cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2335
Views
0
Helpful
12
Replies

router on a stick using IE 4000 and IE 5000 switch

kamal el assaad
Level 1
Level 1

hello,

i tried to configure router on a stick using :

PC A: 10.12.178.5  Vlan 178

PC B : 10.12.177.5  Vlan 177

IE 4000 as access switch and IE 5000 as a routing switch.

the configuration in IE 4000 was:

vlan 177

name student

exit

vlan 178

name college

exit

int gi1/2

switchport mode access

switchport access vlan 177

exit

int gi1/3

switchport mode access

switchport access vlan 178

exit

int gi1/4

switchport mode trunk

switchport trunk allowed vlan 177,178

exit

For IE 5000 the config was:

vlan 177

name student

exit

vlan 178

name college

exit

int vlan 177

ip address 10.12.177.1 255.255.255.0

no shutdown 

exit

int vlan 178

ip address 10.12.178.1 255.255.255.0

no shutdown

exit

int gi1/8

switchport mode trunk

exit

ip routing

exit

after using this configuration, i was not able to ping from A to B . any idea to resolve the problem please??

thank you in advance

1 Accepted Solution

Accepted Solutions

Any switch will run spanning tree on its access ports. So both the 4000 and the 5000 would be running spanning tree. It does not need to show up in the running config to run spanning tree. What would show up in the running config is if you wanted to change some of the default properties of spanning tree (if you wanted one of the enhancements to standard spanning tree such as Rapid spanning tree, or if you wanted a feature like portfast or bpduguard).

HTH

Rick

View solution in original post

12 Replies 12

Richard Burts
Hall of Fame
Hall of Fame

Is it possible that one or both of the PCs have a firewall or other security policies running that do not permit ping?

 

Can the PC in vlan 177 ping its gateway address on the 5000? Can the PC in vlan 177 ping the gateway address for vlan 178 on the 5000?

 

Can you do show arp on the 5000 and post the output?

HTH

Rick

hello
i can't ping the gateway of each IPs.
the arp result for IE5000 is:
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.11.123.248 - 2cd0.2d5e.8041 ARPA Vlan43
Internet 10.12.177.1 - 2cd0.2d5e.8042 ARPA Vlan177
Internet 10.12.178.1 - 2cd0.2d5e.8043 ARPA Vlan178

ti arp result of IE4000 is:
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.11.123.1 0 Incomplete ARPA
Internet 10.11.123.166 - 00b1.e374.12c1 ARPA Vlan43

Hello

IE 5000 is the L3 switch and IE4000 is an access switch however on the IE4000 you show:

Internet 10.11.123.166 - 00b1.e374.12c1 ARPA Vlan43

 

Can you confirm the trunk berween these two switches is created and is an active state,

Can you ping the SVI's interfaces vlan 177-178 from the IE5000, whats the status of those interfaces?

Lasty wheres the location of the L3 routed interface for vlan 43?

 

sh interface trunks
sh interface vlan 177 & 178


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

hello

yeah IE5000 is the layer 3 switch and IE4000 is the access switch
vlan 43 was already configured before but its not requested on my task

the sh interface trunk results for IE5000 and IE4000 are consecutively :
IE5000
Port Mode Encapsulation Status Native vlan
Gi1/8 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/8 1-4094

Port Vlans allowed and active in management domain
Gi1/8 1,16,32,43,48,64,80,96,112,128,177-178,240,999

Port Vlans in spanning tree forwarding state and not pruned
Gi1/8 1,16,32,43,48,64,80,96,112,128,177-178,240,999

IE4000
Port Mode Encapsulation Status Native vlan
Gi1/4 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/4 177-178

Port Vlans allowed and active in management domain
Gi1/4 177-178

Port Vlans in spanning tree forwarding state and not pruned
Gi1/4 none

the show interface result for 177 and 178 are:
vlan 177
Vlan177 is up, line protocol is up
*Jan 2 00:00:42.796: %LINK-
Hardware is EtherSVI, address is 2cd0.2d5e.8042 (bia 2cd0.2d5e.8042)

ate to a
Internet address is 10.12.177.1/24
*Jan 2 00:00:42.796: %L
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,d st

reliability 255/255, txload 1/255, rxload 1/255vely down

*Jan 2 00:00:
Encapsulation ARPA, loopback not setbitEthernet1/1
Keepalive not suppo
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
1 packets output, 64 bytes, 0 underruns
0 output errors, 1 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

vlan 178

Vlan178 is up, line protocol is up
Hardware is EtherSVI, address is 2cd0.2d5e.8043 (bia 2cd0.2d5e.8043)
Internet address is 10.12.178.1/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:27:08, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
1 packets output, 64 bytes, 0 underruns
0 output errors, 1 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

