- Cisco Community
- Technology and Support
- Networking
- Routing
- Cisco homelab VLAN troubleshooting
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 07:04 AM
Hello everyone I am fairly new to advanced networking concepts. I do some networking for my company but most of it is not setting up new devices or networks.
Anyways, I was able to get my hands on a Cisco ISR 2921 and a Cisco 3560-x PoE L3 switch from my work. I have deployed both to my "Homelab" in the hopes of using it to become more familiar with more in-depth networking concepts and study for my CCNA at some point in the future. I have deployed both of these devices in my network using this configuration from a very helpful Youtube video I watched. My network map was essentially the same as the videos @6:00 minutes.
So anyway, the problem - I have a couple of servers running Proxmox that I want to put on VLAN 10, I have confirmed that IP addresses on VLAN 10 are able to reach out to the internet but I am unable contact them from my local LAN. The VLANs can all ping my LAN but not vice-versa. I am assuming that is kind of the point of the VLANs but I would like to be able to manage my Proxmox servers and the IPMI interfaces (although those would be on a separate VLAN as well) from my home network.
Some troubleshooting and guidance allowed me to setup a static route from my LAN router (DDWRT) and now traffic is actually being routed to the VLANs but I get a weird looping issue that I could not figure out. When I fire up a ping from my LAN I get TTL expired in transit:
ping 10.10.10.1
Pinging 10.10.10.1 with 32 bytes of data:
Reply from 192.168.100.1: TTL expired in transit.
Reply from 192.168.100.1: TTL expired in transit.
Reply from 192.168.100.1: TTL expired in transit.
Reply from 192.168.100.1: TTL expired in transit.
Ping statistics for 10.10.10.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),And from a traceroute I can see that the packets are being bounced back and fourth between the interface on the switch and the "external" interface on the router.
tracert 10.10.10.1 Tracing route to 10.10.10.1 over a maximum of 30 hops 1 <1 ms <1 ms <1 ms 192.168.1.1 2 <1 ms <1 ms <1 ms 192.168.1.2 3 5 ms 8 ms 1 ms 192.168.1.2 4 <1 ms <1 ms <1 ms 192.168.100.1 5 1 ms 1 ms 1 ms 192.168.1.2 6 <1 ms <1 ms <1 ms 192.168.100.1 7 1 ms 1 ms 1 ms 192.168.1.2 8 1 ms 1 ms <1 ms 192.168.100.1 9 1 ms 1 ms 1 ms 192.168.1.2 10 1 ms 1 ms 1 ms 192.168.100.1
So I tried even removing the Cisco ISR and changing switch interface from 192.168.100.2 to 192.168.1.2. Then changing the default route on the switch from 192.168.100.1 to 192.168.1.1. But I am still getting the same looping issue. So I will probably put the ISR back unless there is a good enough reason not to keep it.
But does anyone have ideas on what trouble shooting I could try next? I found a couple of similar issues on the support forums but the resolutions were not applicable for my situation. I can even post both of the configs on the router and switch if need be. Really any help would be greatly appreciated.
Solved! Go to Solution.
- Labels:
-
Catalyst Switch
-
Routing Protocols
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2022
11:22 AM
- last edited on
02-08-2022
11:25 PM
by
Translator
So I apologize for the radio silence but I finally figured it out.
After doing some digging as to why I have not been able to set the gateway of last resort on the switch. I found a helpful forum post about how you can only set it if the next hop was available. Which I thought was odd seeing as I had the VLANs configured and the interface connected to a LAN interface on my LAN router. So I ran
sh int brief
and it came back that my configured interface was not up. Which is odd seeing as I know the interface is not shut and the cable was plugged in. I double-checked the interface on the switch only to realize that I did not have the cable connected to the correct interface. After switching the cable I set the gateway of last resort and it stuck!
Now onto getting VLANs access to my LAN and the internet. So I setup static routes in my DD-WRT router to all of the VLANs. One thing that I forgot to enable was NAT. So I enabled NAT on the static routes on my DD-WRT router and boom all of my VLANs can now access my LAN and the internet.
The static route config in DD-WRT is attached for those interested.
So I was able to setup VLANs on my L3 switch. Connect it via a dedicated interface on the both the switch and an interface on my LAN router. Set-up static routes on my LAN router and give my LAN access to the VLANs and give my VLANs access to my LAN and the internet. All of this I was able to do without the Cisco ISR.
Thank you for the help @balaji.bandi you have been incredibly helpful throughout this entire process.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
07:17 AM
- last edited on
02-08-2022
11:17 PM
by
Translator
we can undertand the setup here as mentioned in the video.
