 or 5 (VLAN18), I am able to ping and run traceroute as expected both when the source IP is set to 'Auto' and when the source IP is set to 172.25.12.2 (VLAN1).

RA-SG350#traceroute ip 172.25.18.3
Tracing the route to 172.25.18.3 (172.25.18.3), 30 hops max, 64 byte packets
Type Esc to abort.
1 172.25.18.3 (172.25.18.3) <10 ms <10 ms <10 ms

Trace complete.

RA-SG350#traceroute ip 172.25.18.3 source 172.25.12.2
Tracing the route to 172.25.18.3 (172.25.18.3) from 172.25.12.2, 30 hops max, 64 byte packets
Type Esc to abort.
1 172.25.18.3 (172.25.18.3) <10 ms <10 ms <10 ms

Trace complete.

Additional checks:

I am able to ping and SSH into 172.25.18.4 from 172.25.18.3, so I am fairly certain the NIC and cables are fine.
I confirmed that the MAC address in the ARP table for 172.25.18.4 is correct (stands to reason, I can communicate between all hosts on the 172.25.18.0 subnet).
I did reboot the switch as well - no change.
The port GE3 is attached to 172.25.18.3 and GE4 is attached to 172.25.18.4 - both port settings are the same and show interfaces config detailed doesn't show anything untoward.

RA-SG350#show interfaces configuration detailed
Flow Admin Back Mdix
Port Type Duplex Speed Neg control State Pressure Mode
-------- ------------ ------ ----- -------- ------- ----- -------- ----
gi1 1G-Copper Full 1000 Enabled Off Up Disabled Auto
gi2 1G-Copper Full 1000 Enabled Off Up Disabled Auto
gi3 1G-Copper Full 1000 Enabled Off Up Disabled Auto
gi4 1G-Copper Full 1000 Enabled Off Up Disabled Auto

Do you have suggestions for other diagnostic approaches/techniques I should take?

Thanks in advance for the help

Flavio Miranda · ‎11-13-2024

@asahukar

Does 172.25.18.4 have default gateway configured?

View solution in original post

Flavio Miranda · ‎11-13-2024

@asahukar

Does 172.25.18.4 have default gateway configured?

Richard Burts · ‎11-13-2024

When multiple hosts in a subnet do respond to ping/traceroute when sourced from both local addresses and remote addresses, and one host will respond to ping/traceroute when sourced from a local address but not when sourced from a remote address it does suggest that the issue is something with that host and not with the switch/network. The host not having a correct default gateway is certainly one explanation of this behavior. It might also be that this host has some security policy that will respond to ping/traceroute from local addresses but not from remote addresses. What can you tell us about this host?

HTH

Rick

asahukar · ‎11-13-2024

@Flavio Miranda-- BIngo! It does have a default route but it is set incorrectly.
I further found I have a bug in the machine configuration of the host with the issue that shows up on a reboot (which I had executed prior to this issue showing up).

Problem is solved.

asahukar · ‎11-13-2024

@Richard Burts-- I didn't mention security policy because these are lab-based hosts and are behind a 'walled garden' - no additional firewall rules or ACLs in place for this subnet.

For those reading this post in the future, though, I agree that's an excellent point of diagnostics.

Richard Burts · ‎11-19-2024

Thanks for the update. Glad to know that you found and fixed the issue.

HTH

Rick