Re: Routing on a Layer 3 Switch

BW100 · ‎10-29-2018

Hey guys,

I'm very new to the topic switching and routing and also not a native speaker. So first of all, sorry if something is misleading because of my language skills.

My Problem: I try to set on a network with two VLANS. They are connected with a SG350 Switch. I don't use a router, because I don't need a connection to the internet. The Switch is a Layer 3 Switch so I think it must work without a router.
But: It does not work.

In short my configuration:

switchd16938#show running
config-file-header
switchd16938
v2.3.5.63 / RLINUX_923_093
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 2-3
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switchd16938
!
interface vlan 2
name IT-AB
ip address 192.168.0.28 255.255.255.0
!
interface vlan 3
name IT-Test
ip address 192.168.1.28 255.255.255.0
!
interface GigabitEthernet1
no switchport
switchport mode trunk
switchport access vlan 2
!
interface GigabitEthernet3
no switchport
switchport mode trunk
switchport access vlan 3
!
exit

I also enabled routing on the switch, but for a reason I don't know it did not appears in the configuration.

And the Routing-Table is also empty:

switchd16938# show ip route
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static

I connected to the ports which are in VLAN 2 and VLAN 3 each a Notebook. I gave the one in VLAN 2 the IP: 192.168.0.29 with the Subnetmask 255.255.255.0 and the default gateway: 192.168.0.28. I'm not sure about the default gateway, but otherwise it did not make sense to me to just let it empty.
The other one th VLAN 3 has the IP: 192.168.1.29 with the subnetmask 255.255.255.0 and the default gateway: 192.168.1.25

But the Notebooks can't ping to each other even not to the switch and I don't know why.
I suspect there is a problem with the routing table, even I can't do a entry manually.

So I hope some of you can help me. Thank you.

Seb Rupik · ‎10-29-2018

Hi there,

As you mention, the config does not indicate that the SG300 is in Layer 3 mode.

After issuing the set system mode router did you reboot the switch?

With regard to your notebook interface config, the notebook connected to VLAN3 should be configured to use GW 192.168.1.28 .

Cheers,

Seb.

BW100 · ‎10-29-2018

Hey, thanks for the fast answer!

Oh sorry, the GW on the notebook in VLAN 3 is 192.168.1.28, it was just a typing error.

I tried to use the command "set system mode router". But it does not work. I got the response "Unrecognized command". I work with the CLI but I know you can change the layer easily in the GUI, but I like to do it with a command.

Seb Rupik · ‎10-29-2018

My mistake, the SG350 doesn't have a mode which can be switched between. It should operate in Layer3 only.

If the note books are connected to ports Gi1 and G3, then you need to make them mode access:

!
int Gi1
  switchport mode access
  spanning-tree portfast
!
int Gi3
  switchport mode access
  spanning-tree portfast
!

cheers,

Seb.

paul driver · ‎10-29-2018

Hello

On a side note , if you have any software fw enabled on the notbooks that are negating icmp echo-reply then temporary disable it and test again.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

BW100 · ‎10-29-2018

Thank you!

I make the ports mode access so my configuration looks like this:

interface GigabitEthernet1
spanning-tree portfast
switchport access vlan 2
!
interface GigabitEthernet3
spanning-tree portfast
switchport access vlan 3

it does not work, I can't ping to the other notebook or to the switch. Maybe I done something wrong by the switchport mode cause there is instead of mode access, access to VLAN. but I don't know how to remove it.

Seb Rupik · ‎10-29-2018

Make sure that the interfaces on the switch are switchports as opposed to routed interfaces:

!
int gi1
  switchport
int gi3
  switchport
!

Also, take note of @paul driver comment if you are pinging between Windows laptops.

BW100 · ‎10-29-2018

Well, maybe it's my lack of language skills, but I don't understand what do you mean with that I should make sure that my interfaces are not routed interfaces but switchports.
My configuration stays the same, even after putting the interfaces into switchports. (I don't know if I'm done it right).

But, I tried do figure out some software, which paul driver mentioned. But I don't really know about that too so I tried to remember what I did in a similar Simulation and there I disabled the firewall on the notebooks. So I did this and now I got a entry in the routing table but it makes no really sense to me. But this is the entry:

Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static

C 192.168.0.0/24 is directly connected, vlan 2
C 192.168.1.0/24 is directly connected, vlan 3

sorry for being a noob, but I really don't know how to help myself.

Samer R. Saleem · ‎10-29-2018

best way now is to ping both devices from the Switch and see if you have reply back
what the guys were saying is you need to disable windows firewall and check the ping again....

BW100 · ‎10-29-2018

I can't ping the devices from the switch. There is no response.

Samer R. Saleem · ‎10-29-2018

Hi

can you change your ports mode to be access? now its configured to be trunk....change to access and try again...this should work for you.

BW100 · ‎10-29-2018

I change them. These are the configuration of my interfaces:
S-VLAN Ethernet Type: 0x8100 (802.1q)
Name: gi1
Switchport: enable
Administrative Mode: access
Operational Mode: down
Access Mode VLAN: 2
Access Multicast TV VLAN: none
Trunking Native Mode VLAN: 1
Trunking VLANs: 1-3
4-4094 (Inactive)
General PVID: 1
General VLANs: none
General Egress Tagged VLANs: none
General Forbidden VLANs: none
General Ingress Filtering: enabled
General Acceptable Frame Type: all
General GVRP status: disabled
Customer Mode VLAN: none
Customer Multicast TV VLANs: none
Private-vlan promiscuous-association primary VLAN: none
Private-vlan promiscuous-association Secondary VLANs: none
Private-vlan host-association primary VLAN: none
Private-vlan host-association Secondary VLAN: none

VLAN Mapping Tunnel - no resources

VLAN Mapping One-To-One - no resources

Classification rules:

Classification type Group ID VLAN ID

___________________________________________
S-VLAN Ethernet Type: 0x8100 (802.1q)
Name: gi3
Switchport: enable
Administrative Mode: access
Operational Mode: up
Access Mode VLAN: 3
Access Multicast TV VLAN: none
Trunking Native Mode VLAN: 1
Trunking VLANs: 1-3
4-4094 (Inactive)
General PVID: 1
General VLANs: none
General Egress Tagged VLANs: none
General Forbidden VLANs: none
General Ingress Filtering: enabled
General Acceptable Frame Type: all
General GVRP status: disabled
Customer Mode VLAN: none
Customer Multicast TV VLANs: none
Private-vlan promiscuous-association primary VLAN: none
Private-vlan promiscuous-association Secondary VLANs: none
Private-vlan host-association primary VLAN: none
Private-vlan host-association Secondary VLAN: none

VLAN Mapping Tunnel - no resources

VLAN Mapping One-To-One - no resources

Classification rules:

Classification type Group ID VLAN ID

Samer R. Saleem · ‎10-29-2018

your VLAN2 interface is "DOWN" which is "G1" check from here.....

BW100 · ‎10-30-2018

Yeah sorry, I pulled the cable out.
But I can't ping the devices from the switch anyway.

Samer R. Saleem · ‎10-30-2018

Then check windows settings, there is nothing wrong i can see with your configs.