Thank you for the additional information. I believe that it is significant that you are not able to ping the gateway of each IP. Am I correct in understanding that the 2 switches are connected to each other using vlan 43 and that the 4000 has interface vlan 43 for management access to that switch? And that vlan 43 is the only vlan interface on the 4000? Perhaps the output of show ip interface brief from both switches would help us understand this better.

 

I am puzzled how that is working and suspect that there are parts of the configuration that we have not seen that are significant to this issue.The trunk that you showed on the 4000 allows only vlans 177 and 178. So where is the connection for vlan 43? Perhaps this explain why each switch has an arp entry for its own address in vlan 43 but does not have an entry for the peer switch on vlan 43.

 

Perhaps the output of show cdp neighbor from both switches would shed some light on how they are connected. I would also like to see the output of show interface status and of show interface trunk from both switches.

HTH

Rick

hello
kindly find the following results:
for IE 4000
Interface IP-Address OK? Method Status Protocol

Vlan1 unassigned YES NVRAM administratively down down

Vlan43 10.11.123.166 YES NVRAM up down

GigabitEthernet1/1 unassigned YES unset down down

GigabitEthernet1/2 unassigned YES unset up up

GigabitEthernet1/3 unassigned YES unset up up

GigabitEthernet1/4 unassigned YES unset up up

GigabitEthernet1/5 unassigned YES unset administratively down down

GigabitEthernet1/6 unassigned YES unset administratively down down

GigabitEthernet1/7 unassigned YES unset administratively down down

GigabitEthernet1/8 unassigned YES unset administratively down down

GigabitEthernet1/9 unassigned YES unset administratively down down

GigabitEthernet1/10 unassigned YES unset administratively down down

GigabitEthernet1/11 unassigned YES unset down down

GigabitEthernet1/12 unassigned YES unset down down

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

Total cdp entries displayed : 0

Port Name Status Vlan Duplex Speed Type
Gi1/1 notconnect trunk auto auto Not Present
Gi1/2 connected 177 a-full a-100 10/100/1000Ba
seTX
Gi1/3 connected 178 a-full a-1000 10/100/1000Ba
seTX
Gi1/4 connected trunk a-full a-1000 10/100/1000Ba
seTX
Gi1/5 disabled 1 auto auto Not Present
Gi1/6 disabled 1 auto auto Not Present
Gi1/7 disabled 1 auto auto Not Present
Gi1/8 disabled 1 auto auto Not Present
Gi1/9 disabled 1 auto auto Not Present
Gi1/10 disabled 1 auto auto Not Present
Gi1/11 notconnect trunk auto auto Not Present
Gi1/12 notconnect trunk auto auto Not Present

Port Mode Encapsulation Status Native vlan
Gi1/4 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/4 177-178

Port Vlans allowed and active in management domain
Gi1/4 177-178

Port Vlans in spanning tree forwarding state and not pruned
Gi1/4 none

hello
kindly find the results of IE5000
Interface IP-Address OK? Method Status Protocol