since you mentioned home Lab, can you post
show run - both switch and router here
From switch
show vlan
show ip inerface brief
show ip route
From router
show ip inerface brief
show ip route
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 10:22 AM
Sure thing here is the config for both:
Switch Config - Homelab-Switch#show running-config Building configuration... Current configuration : 5329 bytes ! ! Last configuration change at 23:22:39 UTC Wed Mar 30 2011 ! NVRAM config last updated at 23:47:52 UTC Wed Mar 30 2011 by REDACTED ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Homelab-Switch ! boot-start-marker boot-end-marker ! enable secret 4 REDACTED ! username REDACTED password 7 REDACTED no aaa new-model system mtu routing 1500 ip routing ! ip dhcp pool VLAN_10 network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_20 network 10.10.20.0 255.255.255.0 default-router 10.10.20.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_30 network 10.10.30.0 255.255.255.0 default-router 10.10.30.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_40 network 10.10.40.0 255.255.255.0 default-router 10.10.40.1 dns-server 192.168.1.125 192.168.1.1 ! ! ip domain-name HomeLab ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! ! ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address no ip route-cache ! interface GigabitEthernet0/1 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/2 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/3 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/4 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/5 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/6 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/7 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/8 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/9 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/10 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/11 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/12 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/13 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/14 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/15 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/16 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/17 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/18 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/19 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/20 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/21 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/22 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/23 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/24 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/25 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/26 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/27 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/28 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/29 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/30 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/31 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/32 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/33 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/34 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/35 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/36 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/37 ! interface GigabitEthernet0/38 ! interface GigabitEthernet0/39 ! interface GigabitEthernet0/40 ! interface GigabitEthernet0/41 ! interface GigabitEthernet0/42 ! interface GigabitEthernet0/43 ! interface GigabitEthernet0/44 ! interface GigabitEthernet0/45 ! interface GigabitEthernet0/46 ! interface GigabitEthernet0/47 ! interface GigabitEthernet0/48 no switchport ip address 192.168.100.2 255.255.255.0 ! interface GigabitEthernet1/1 ! interface GigabitEthernet1/2 ! interface GigabitEthernet1/3 ! interface GigabitEthernet1/4 ! interface TenGigabitEthernet1/1 ! interface TenGigabitEthernet1/2 ! interface Vlan1 no ip address ! interface Vlan10 ip address 10.10.10.1 255.255.255.0 ! interface Vlan20 ip address 10.10.20.1 255.255.255.0 ! interface Vlan30 ip address 10.10.30.1 255.255.255.0 ! interface Vlan40 ip address 10.10.40.1 255.255.255.0 ! ip http server ip http secure-server ! ip route 0.0.0.0 0.0.0.0 192.168.100.1 ! ! ! ! line con 0 logging synchronous login local line vty 0 4 password 7 132122392E19177B79 login local transport input ssh line vty 5 15 login ! end
Router config -
Router Config - Current configuration : 1843 bytes ! ! Last configuration change at 00:59:19 UTC Tue Jan 18 2022 by REDACTED ! NVRAM config last updated at 00:59:21 UTC Tue Jan 18 2022 by REDACTED ! version 15.0 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Homelab-Router ! boot-start-marker boot-end-marker ! enable secret 5 REDACTED ! no aaa new-model ! no ipv6 cef ip source-route ip cef ! ! ! ! ip domain name HomeLab ip name-server 192.168.1.125 ip name-server 192.168.1.1 multilink bundle-name authenticated ! ! ! ! license udi pid CISCO2921/K9 sn REDACTED ! ! username REDACTED password 7 REDACTED ! ! ! ! ! ! interface GigabitEthernet0/0 description **Uplink/Management Interface** ip address 192.168.1.2 255.255.255.0 ip nat outside ip virtual-reassembly duplex auto speed auto ! interface GigabitEthernet0/1 description **Switch Interface** ip address 192.168.100.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface GigabitEthernet0/2 no ip address shutdown duplex auto speed auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ip nat inside source list Permit interface GigabitEthernet0/0 overload ip route 0.0.0.0 0.0.0.0 192.168.1.1 ip route 10.10.10.0 255.255.255.0 192.168.100.2 ip route 10.10.20.0 255.255.255.0 192.168.100.2 ip route 10.10.30.0 255.255.255.0 192.168.100.2 ip route 10.10.40.0 255.255.255.0 192.168.100.2 ! ip access-list standard Permit permit 192.168.100.0 0.0.0.255 permit 10.10.10.0 0.0.0.255 permit 10.10.20.0 0.0.0.255 permit 10.10.30.0 0.0.0.255 permit 10.10.40.0 0.0.0.255 ! ! ! ! control-plane ! ! line con 0 logging synchronous login local line aux 0 line vty 0 4 password 7 REDACTED login local transport input ssh ! scheduler allocate 20000 1000 end
