Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1070
Views
5
Helpful
5
Replies

WS-C2960L-48PS-LL Inter-VLAN-Routing

jung357
Level 1
Level 1

‎09-27-2019 06:06 AM

Hello community,

 

I am struggling to get Inter-VLAN-Routing running on a WS-C2960L-48PS-LL, Version 15.2(7)E0a.

For testing-purposes I created two SVIs with IP-addresses, 2 VLANs and enabled "ip routing".

 

I followed this guide provided by cisco:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960l/software/15-2_5_e/config-guide/b_1525e_consolidated_2960l_cg/b_1525e_consolidated_2960l_cg_chapter_0111101.html

 

"show ip route" outputs:

 

Sep 27 11:10:40.179: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan3, changed state to upte
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.10.2.0/24 is directly connected, Vlan2
L 10.10.2.1/32 is directly connected, Vlan2
C 10.10.3.0/24 is directly connected, Vlan3
L 10.10.3.1/32 is directly connected, Vlan3

 

Unfortunately I can't ping between VLANs. SVIs are up and reachable, but clients in VLAN aren't. Some datasheets state that this switch supports routing others don't.

 

I am curious if someone got routing running on this switches.

Thanks in advance

 

Kind regards

Simon

1 person had this problem
Labels:
0 Helpful
5 Replies 5

paul driver
VIP
VIP

‎09-27-2019 08:16 AM - edited ‎09-27-2019 08:18 AM

Hello

Have you also created the L2 vlans associated with the L3 interfaces!

Do the ends hosts have the correct subnet mask and default gateway applied  to their ip addressing 

Can these host ping their  gateway address 

Can you ping the hosts from the switch?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

jung357
Level 1
Level 1
In response to paul driver

‎09-27-2019 08:31 AM

Hello Paul,

I created all vlans corresponding to the SVIs. Hosts have SVI as gateway. Hosts can ping their gateway and all other SVIs I created.

 

The only thing not working is a connection between two hosts in different subnets.

 

 

Preview file
3 KB
0 Helpful

josedelpino
Level 1
Level 1
In response to jung357

‎09-27-2019 09:10 AM

Hi  jung357,

 

The config looks fine, I think that this static routes are not necessary:

ip route 10.10.2.0 255.255.255.0 Vlan2
ip route 10.10.3.0 255.255.255.0 Vlan3

The switch it already have those networks in the RIB as directly connected routes.

 

If you are testing connectivity between hosts using ping maybe the problem could be the firewall in the hosts,  Windows Firewall, Linux IPtables, etc

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to josedelpino

‎09-27-2019 10:24 AM

I agree that the config looks appropriate and I do not see anything in it that would prevent pinging between the vlan subnets. It is certainly true that you do not need the 2 static routes. One demonstration of that is that in the output of your routing table that those subnets are shown as "C" for Connected routes and not as "S" for Static routes. 

 

I would suggest that you ping the device connected in vlan 2 from the switch. If the ping fails then it is an indicator that some security policy on the PC is preventing ping. If the ping is successful than do another ping to that PC and this time specify that the source address of the ping should be the address of vlan 3. If that ping fails the most likely reason would be problems with the configuration of the gateway for the PC. Note that it could also be an issue with the security policy which might permit ping from local devices but not from remote devices.

 

HTH

 

Rick

HTH

Rick

paul driver
VIP
VIP
In response to jung357

‎09-28-2019 06:58 AM - edited ‎09-28-2019 06:59 AM

Hello

Remove the static routes as the switch will have connected rib entries for these any way

Make sure your hosts don’t have any software fw negating connectivity


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card