Solved: Can't ping router interface from LAN (Static Route problem)

misaleh · ‎02-22-2022

I'm facing a problem when I try to ping from PC0 to Router0's gi0/0 interface, I get a timeout, but when I change the static route on Router0 to point to 10.132.32.2 instead of 10.132.32.1, the ping is successful and I'm not sure why is that. Could someone please help me with this? I've attached a screenshot of the design and below is the main configuration of the devices.

Router0

hostname Router0

ip cef

no ipv6 cef

license udi pid CISCO2911/K9 sn FTX15241Q8A-







spanning-tree mode pvst




interface GigabitEthernet0/0

ip address 10.132.32.10 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface GigabitEthernet0/2

no ip address

duplex auto

speed auto

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip route 10.132.0.0 255.255.0.0 10.132.32.1

!

ip flow-export version 9

!




Multilayer Switch0




interface GigabitEthernet1/0/1

switchport access vlan 32

switchport mode access

switchport nonegotiate

!

interface GigabitEthernet1/0/2

switchport mode trunk

!

interface Vlan32




ip address 10.132.32.1 255.255.255.0

!

ip classless

ip route 10.132.0.0 255.255.0.0 10.132.32.2

ip route 0.0.0.0 0.0.0.0 10.132.32.10




Multilayer Switch1




ip routing

!

interface GigabitEthernet1/0/1

switchport mode trunk

!

interface Vlan32

ip address 10.132.32.2 255.255.255.0

!

interface Vlan200

ip address 10.132.200.1 255.255.255.0







Switch0







interface FastEthernet0/1

switchport mode trunk

!

interface FastEthernet0/2

switchport access vlan 200

switchport mode access

Martin L · ‎02-23-2022

Couple issues: PC 0 default .gateway is 10.132.200.1 but that is IP on sw 1 in vl 200 and not on sw0 which is directly connected to PC0 via L2 sw. You can move PC 0 to sw 1 and add new PC to sw L2 in the subnet of sw 0 Vlan32. Or change IP add and d.g. of PC0 and add new PC 1 to sw 1 in vlan 200. Usually you should have end device default gateway to nearest L3 device IP, not remote device.

YOur PC0 ping goes via L2 to Sw 0, then to Sw 1 and back to Sw 0 to reach router 0. now we may have issues at router.

2nd, all your subnets are /24 but static route is /16 ,

ip route 10.132.0.0 255.255.0.0

is like a summary route; You can say purpose of summary route is different from purpose of static routes. However, Rule of routing is that routers know about its directly connected interfaces, so no need for static routes or any routing between/among directly connected subnets. Your router would need static route for 10.132.200.0 /24 out of G0/0 but not for 10.132.32.0/24 which is directly connected.

3rd, Sw 0 is not doing any routing right now, it is L2 sw since you did not turn on

 ip routing

(could be silly mistake). That type of L3 switch in PT needs to have

ip routing

command to be added unlike other L3. So, following commands do nothing

ip route 10.132.0.0 255.255.0.0 10.132.32.2 and default route ip route 0.0.0.0 0.0.0.0 10.132.32.10

on sw 0. Furthermore,L2 switch should have Default gateway assigned and up up but your Sw0 has none. Default gateway is not set; Finally, you could add default route of

ip route 0.0.0.0 0.0.0.0

on L3 edge devices and typically those who point to ISP and the Internet.

So, Why When static route on Router0 to point to 10.132.32.2 (sw1) instead of 10.132.32.1 (sw0), the ping is successful? Traffic stalls at Sw 0 right now. PC 0 ping get to Router0, but return ping back to PC fails; stalls at sw 0. When you ping, Router looks at IP routing table first, then at its arp cache; Based on routing table, next hop IP is figured out, then ARP MAC address must be discovered to match IP (ARP l3 to l2 mappings). In your case, destination IP of 200.10 is via IP of 10.132.32.1, which is on Sw0; Now, router needs L2 MAC of destination. this is Ethernet destination MAC points to Sw0 interface Vlan32. But without ip routing on switch, ping stops here (it is not pass on to l3). Note that ARP table must have l3 to L2 mapping before any type of traffic is successful.

In case of Router0 static route pointing to 10.132.32.2, ARp resolution on router 0 will point to sw1 interface vlan 32. Packets just roll over L2 sw 0 to reach sw 1.

Router0#sh ip arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.132.32.1  32  0009.7C86.DA01 ARPA GigabitEthernet0/0

Internet 10.132.32.2  30  0002.1737.9B01 ARPA GigabitEthernet0/0




Router0#sh ip ro 10.132.200.10

Routing entry for 10.132.0.0/16

Known via "static", distance 1, metric 0

Routing Descriptor Blocks:

* 10.132.32.1

In summary, what is dest. IP way out?

show ip route / show ip cef

; then what is MAC address of destination? This is L2 to L3 ARP table or cache. Once we have dest. MAC, frame is build and packets can be forwarded out.

Regards, ML
**Please Rate All Helpful Responses **

View solution in original post

Martin L · ‎02-22-2022

You can attach your PT file here but it must be in a zip format;

Also, check L3 switches if they have ip routing turn on; there is 1 out of 2 switches that does not have

 ip routing

command;

Regards, ML
**Please Rate All Helpful Responses **

misaleh · ‎02-23-2022

I've attached the PT file.

paul driver · ‎02-22-2022

Hello
The reason is switch1 is performing the intervlan routing for both L3 vlans (32,200), and for rtr1 to be able to reach vlan 200 hosts it needs a specific static route for vlan 200 to point to towards switch1 vlan 32 ip address.

Switch0 is just an intermediate L2 host switch it should not have ip routing enabled, It just needs pass L2 traffic between the rtr and switch1

Switch0
no ip routing
no ip route 10.132.0.0 255.255.0.0 10.132.32.2
no ip route 0.0.0.0 0.0.0.0 10.132.32.10
ip default-gateway 10.132.32.2


rtr
no ip route 10.132.0.0 255.255.0.0 10.132.32.1
ip route 10.132.200.0 255.255.0.0 10.132.32.2

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

misaleh · ‎02-23-2022

The

 ip route

commands you mentioned is configured on Mulitlayer Switch 0 not Switch0 which is a layer 2 switch. I've attached the PT file.

Martin L · ‎02-23-2022

Couple issues: PC 0 default .gateway is 10.132.200.1 but that is IP on sw 1 in vl 200 and not on sw0 which is directly connected to PC0 via L2 sw. You can move PC 0 to sw 1 and add new PC to sw L2 in the subnet of sw 0 Vlan32. Or change IP add and d.g. of PC0 and add new PC 1 to sw 1 in vlan 200. Usually you should have end device default gateway to nearest L3 device IP, not remote device.

YOur PC0 ping goes via L2 to Sw 0, then to Sw 1 and back to Sw 0 to reach router 0. now we may have issues at router.

2nd, all your subnets are /24 but static route is /16 ,

ip route 10.132.0.0 255.255.0.0

is like a summary route; You can say purpose of summary route is different from purpose of static routes. However, Rule of routing is that routers know about its directly connected interfaces, so no need for static routes or any routing between/among directly connected subnets. Your router would need static route for 10.132.200.0 /24 out of G0/0 but not for 10.132.32.0/24 which is directly connected.

3rd, Sw 0 is not doing any routing right now, it is L2 sw since you did not turn on

 ip routing

(could be silly mistake). That type of L3 switch in PT needs to have

ip routing

command to be added unlike other L3. So, following commands do nothing

ip route 10.132.0.0 255.255.0.0 10.132.32.2 and default route ip route 0.0.0.0 0.0.0.0 10.132.32.10

on sw 0. Furthermore,L2 switch should have Default gateway assigned and up up but your Sw0 has none. Default gateway is not set; Finally, you could add default route of

ip route 0.0.0.0 0.0.0.0

on L3 edge devices and typically those who point to ISP and the Internet.

So, Why When static route on Router0 to point to 10.132.32.2 (sw1) instead of 10.132.32.1 (sw0), the ping is successful? Traffic stalls at Sw 0 right now. PC 0 ping get to Router0, but return ping back to PC fails; stalls at sw 0. When you ping, Router looks at IP routing table first, then at its arp cache; Based on routing table, next hop IP is figured out, then ARP MAC address must be discovered to match IP (ARP l3 to l2 mappings). In your case, destination IP of 200.10 is via IP of 10.132.32.1, which is on Sw0; Now, router needs L2 MAC of destination. this is Ethernet destination MAC points to Sw0 interface Vlan32. But without ip routing on switch, ping stops here (it is not pass on to l3). Note that ARP table must have l3 to L2 mapping before any type of traffic is successful.

In case of Router0 static route pointing to 10.132.32.2, ARp resolution on router 0 will point to sw1 interface vlan 32. Packets just roll over L2 sw 0 to reach sw 1.

Router0#sh ip arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.132.32.1  32  0009.7C86.DA01 ARPA GigabitEthernet0/0

Internet 10.132.32.2  30  0002.1737.9B01 ARPA GigabitEthernet0/0




Router0#sh ip ro 10.132.200.10

Routing entry for 10.132.0.0/16

Known via "static", distance 1, metric 0

Routing Descriptor Blocks:

* 10.132.32.1

In summary, what is dest. IP way out?

show ip route / show ip cef

; then what is MAC address of destination? This is L2 to L3 ARP table or cache. Once we have dest. MAC, frame is build and packets can be forwarded out.

Regards, ML
**Please Rate All Helpful Responses **

misaleh · ‎02-24-2022

Thanks a lot for your great explanation. Really appreciate it.