Here are the other switch configs you asked for:
Homelab-Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/37, Gi0/38, Gi0/39, Gi0/40, Gi0/41, Gi0/42, Gi0/43, Gi0/44, Gi0/45, Gi0/46, Gi0/47
10 Server-NICs active Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6, Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/11, Gi0/12
20 IPMI active Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18, Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
30 PoE active Gi0/25, Gi0/26, Gi0/27, Gi0/28, Gi0/29, Gi0/30, Gi0/31, Gi0/32, Gi0/33, Gi0/34, Gi0/35, Gi0/36
40 Reserved active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Homelab-Switch#show ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan10 10.10.10.1 YES NVRAM up down
Vlan20 10.10.20.1 YES NVRAM up up
Vlan30 10.10.30.1 YES NVRAM up down
Vlan40 10.10.40.1 YES NVRAM up down
FastEthernet0 unassigned YES NVRAM down down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
GigabitEthernet0/3 unassigned YES unset down down
GigabitEthernet0/4 unassigned YES unset down down
GigabitEthernet0/5 unassigned YES unset down down
GigabitEthernet0/6 unassigned YES unset down down
GigabitEthernet0/7 unassigned YES unset down down
GigabitEthernet0/8 unassigned YES unset down down
GigabitEthernet0/9 unassigned YES unset down down
GigabitEthernet0/10 unassigned YES unset down down
GigabitEthernet0/11 unassigned YES unset down down
GigabitEthernet0/12 unassigned YES unset down down
GigabitEthernet0/13 unassigned YES unset up up
GigabitEthernet0/14 unassigned YES unset up up
GigabitEthernet0/15 unassigned YES unset up up
GigabitEthernet0/16 unassigned YES unset down down
GigabitEthernet0/17 unassigned YES unset down down
GigabitEthernet0/18 unassigned YES unset down down
GigabitEthernet0/19 unassigned YES unset down down
GigabitEthernet0/20 unassigned YES unset down down
GigabitEthernet0/21 unassigned YES unset down down
GigabitEthernet0/22 unassigned YES unset down down
GigabitEthernet0/23 unassigned YES unset down down
GigabitEthernet0/24 unassigned YES unset down down
GigabitEthernet0/25 unassigned YES unset down down
GigabitEthernet0/26 unassigned YES unset down down
GigabitEthernet0/27 unassigned YES unset down down
GigabitEthernet0/28 unassigned YES unset down down
GigabitEthernet0/29 unassigned YES unset down down
GigabitEthernet0/30 unassigned YES unset down down
GigabitEthernet0/31 unassigned YES unset down down
GigabitEthernet0/32 unassigned YES unset down down
GigabitEthernet0/33 unassigned YES unset down down
GigabitEthernet0/34 unassigned YES unset down down
GigabitEthernet0/35 unassigned YES unset down down
GigabitEthernet0/36 unassigned YES unset down down
GigabitEthernet0/37 unassigned YES unset down down
GigabitEthernet0/38 unassigned YES unset down down
GigabitEthernet0/39 unassigned YES unset down down
GigabitEthernet0/40 unassigned YES unset down down
GigabitEthernet0/41 unassigned YES unset down down
GigabitEthernet0/42 unassigned YES unset down down
GigabitEthernet0/43 unassigned YES unset down down
GigabitEthernet0/44 unassigned YES unset down down
GigabitEthernet0/45 unassigned YES unset down down
GigabitEthernet0/46 unassigned YES unset down down
GigabitEthernet0/47 unassigned YES unset down down
GigabitEthernet0/48 192.168.1.2 YES NVRAM up up
GigabitEthernet1/1 unassigned YES unset down down
GigabitEthernet1/2 unassigned YES unset down down
GigabitEthernet1/3 unassigned YES unset down down
GigabitEthernet1/4 unassigned YES unset down down
TenGigabitEthernet1/1 unassigned YES unset down down
TenGigabitEthernet1/2 unassigned YES unset down down
Homelab-Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.20.0/24 is directly connected, Vlan20
L 10.10.20.1/32 is directly connected, Vlan20
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/48
L 192.168.1.2/32 is directly connected, GigabitEthernet0/48So I shutoff my router when I moved it out of my lab for troubleshooting and I forgot to change back the weird flag where it boots normally. Luckily I had these command outputs saved elsewhere. I apologize for the weird output of `show ip int brief` I was running that from the console.
[11:38:50:586] Router#show ip int brief␍␊
[11:38:51:914] Any interface listed with OK? value "NO" does not have a valid configuration␍␊
[11:38:52:010] ␍␊
[11:38:52:010] Interface IP-Address OK? Method Status Protocol␍␊
[11:38:52:106] GigabitEthernet0/0 192.168.1.2 YES manual administratively down down ␍␊
[11:38:52:202] GigabitEthernet0/1 192.168.100.1 YES manual administratively down down ␍␊
[11:38:52:314] GigabitEthernet0/2 unassigned YES TFTP administratively down down ␍␊
[11:38:52:410] NVI0 unassigned NO unset up up ␍␊
[11:38:52:506] Router#
Homelab-Router# show ip route
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/24 is subnetted, 4 subnets
S 10.10.10.0 [1/0] via 192.168.100.2
S 10.10.20.0 [1/0] via 192.168.100.2
S 10.10.30.0 [1/0] via 192.168.100.2
S 10.10.40.0 [1/0] via 192.168.100.2
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/0
L 192.168.1.2/32 is directly connected, GigabitEthernet0/0
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, GigabitEthernet0/1
L 192.168.100.1/32 is directly connected, GigabitEthernet0/1Hope this is helpful and easy to read.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 10:55 AM
Sure thing! Here are the configs from both my router and my switch:
Switch Config - Homelab-Switch#show running-config Building configuration... Current configuration : 5329 bytes ! ! Last configuration change at 23:22:39 UTC Wed Mar 30 2011 ! NVRAM config last updated at 23:47:52 UTC Wed Mar 30 2011 by REDACTED ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Homelab-Switch ! boot-start-marker boot-end-marker ! enable secret 4 REDACTED ! username REDACTED password 7 REDACTED no aaa new-model system mtu routing 1500 ip routing ! ip dhcp pool VLAN_10 network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_20 network 10.10.20.0 255.255.255.0 default-router 10.10.20.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_30 network 10.10.30.0 255.255.255.0 default-router 10.10.30.1 dns-server 192.168.1.125 192.168.1.1 ! ip dhcp pool VLAN_40 network 10.10.40.0 255.255.255.0 default-router 10.10.40.1 dns-server 192.168.1.125 192.168.1.1 ! ! ip domain-name HomeLab ! ! ! ! ! ! spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! ! ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address no ip route-cache ! interface GigabitEthernet0/1 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/2 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/3 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/4 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/5 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/6 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/7 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/8 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/9 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/10 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/11 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/12 switchport access vlan 10 switchport mode access ! interface GigabitEthernet0/13 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/14 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/15 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/16 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/17 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/18 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/19 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/20 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/21 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/22 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/23 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/24 switchport access vlan 20 switchport mode access ! interface GigabitEthernet0/25 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/26 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/27 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/28 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/29 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/30 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/31 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/32 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/33 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/34 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/35 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/36 switchport access vlan 30 switchport mode access ! interface GigabitEthernet0/37 ! interface GigabitEthernet0/38 ! interface GigabitEthernet0/39 ! interface GigabitEthernet0/40 ! interface GigabitEthernet0/41 ! interface GigabitEthernet0/42 ! interface GigabitEthernet0/43 ! interface GigabitEthernet0/44 ! interface GigabitEthernet0/45 ! interface GigabitEthernet0/46 ! interface GigabitEthernet0/47 ! interface GigabitEthernet0/48 no switchport ip address 192.168.100.2 255.255.255.0 ! interface GigabitEthernet1/1 ! interface GigabitEthernet1/2 ! interface GigabitEthernet1/3 ! interface GigabitEthernet1/4 ! interface TenGigabitEthernet1/1 ! interface TenGigabitEthernet1/2 ! interface Vlan1 no ip address ! interface Vlan10 ip address 10.10.10.1 255.255.255.0 ! interface Vlan20 ip address 10.10.20.1 255.255.255.0 ! interface Vlan30 ip address 10.10.30.1 255.255.255.0 ! interface Vlan40 ip address 10.10.40.1 255.255.255.0 ! ip http server ip http secure-server ! ip route 0.0.0.0 0.0.0.0 192.168.100.1 ! ! ! ! line con 0 logging synchronous login local line vty 0 4 password 7 132122392E19177B79 login local transport input ssh line vty 5 15 login ! end
Router Config -
Router Config - Current configuration : 1843 bytes ! ! Last configuration change at 00:59:19 UTC Tue Jan 18 2022 by REDACTED ! NVRAM config last updated at 00:59:21 UTC Tue Jan 18 2022 by REDACTED ! version 15.0 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Homelab-Router ! boot-start-marker boot-end-marker ! enable secret 5 REDACTED ! no aaa new-model ! no ipv6 cef ip source-route ip cef ! ! ! ! ip domain name HomeLab ip name-server 192.168.1.125 ip name-server 192.168.1.1 multilink bundle-name authenticated ! ! ! ! license udi pid CISCO2921/K9 sn REDACTED ! ! username REDACTED password 7 REDACTED ! ! ! ! ! ! interface GigabitEthernet0/0 description **Uplink/Management Interface** ip address 192.168.1.2 255.255.255.0 ip nat outside ip virtual-reassembly duplex auto speed auto ! interface GigabitEthernet0/1 description **Switch Interface** ip address 192.168.100.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface GigabitEthernet0/2 no ip address shutdown duplex auto speed auto ! ip forward-protocol nd ! no ip http server no ip http secure-server ! ip nat inside source list Permit interface GigabitEthernet0/0 overload ip route 0.0.0.0 0.0.0.0 192.168.1.1 ip route 10.10.10.0 255.255.255.0 192.168.100.2 ip route 10.10.20.0 255.255.255.0 192.168.100.2 ip route 10.10.30.0 255.255.255.0 192.168.100.2 ip route 10.10.40.0 255.255.255.0 192.168.100.2 ! ip access-list standard Permit permit 192.168.100.0 0.0.0.255 permit 10.10.10.0 0.0.0.255 permit 10.10.20.0 0.0.0.255 permit 10.10.30.0 0.0.0.255 permit 10.10.40.0 0.0.0.255 ! ! ! ! control-plane ! ! line con 0 logging synchronous login local line aux 0 line vty 0 4 password 7 REDACTED login local transport input ssh ! scheduler allocate 20000 1000 end
The config from the router is "old" as I have it unplugged but it has not changed.
Here is the other switch configs you asked for:
Homelab-Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/37, Gi0/38, Gi0/39, Gi0/40, Gi0/41, Gi0/42, Gi0/43, Gi0/44, Gi0/45, Gi0/46, Gi0/47
10 Server-NICs active Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6, Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/11, Gi0/12
20 IPMI active Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18, Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
30 PoE active Gi0/25, Gi0/26, Gi0/27, Gi0/28, Gi0/29, Gi0/30, Gi0/31, Gi0/32, Gi0/33, Gi0/34, Gi0/35, Gi0/36
40 Reserved active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Homelab-Switch#show ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan10 10.10.10.1 YES NVRAM up down
Vlan20 10.10.20.1 YES NVRAM up up
Vlan30 10.10.30.1 YES NVRAM up down
Vlan40 10.10.40.1 YES NVRAM up down
FastEthernet0 unassigned YES NVRAM down down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
GigabitEthernet0/3 unassigned YES unset down down
GigabitEthernet0/4 unassigned YES unset down down
GigabitEthernet0/5 unassigned YES unset down down
GigabitEthernet0/6 unassigned YES unset down down
GigabitEthernet0/7 unassigned YES unset down down
GigabitEthernet0/8 unassigned YES unset down down
GigabitEthernet0/9 unassigned YES unset down down
GigabitEthernet0/10 unassigned YES unset down down
GigabitEthernet0/11 unassigned YES unset down down
GigabitEthernet0/12 unassigned YES unset down down
GigabitEthernet0/13 unassigned YES unset up up
GigabitEthernet0/14 unassigned YES unset up up
GigabitEthernet0/15 unassigned YES unset up up
GigabitEthernet0/16 unassigned YES unset down down
GigabitEthernet0/17 unassigned YES unset down down
GigabitEthernet0/18 unassigned YES unset down down
GigabitEthernet0/19 unassigned YES unset down down
GigabitEthernet0/20 unassigned YES unset down down
GigabitEthernet0/21 unassigned YES unset down down
GigabitEthernet0/22 unassigned YES unset down down
GigabitEthernet0/23 unassigned YES unset down down
GigabitEthernet0/24 unassigned YES unset down down
GigabitEthernet0/25 unassigned YES unset down down
GigabitEthernet0/26 unassigned YES unset down down
GigabitEthernet0/27 unassigned YES unset down down
GigabitEthernet0/28 unassigned YES unset down down
GigabitEthernet0/29 unassigned YES unset down down
GigabitEthernet0/30 unassigned YES unset down down
GigabitEthernet0/31 unassigned YES unset down down
GigabitEthernet0/32 unassigned YES unset down down
GigabitEthernet0/33 unassigned YES unset down down
GigabitEthernet0/34 unassigned YES unset down down
GigabitEthernet0/35 unassigned YES unset down down
GigabitEthernet0/36 unassigned YES unset down down
GigabitEthernet0/37 unassigned YES unset down down
GigabitEthernet0/38 unassigned YES unset down down
GigabitEthernet0/39 unassigned YES unset down down
GigabitEthernet0/40 unassigned YES unset down down
GigabitEthernet0/41 unassigned YES unset down down
GigabitEthernet0/42 unassigned YES unset down down
GigabitEthernet0/43 unassigned YES unset down down
GigabitEthernet0/44 unassigned YES unset down down
GigabitEthernet0/45 unassigned YES unset down down
GigabitEthernet0/46 unassigned YES unset down down
GigabitEthernet0/47 unassigned YES unset down down
GigabitEthernet0/48 192.168.1.2 YES NVRAM up up
GigabitEthernet1/1 unassigned YES unset down down
GigabitEthernet1/2 unassigned YES unset down down
GigabitEthernet1/3 unassigned YES unset down down
GigabitEthernet1/4 unassigned YES unset down down
TenGigabitEthernet1/1 unassigned YES unset down down
TenGigabitEthernet1/2 unassigned YES unset down down
Homelab-Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.20.0/24 is directly connected, Vlan20
L 10.10.20.1/32 is directly connected, Vlan20
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/48
L 192.168.1.2/32 is directly connected, GigabitEthernet0/48
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
11:04 AM
- last edited on
02-08-2022
11:45 PM
by
Translator
Not sure why my replies keep not showing up. Apologies if I am overloading this thread. I have attached my configs as a .txt file.
Here is the other configs you asked for:
Homelab-Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi0/37, Gi0/38, Gi0/39, Gi0/40, Gi0/41, Gi0/42, Gi0/43, Gi0/44, Gi0/45, Gi0/46, Gi0/47
10 Server-NICs active Gi0/1, Gi0/2, Gi0/3, Gi0/4, Gi0/5, Gi0/6, Gi0/7, Gi0/8, Gi0/9, Gi0/10, Gi0/11, Gi0/12
20 IPMI active Gi0/13, Gi0/14, Gi0/15, Gi0/16, Gi0/17, Gi0/18, Gi0/19, Gi0/20, Gi0/21, Gi0/22, Gi0/23, Gi0/24
30 PoE active Gi0/25, Gi0/26, Gi0/27, Gi0/28, Gi0/29, Gi0/30, Gi0/31, Gi0/32, Gi0/33, Gi0/34, Gi0/35, Gi0/36
40 Reserved active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
40 enet 100040 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Homelab-Switch#show ip int brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up down
Vlan10 10.10.10.1 YES NVRAM up down
Vlan20 10.10.20.1 YES NVRAM up up
Vlan30 10.10.30.1 YES NVRAM up down
Vlan40 10.10.40.1 YES NVRAM up down
FastEthernet0 unassigned YES NVRAM down down
GigabitEthernet0/1 unassigned YES unset down down
GigabitEthernet0/2 unassigned YES unset down down
GigabitEthernet0/3 unassigned YES unset down down
GigabitEthernet0/4 unassigned YES unset down down
GigabitEthernet0/5 unassigned YES unset down down
GigabitEthernet0/6 unassigned YES unset down down
GigabitEthernet0/7 unassigned YES unset down down
GigabitEthernet0/8 unassigned YES unset down down
GigabitEthernet0/9 unassigned YES unset down down
GigabitEthernet0/10 unassigned YES unset down down
GigabitEthernet0/11 unassigned YES unset down down
GigabitEthernet0/12 unassigned YES unset down down
GigabitEthernet0/13 unassigned YES unset up up
GigabitEthernet0/14 unassigned YES unset up up
GigabitEthernet0/15 unassigned YES unset up up
GigabitEthernet0/16 unassigned YES unset down down
GigabitEthernet0/17 unassigned YES unset down down
GigabitEthernet0/18 unassigned YES unset down down
GigabitEthernet0/19 unassigned YES unset down down
GigabitEthernet0/20 unassigned YES unset down down
GigabitEthernet0/21 unassigned YES unset down down
GigabitEthernet0/22 unassigned YES unset down down
GigabitEthernet0/23 unassigned YES unset down down
GigabitEthernet0/24 unassigned YES unset down down
GigabitEthernet0/25 unassigned YES unset down down
GigabitEthernet0/26 unassigned YES unset down down
GigabitEthernet0/27 unassigned YES unset down down
GigabitEthernet0/28 unassigned YES unset down down
GigabitEthernet0/29 unassigned YES unset down down
GigabitEthernet0/30 unassigned YES unset down down
GigabitEthernet0/31 unassigned YES unset down down
GigabitEthernet0/32 unassigned YES unset down down
GigabitEthernet0/33 unassigned YES unset down down
GigabitEthernet0/34 unassigned YES unset down down
GigabitEthernet0/35 unassigned YES unset down down
GigabitEthernet0/36 unassigned YES unset down down
GigabitEthernet0/37 unassigned YES unset down down
GigabitEthernet0/38 unassigned YES unset down down
GigabitEthernet0/39 unassigned YES unset down down
GigabitEthernet0/40 unassigned YES unset down down
GigabitEthernet0/41 unassigned YES unset down down
GigabitEthernet0/42 unassigned YES unset down down
GigabitEthernet0/43 unassigned YES unset down down
GigabitEthernet0/44 unassigned YES unset down down
GigabitEthernet0/45 unassigned YES unset down down
GigabitEthernet0/46 unassigned YES unset down down
GigabitEthernet0/47 unassigned YES unset down down
GigabitEthernet0/48 192.168.1.2 YES NVRAM up up
GigabitEthernet1/1 unassigned YES unset down down
GigabitEthernet1/2 unassigned YES unset down down
GigabitEthernet1/3 unassigned YES unset down down
GigabitEthernet1/4 unassigned YES unset down down
TenGigabitEthernet1/1 unassigned YES unset down down
TenGigabitEthernet1/2 unassigned YES unset down down
Homelab-Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.10.20.0/24 is directly connected, Vlan20
L 10.10.20.1/32 is directly connected, Vlan20
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/48
L 192.168.1.2/32 is directly connected, GigabitEthernet0/48
So I rebooted my router and since I had to turn it off when I pulled it out of my lab and I forgot to change back the flag where it boots normally so the config got wiped. But luckily I had these command outputs saved elsewhere. I apologize for the weird output of
show ip int brief
I was running that from the Cutecom (console) on Linux.
Other configs from router:
11:38:50:586] Router#show ip int brief␍␊
[11:38:51:914] Any interface listed with OK? value "NO" does not have a valid configuration␍␊
[11:38:52:010] ␍␊
[11:38:52:010] Interface IP-Address OK? Method Status Protocol␍␊
[11:38:52:106] GigabitEthernet0/0 192.168.1.2 YES manual administratively down down ␍␊
[11:38:52:202] GigabitEthernet0/1 192.168.100.1 YES manual administratively down down ␍␊
[11:38:52:314] GigabitEthernet0/2 unassigned YES TFTP administratively down down ␍␊
[11:38:52:410] NVI0 unassigned NO unset up up ␍␊
[11:38:52:506] Router#
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/24 is subnetted, 4 subnets
S 10.10.10.0 [1/0] via 192.168.100.2
S 10.10.20.0 [1/0] via 192.168.100.2
S 10.10.30.0 [1/0] via 192.168.100.2
S 10.10.40.0 [1/0] via 192.168.100.2
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/0
L 192.168.1.2/32 is directly connected, GigabitEthernet0/0
192.168.100.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.100.0/24 is directly connected, GigabitEthernet0/1
L 192.168.100.1/32 is directly connected, GigabitEthernet0/1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
11:23 AM
- last edited on
02-08-2022
11:19 PM
by
Translator
Hello,
the configs are by the book. Here is your problem:
Vlan10 10.10.10.1 YES NVRAM up down
Vlan20 10.10.20.1 YES NVRAM up up
Vlan30 10.10.30.1 YES NVRAM up down
Vlan40 10.10.40.1 YES NVRAM up down
The Vlan interfaces need to be up/up in order to be reached. You can achieve that by connecting an active device to a switchport that is assigned to the respective Vlan.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 11:36 AM
Since you are not able to ping 10.10.10.1 (since VLAN Interface is down as per the output.,
If you testing with only 1 PC or device, this will have issue, to bring up the SVI Layer3, of vlan you need to have device connected to that VLAN, so VLAN Interface will come up and you able to ping.
Other Option you can do is Move the SVI - Layer 3 Interface to Router, so you will not see the issue.
example : Router on stick ( is this works for you ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 12:59 PM
Apologies if I make this more confusing. So in my troubleshooting attempts I have removed the router from lab. I currently have the switch setup like so:
interface GigabitEthernet0/48
description ** UPLINK TO ROUTER LAN 2 INT ***
no switchport
ip address 192.168.1.2 255.255.255.0
end
Homelab-Switch#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 192.168.1.1
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.10.10.0/24 is directly connected, Vlan10
L 10.10.10.1/32 is directly connected, Vlan10
C 10.10.20.0/24 is directly connected, Vlan20
L 10.10.20.1/32 is directly connected, Vlan20
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/48
L 192.168.1.2/32 is directly connected, GigabitEthernet0/4I thought that I might need to plug in a device for the routing to actually work. So I went ahead and plugged in a desktop to GE 0/11 (which is apart of VLAN_10) and I was able to get an IP address via DHCP and I was able to ping, SSH and even RDP to the desktop. So that works!
Now here is where things get a little more complicated. My proxmox servers have IPMI, so I setup a VLAN (VLAN_20) for IPMI. I connected the IPMI interface to the interface on the switch (GE 0/13) and statically set the IP address in the BIOS for IPMI. I was not able to ping the IPMI interface. I added routing rules in my DDWRT router to route to 10.10.20.0/24 with a gateway of 192.168.1.2 and the rules applied as I see my pings being forwarded to the next hop, but still no luck with pining.
So I tried letting IPMI let DHCP handle setting the IP address. When I did, it set it to 10.10.10.04 255.255.255.0 10.10.10.1. Which is odd because the interface I plugged the IPMI connection into is set to be on VLAN_20. But it is getting its IP address from the DHCP pool from VLAN_10.
Here is the config of GE 0/13:
interface GigabitEthernet0/13 switchport access vlan 20 switchport mode access end
Any ideas why? Also should I keep the router out of my lab? Or should I put it back into place?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
01:23 PM
- last edited on
02-08-2022
11:46 PM
by
Translator
Lets make the discussion short to point, than confuse 1 task at a time
Lets see where you are and answer below :
IPMI interface to the interface on the switch (GE 0/13) and statically set the IP address in the BIOS for IPMI
what is the IP address configured here what Gateway ?
I was not able to ping the IPMI interface.
From what IP address you pinging (source device IP) ? are you able to ping your VLAN 20 Interface - as per the config 10.10.20.1
on the switch, is the 0/13 interface comeup , do you see mac address on that interface ? what is show ip arp show ? is the interface vlan 20 come up ?
I added routing rules in my DDWRT router to route to 10.10.20.0/24 with a gateway of 192.168.1.2 and the rules applied as I see my pings being forwarded to the next hop, but still no luck with pining.
why do you need this route, since your CISCO2921 already doing NAT,
I am thinking is your setup is like this :
ISP---DDWRT Router---CISCO2921-Switch---Lan device?
So I tried letting IPMI let DHCP handle setting the IP address. When I did, it set it to 10.10.10.04 255.255.255.0 10.10.10.1. Which is odd because the interface I plugged the IPMI connection into is set to be on VLAN_20. But it is getting its IP address from the DHCP pool from VLAN_10.
If the device plugged to 0/13 and we can clearly see the interface configure to vlan 20, (i believe there may be some wrong plug the device in to wrong port ?) --
You may be confused about numbering switch ports 12 and 13 top and bottom
to verify check IP arp and MAC address what port it was connected - did you check is the gi 0/13 up or 0/12 ?
Please post current all the information to assist better, where it is now after you lost config, did you make write the config post all the information again.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
04:37 PM
- last edited on
02-08-2022
11:47 PM
by
Translator
Sure thing!
what is the IP address configured here what Gateway ?
The gateway address I set for the IPMI was the same gateway address as the VLAN (VLAN_20). The gateway IP is 10.10.20.1
From what IP address you pinging (source device IP) ? are you able to ping your VLAN 20 Interface - as per the config 10.10.20.1 on the switch, is the 0/13 interface comeup , do you see mac address on that interface ? what is show ip arp show ? is the interface vlan 20 come up ?
The source of the ping is from my laptop on my LAN (192.168.1.142). I am able to successfully ping the VLAN gateway address (10.10.20.1) but not any other IP address on the VLAN.
The running config on the interface is below.
Homelab-Switch#show running-config interface GigabitEthernet 0/13 Building configuration... Current configuration : 88 bytes ! interface GigabitEthernet0/13 switchport access vlan 20 switchport mode access end Homelab-Switch#show ip in Homelab-Switch#show ip interface Gi Homelab-Switch#show ip interface GigabitEthernet 0/13 GigabitEthernet0/13 is up, line protocol is up Inbound access list is not set
Show ip arp actually yielded some interesting results, it looks incomplete?
Homelab-Switch#show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.10.10.1 - f8c2.887c.ecc2 ARPA Vlan10 Internet 10.10.10.2 229 0025.903e.135c ARPA Vlan10 Internet 10.10.10.3 3 b8ac.6fac.ff7d ARPA Vlan10 Internet 10.10.10.4 222 0025.903e.135c ARPA Vlan10 Internet 10.10.20.1 - f8c2.887c.ecc3 ARPA Vlan20 Internet 10.10.20.2 0 Incomplete ARPA Internet 10.10.20.3 0 Incomplete ARPA Internet 10.10.20.4 0 Incomplete ARPA Internet 10.10.30.1 - f8c2.887c.ecc4 ARPA Vlan30 Internet 10.10.40.1 - f8c2.887c.ecc5 ARPA Vlan40 Internet 192.168.1.1 0 d850.e6a7.8060 ARPA GigabitEthernet0/48 Internet 192.168.1.2 - f8c2.887c.ecc1 ARPA GigabitEthernet0/48 Internet 192.168.1.125 6 b827.eb7f.9b4e ARPA GigabitEthernet0/48 Internet 192.168.1.142 193 8c70.5a7f.5990 ARPA GigabitEthernet0/48 Internet 192.168.1.181 27 5824.2974.8254 ARPA GigabitEthernet0/48 Internet 192.168.1.220 223 e89f.80cc.8c91 ARPA GigabitEthernet0/48
I set the static route in my LAN router since I was having issues with my Cisco 2921. So I followed someone elses advice about simply removing it and letting all of the L3 stuff be handled by the switch.
So my current lab looks like
ISP --- DDWRT --- Cisco 3560X --- Devices on VLANS.
You may be confused about numbering switch ports 12 and 13 top and bottom
I don't think so, I checked the status of the ports and the only port that has a status of "up" if GE 0/13.
Here is the mac address table of the interface itself. It does not appear to be detecting it.
Homelab-Switch#show mac address-table interface gigabitEthernet 0/13
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022
09:37 PM
- last edited on
02-08-2022
11:21 PM
by
Translator
ISP --- DDWRT --- Cisco 3560X --- Devices on VLANS.
If this is your setup, then Switch no Longer do any NAT here - so you need to keep that in mind.
The gateway address I set for the IPMI was the same gateway address as the VLAN (VLAN_20). The gateway IP is 10.10.20.1
You did not give us what IP address configured - IPMI
As per the IP arp i do not see any device ARP here - so its not learning MAC address table from the device it connected.
Internet 10.10.20.1 - f8c2.887c.ecc3 ARPA Vlan20 Internet 10.10.20.2 0 Incomplete ARPA Internet 10.10.20.3 0 Incomplete ARPA Internet 10.10.20.4 0 Incomplete ARPA
and you confirmed that - IPMI - setup as DHCP and it got IP from vlan 10 instead of 20. (this confirms IPMI working as expected)
The source of the ping is from my laptop on my LAN (192.168.1.142). I am able to successfully ping the VLAN gateway address (10.10.20.1) but not any other IP address on the VLAN.
as per the ARP output, the device connected to GigabitEthernet0/48
Internet 192.168.1.142 193 8c70.5a7f.5990 ARPA GigabitEthernet0/48
but the config was provided before was like this - so config is changed :
interface GigabitEthernet0/48
no switchport
ip address 192.168.100.2 255.255.255.0
I am sure we are missing small information, which made a mess here.
To conclude better (whenever you change something on the switch or setup, please do update information here)
So please provide the below information from the switch :
show run
show vlan
show ip interface brief
show ip arp
show ip route
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2022 06:41 PM
Hello
put another host in vlan 20 apart from those IPMI devices and test
Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.
Kind Regards
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2022 01:06 PM - edited 01-28-2022 01:07 PM
@paul driverI added another laptop to interface GE 0/20. It looks like it got an IP address via DHCP (10.10.20.3) and I can ping the VLAN_20 gateway, I can ping the 192.168.1.2 IP address and I can ping my LAN router (192.168.1.1). But I cannot route out to the internet but I can ping the laptop from my LAN. Then I also statically assigned the IP address and all of the same still applies.
If this is your setup, then Switch no Longer do any NAT here - so you need to keep that in mind.
I think that would be fine for now.
You did not give us what IP address configured - IPMI
IPMI is configured for 10.10.20.27 255.255.255.0 with a gateway of 10.10.20.1 while on VLAN_20. I was not able to ping not access the IPMI interface from either the switch itself or my LAN.
Then I connected the IPMI interface to GE 0/7 and statically set the IP address to 10.10.10.100 255.255.255.0 with a gateway of 10.10.10.1 and I am still not able to ping it. From either my LAN or the switch.
Next I tried using a new cable and connecting the IPMI interface to an interface on my LAN router, it was not served up a new IP address via DHCP. I statically set the IP address again but was not able to connect or ping or anything even though it was connected to my LAN and not any of the switches VLANs. So I assumed it must have been something funky with the IPMI on the server.
So I grabbed my other server with another IPMI interface plugged it into GE 0/13 which is apart of VLAN_20. I statically set the IP address to 10.10.20.100 255.255.255.0 with a gateway of 10.10.20.1 and I was still not able to ping or anything.
I have a hard time believing this is an IPMI issue since prior to implementing this switch into my environment all of my IPMI interfaces/modules worked without issue.
You are right and I apologize for tweaking stuff to try and getting it to work. I really appreciate your help.
The configs you asked for are attached via a text file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2022 01:23 PM
I would also like to add that I also moved the other laptop that was plugged into GE 0/17. Plugged it into GE 0/6 and I was able to get an IP address (10.10.10.5) but am not able to route out to the internet.I can ping 10.10.10.1, 192.168.1.2 and 192.168.1.1.
Then I double-checked the desktop that I have plugged into GE 0/11 and same deal. Gets IP address from the DHCP pool. I can ping 10.10.10.1, 192.168.1.2 and 192.168.1.1 but I am not able to route out to the internet.
Both devices on the same VLAN (VLAN_10) can communicate with each other.
So it looks like normal, no IPMI devices are getting IP addresses via DHCP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2022 02:49 PM
So I apologize for continually updating this thread. @mods if I am breaking any rules or anything please let me know. I am not trying to bump the thread instead I am just keeping things updated so I can help people focus on fixing the problem at hand.
So for the IPMI issues - I did a lot of digging around to see why an IPMI interface would not be getting an IP address via static or DHCP. It turns out if the network cable is not plugged in before the server with the IPMI interface is powered on, IPMI does not appear to send out ARP requests. So I plugged an Ethernet cord into the IPMI interface, then plugged the cord into GigEth 0/13 on my L3 switch, powered on the server, booted into BIOS and I was able to get an IP address via DHCP from the DHCP pool on the VLAN. Repeated this process for my other two servers (3 in total) on GigEth 0/14 and 15 and both worked.
So IPMI is able to get IP addresses from DHCP pools on the VLANs. And I can access the IPMI Web interfaces from my LAN. So IPMI is working.
However, my VLANs still cannot route to the internet. VLANs can talk to other devices on other VLANs and my LAN. And my LAN can talk to all of the devices across all of the VLANs.
So now my main issue is that devices on my VLANs cannot talk to the internet. I checked the routing tables and they look good to my noob eyes but I would love any other advice.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide