Solved: Re: Router Will Not Route Between Two Switches (1 VLAN & 1 Traditi - Page 2

Korban Day · ‎06-27-2024

I have a VERY simple problem, that not even chat GPT or any other resource can solve. I have

Laptop - Switch1 - Router - Switch2 - Vlan10

The router can ping Laptop and anything on Vlan10, but it WILL NOT let traffic pass left or right. It is not cable, and it's not IP. When I plug in my laptop in place of the router and mirror IP/Subnet I can ping everything on the Vlan10 (laptop - switch - Vlan10). So it's not ACL or anything on the Vlan side stopping traffic. It's something on the router. I wiped the router to factory settings. It doesn't even have an ACL setup on it to block traffic. Show Ip Route even lists both sides of the network as discovered routes with the appropriate /24 and /32 masks. So, it knows exactly where to send traffic when it gets it... but it wont.

Router
gi0/0/0 no ip, no shutdown
gi0/0/0.10 encap dot1q 10, ip 10.6.1.126/26

Switch
Vlan10 ip 10.6.1.64/26
fa0/20 switchport mode trunk, access vlan10, trunk access vlan10

Korban Day · ‎07-03-2024

Sw1 does not have a vlan programmed. It's a normal physical switch flat network connected to four ACAS "stations".

MHM Cisco World · ‎07-03-2024

What is router platform you have ?

MHM

Korban Day · ‎07-03-2024

Native VLAN in Fa0/20 is VLan10 (explicitly coded) and switchport access vlan 10 (explicitly coded).

The router 0/0/0.10 sub-interface is explicitly coded to encapsulation 801.q (i think that's the command?) 10. Meaning, use VLAN 10, correct? Am I understanding that command properly?

Edit: ALL Switch VLAN ref's are to Swith2 only. Switch1 is not setup for VLANs and never has been. In "inherited" this LAN that's been running for almost two years now, and it just "magically" stopped working one day. NO idea why. It's not the cable (verified), it's not a specific router (swapped out 2901 with another known good 4331), same issue.

MHM Cisco World · ‎07-03-2024

it can simply you missing
ip routing <<- config in your router
if not that case then capture traffic to see

Router# monitor capture MYCAP interface <x/x> in
Router# monitor capture MYCAP start
Router# monitor capture MYCAP stop
Router# monitor capture MYCAP export bootflash:EPC1.pcap
Router# show monitor capture MYCAP buffer brief <<-

see if the router send/recieve packet through it ports or not

MHM

Korban Day · ‎07-03-2024

About to head to holiday. The router can still ping "right" (sw2-VLAN10), it still will NOT pass traffic between gi0/0.10 and gi0/01. From the "left" side, I cannot ping 10.6.126, it says unreachable when it's a known route. I can only ping 10.3.98.1. No matter what I set on my dell for default gateway, cannot ping 10.6.1.126. I even set an IP on gi0/0 (with all current settings) and cannot ping gi0/0. I took the IP off 0/0.

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 10.3.98.0/24 is directly connected, GigabitEthernet0/1
L 10.3.98.1/32 is directly connected, GigabitEthernet0/1
C 10.6.1.64/26 is directly connected, GigabitEthernet0/0.10
L 10.6.1.126/32 is directly connected, GigabitEthernet0/0.10
C 10.255.3.98/32 is directly connected, Loopback0
FOP_3_98_ROUTER#

edit edit... edit? I turned everything off, then back on, and the ACAS laptop can now ping gi0/0.10, but back to the original problem, it will not forward traffic to the VLAN10 network. The router will ping both devices currently active on the VLAN 10 network, not a FW/ACL issue.

gi0/0.10 will not forward VLAN traffic to the right Sw2 VLAN10 when coming from the left ACAS network.

Korban Day · ‎07-05-2024

TLDR: I got it working. I changed the trunk on switch2 to a L3 Routed port, 10.6.10.10, changed the Router gi0/0 10.6.10.1, added a static route to 10.6.1.0 255.255.255.0 to gi0/0 and I can access VLAN 10 from the ACAS "side".

Fun facts, Sw2 fa0/20 was native vlan10 and that stopped the router from allowing pinging across gi0/0 and 0/1. How does that make sense?? I tried it three times going back and forth with native vlan trunk and none. Every time i set native VLAN the router STOPPED communicating from 0/0 - 0/1. How the *$#! does that even make sense from a coding standpoint, CISCO??

That got me to thinking what other settings on the Switch is making the Router not even function on a basic level. So, I made the fa0/20 on the Switch a L3 interface and viola. Everything worked. How CISCO can design two of it's own devices to not function with VLANs is mind blowing. I keep trying to get "my boss" to dump CISCO and just FRR. Won't have these issues then.

Thank you for your input everyone. The issue was CISCO does not allow the 2901 or 4331 to VLAN to a 2520.

MHM Cisco World · ‎07-05-2024

First as I guess it issue of vlan tag mismatch
The issue was CISCO does not allow the 2901 or 4331 to VLAN to a 2520.<<- this not correct I think
if you can help me just share the config of SW2 port connect to Router and share
show siwthcport interface <<- in SW2 connect to R

what issue I think you dont config trunk between SW2 and Router or the interface not work as trunk , I get this from the solution is select

MHM

Joseph W. Doherty · ‎07-05-2024

"Fun facts, Sw2 fa0/20 was native vlan10 and that stopped the router from allowing pinging across gi0/0 and 0/1. How does that make sense??"

I haven't followed all the replies, carefully, but in your OP you show using a subinterface on the router. A subinterface, on the router would send tagged frames, but if the corresponding switch trunk VLAN is native, it sends untagged frames (although I recall it will accept tagged packets for the native VLAN, router doesn't, as its untagged frames are tied to a different logical interface).

BTW, one difference between Cisco switches and most other vendor switches, I believe Cisco a bit unique with having a "native" VLAN on a trunk. Believe most other vendors expect all VLAN tagged frames to actually have a VLAN tag.

Router Will Not Route Between Two Switches (1 VLAN & 1 Traditional)