Vlan1 unassigned YES NVRAM administratively down down

Vlan43 10.11.123.248 YES NVRAM up up

Vlan177 10.12.177.1 YES manual up up

Vlan178 10.12.178.1 YES manual up up

GigabitEthernet1/1 unassigned YES unset administratively down down

GigabitEthernet1/2 unassigned YES unset administratively down down

GigabitEthernet1/3 unassigned YES unset administratively down down

GigabitEthernet1/4 unassigned YES unset administratively down down

GigabitEthernet1/5 unassigned YES unset administratively down down

GigabitEthernet1/6 unassigned YES unset ad

GigabitEthernet1/7 unassigned YES unset administratively down down

GigabitEthernet1/8 unassigned YES unset up up

GigabitEthernet1/9 unassigned YES unset administratively down down

GigabitEthernet1/10 unassigned YES unset administratively down down

GigabitEthernet1/11 unassigned YES unset administratively down down

GigabitEthernet1/12 unassigned YES unset administratively down down

GigabitEthernet1/13 unassigned YES unset do

GigabitEthernet1/14 unassigned YES unset administratively down down

GigabitEthernet1/15 unassigned YES unset administratively down down

GigabitEthernet1/16 unassigned YES unset administratively down down

GigabitEthernet1/17 unassigned YES unset administratively down down

GigabitEthernet1/18 unassigned YES unset administratively down down

GigabitEthernet1/19 unassigned YES unset administratively down down

GigabitEthernet1/20 unassigned YES unset administratively down down

GigabitEthernet1/21 unassigned YES unset administratively down down

GigabitEthernet1/22 unassigned YES unset administratively down down

GigabitEthernet1/23 unassigned YES unset administratively down down

GigabitEthernet1/24 unassigned YES unset down down

TenGigabitEthernet1/25 unassigned YES unset down down

TenGigabitEthernet1/26 unassigned YES unset down down

TenGigabitEthernet1/27 unassigned YES unset administratively down down

TenGigabitEthernet1/28 unassigned YES unset administratively down down

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID

Total cdp entries displayed : 0

Port Mode Encapsulation Status Native vlan
Gi1/8 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi1/8 1-4094

Port Vlans allowed and active in management domain
Gi1/8 1,16,32,43,48,64,80,96,112,128,177-178,240,999

Port Vlans in spanning tree forwarding state and not pruned
Gi1/8 1,16,32,43,48,64,80,96,112,128,177-178,240,999

Port Name Status Vlan Duplex Speed Type
Gi1/1 disabled 1
seTX
Gi1/2 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/3 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/4 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/5 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/6 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/7 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/8 connected trunk a-full a-1000 10/100/1000Ba
seTX
Gi1/9 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/10 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/11 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/12 disabled 1 auto auto 10/100/1000Ba
seTX
Gi1/13 notconnect trunk auto auto Not Present
Gi1/14 disabled 1 auto auto Not Present
Gi1/15 disabled 1 auto auto Not Present
Gi1/16 disabled 1 auto auto Not Present
Gi1/17 disabled 1 auto auto Not Present
Gi1/18 disabled 1 auto auto Not Present
Gi1/19 disabled 1 auto auto Not Present
Gi1/20 disabled 1 auto auto Not Present
Gi1/21 disabled 1 auto auto Not Present
Gi1/22 disabled 1 auto auto Not Present
Gi1/23 disabled 1 auto auto Not Present
Gi1/24 notconnect trunk auto auto Not Present
Te1/25 notconnect trunk full 10G Not Present
Te1/26 notconnect trunk full 10G Not Present
Te1/27 disabled 1 full 10G Not Present
Te1/28 disabled 1 full 10G Not Present

so if i remove vlan 43, i will ping successfully?

Actually vlan 43 does not really have anything to do with whether vlans 177 and 178 will work. If vlan 43 is not needed you might as well remove it. But there are other problems that are impacting vlans 177 and 178.

 

My first observation is that the show cdp neighbor from both switches indicates that neither switch sees any neighbor.

 

My second observation is this output from show interface trunk from the 4000

Port Vlans in spanning tree forwarding state and not pruned
Gi1/4 none

There are no vlans carried on this trunk for the 4000. That would explain why the switches are not seeing each other. Nothing is carried over the trunk. So why is that? Perhaps the output of show vlan and of show spanning status might shed some light on this. It might also be helpful if you would post the complete config of the 4000.

 

HTH

Rick

IE4000 is as an access switch so the devices connected directly hold the vlan number 177 and 178.

in the other hand IE5000 is a switch with routing feature so it include all the vlans of the network.

 

regarding the spanning-tree, is it affect to block the ping between 4000 and 5000? if is it not configured in the 4000 switch?

Any switch will run spanning tree on its access ports. So both the 4000 and the 5000 would be running spanning tree. It does not need to show up in the running config to run spanning tree. What would show up in the running config is if you wanted to change some of the default properties of spanning tree (if you wanted one of the enhancements to standard spanning tree such as Rapid spanning tree, or if you wanted a feature like portfast or bpduguard).

HTH

Rick

I am glad that my explanation was helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco