Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3716
Views
0
Helpful
14
Replies

Can't ping from SG500-52 to vlan directly connected

plg_uxware
Level 1
Level 1

‎02-06-2017 11:04 AM

Hello,

I'm installing 4 SG500-52, these 4 switches are installed in the same 42U bay and connected all together true port 49 and 50 with CU1M cables. The firts one appear as the master and the 3 others as slaves. They are in L3 mode and 4 Queues with ip routing activated.

The 4 switches have an IP address on the admin vlan and all the others vlan are directly connected.

When I look in arp table, I can see for exemple :

VLAN 100 172.16.100.50 cc:xx:yy:zz:ff:xx Dynamic

but as I try to ping it directly from the switch, it won't work.

regards

Pat.

Labels:
0 Helpful
14 Replies 14

Dennis Mink
VIP Alumni
VIP Alumni

‎02-06-2017 06:17 PM

where are you pinging 172.16.100.50 from?  is it from something connected on a access port in vlan 100?

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

plg_uxware
Level 1
Level 1
In response to Dennis Mink

‎02-07-2017 07:31 AM

I'm trying to ping it directly from the switch.

0 Helpful

Dennis Mink
VIP Alumni
VIP Alumni
In response to plg_uxware

‎02-07-2017 05:19 PM

do an extended ping, like Brandon suggested, this will show if your PC can find the way back to a subnet its not part of itself (thru its default gateway settings)

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Brandon Svec
Level 7
Level 7

‎02-07-2017 03:30 PM

You might try: ping ip 172.16.100.50 source 172.16.100.1 (or whatever you vlan interface IP is)

-- please remember to rate and mark answered helpful posts --
0 Helpful

plg_uxware
Level 1
Level 1
In response to Brandon Svec

‎02-08-2017 08:13 AM

Sorry, for the delay. I didn't see your answer until Dennis ask me to follow your advise.

So what I do.

All the ip configured on the switch.

    IP Address        I/F    I/F Status  Type   Directed  Prec Redirect Status
                             admin/oper         Broadcast
------------------ --------- ---------- ------- --------- ---- -------- ------
172.16.10.254/24   vlan 1    UP/UP      Static  disable   No   enable   Valid
172.16.100.254/24  vlan 100  UP/UP      Static  disable   No   enable   Valid
172.16.101.254/24  vlan 101  UP/UP      Static  disable   No   enable   Valid
172.16.102.254/24  vlan 102  UP/UP      Static  disable   No   enable   Valid
172.16.103.254/24  vlan 103  UP/UP      Static  disable   No   enable   Valid
172.16.104.254/24  vlan 104  UP/UP      Static  disable   No   enable   Valid

The ip adress I want to ping is in the arp table. It's a NAS
show arp
vlan 104   gi4/1/45   172.16.104.50   gg:hh:ii:jj:kk:ll   dynamic
vlan 104   gi4/1/46   172.16.104.52   aa:bb:cc:dd:ee:ff   dynamic

I try to ping it as you advise me.

ping ip 172.16.104.50 source 172.16.104.254
Pinging 172.16.104.50 with 18 bytes of data:

PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout

----172.16.104.50 PING Statistics----
4 packets transmitted, 0 packets received, 100% packet loss

0 Helpful

Brandon Svec
Level 7
Level 7
In response to plg_uxware

‎02-08-2017 08:19 AM

Maybe the NAS blocks ping?  Does it work otherwise?  

edit: Are you pinging from a port on the same or different switch in the stack?  

-- please remember to rate and mark answered helpful posts --
0 Helpful

plg_uxware
Level 1
Level 1
In response to Brandon Svec

‎02-08-2017 02:47 PM

What I do to be sure, I ping a pfsense firewall on the vlan50.

The switch has the 172.16.50.254 on this vlan and the pfsense has ip 172.16.50.1

What I did it is to look at the firewall log on this interface in dynamic view mode.

While the switch was pinging the pfsense interface, I didn't see anything coming.

Very strange situation as this firewall is directly connected to the stack on port Ge3/1/15

I don't understand how it's working, I've pinged the pfsense from a machine connected on the Ge4/1/24 and can't do it directly from the master switch.

sh ip interface
  IP Address        I/F    I/F Status  Type   Directed  Prec Redirect Status
                             admin/oper         Broadcast
------------------ --------- ---------- ------- --------- ---- -------- ------
172.16.10.254/24   vlan 1    UP/UP      Static  disable   No   enable   Valid
172.16.11.254/24   vlan 10   UP/UP      Static  disable   No   enable   Valid
172.16.30.254/24   vlan 30   UP/UP      Static  disable   No   enable   Valid
172.16.50.254/24   vlan 50   UP/UP      Static  disable   No   enable   Valid
172.16.100.254/24  vlan 100  UP/UP      Static  disable   No   enable   Valid
172.16.101.254/24  vlan 101  UP/UP      Static  disable   No   enable   Valid
172.16.102.254/24  vlan 102  UP/UP      Static  disable   No   enable   Valid
172.16.103.254/24  vlan 103  UP/UP      Static  disable   No   enable   Valid
172.16.104.254/24  vlan 104  UP/UP      Static  disable   No   enable   Valid


ping ip 172.16.50.1 source 172.16.50.254
Pinging 172.16.50.1 with 18 bytes of data:

PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout

----172.16.50.1 PING Statistics----
4 packets transmitted, 0 packets received, 100% packet loss

Nothing on the firewall and he's responding to ping request

I don't understand how this switch is routing packets. Nothing like RIP, etc.. to activate.

I wonder what I missed.

0 Helpful

Brandon Svec
Level 7
Level 7
In response to plg_uxware

‎02-08-2017 03:33 PM

So everything works normally, you are just not able to ping?  Is that right?  Do you want to share your switch config? (just remove passwords or sensitive data)

-- please remember to rate and mark answered helpful posts --
0 Helpful

plg_uxware
Level 1
Level 1
In response to Brandon Svec

‎02-08-2017 11:44 PM

Yes, you'll find it attached.

I've started to switched ports where where pc, mac are connected from trunck to access ports.

Preview file
26 KB
0 Helpful

Brandon Svec
Level 7
Level 7
In response to plg_uxware

‎02-09-2017 11:30 AM

I am still not clear if the NAS is working normally besides not being able to ping it from the switch?

The NAS is plugged into vlan 104   gi4/1/45   172.16.104.50, right?

I am just trying to understand if *the only* problem you have is pinging devices in VLAN 104 from the switch or if there is more to this?

-- please remember to rate and mark answered helpful posts --
0 Helpful

plg_uxware
Level 1
Level 1
In response to Brandon Svec

‎02-09-2017 02:52 PM

Your right it's on this port. For example I can ping from my computer (on vlan50) on ge2/1/8 my pfsense firewall (172.16.50.1) on vlan 50 which is on Ge3/1/15. If I try to ping it from the switch (172.16.50.254) nothing arriving on the pfsense.

ping ip 172.16.50.1 source 172.16.50.254
Pinging 172.16.50.1 with 18 bytes of data:

PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout
PING: no reply from 172.16.50.1
PING: timeout

----172.16.50.1 PING Statistics----
4 packets transmitted, 0 packets received, 100% packet loss

I can ping nothing from the stack that what's very strange.

0 Helpful

kawasaki800
Level 1
Level 1

‎02-12-2017 09:28 AM

from a pc (linux or putty windows)

ssh 172.16.104.254 (+ username / password)

uxsg500-1#ping 172.16.104.50

should work.

interface gigabitethernet1/1/1
 storm-control broadcast enable 
 switchport mode access 
 switchport access vlan 104 
!

if not, add your nas 172.16.104.50 to port gi1/1/1 change to vlan 104 untagged and ping again.

if nothing, check your nas (ping allowed?)

if ok? exit from switch and login again with another ip-address

ssh 172.16.100.254 (+ username / password)

uxsg500-1#ping 172.16.104.254

if not ok? Check your routing

uxsg500-1#sh ip route

all your int vlan are directly connected? Check your default-gateway and static route

0 Helpful

plg_uxware
Level 1
Level 1
In response to kawasaki800

‎02-12-2017 10:06 AM

Hello,

As you can see my NAS is seen by the switch.

  VLAN    Interface     IP address        HW address          status
--------------------- --------------- ------------------- ---------------
vlan 104   gi4/1/24   172.16.104.1    xx:xx:xx:xx:xx:xx   dynamic
vlan 104   gi4/1/45   172.16.104.50   yy:yy:yy:yy:yy:yy   dynamic

The port is configured as following:

sh interfaces switchport ge 4/1/45
Added by: D-Default, S-Static, G-GVRP, R-Radius Assigned VLAN, T-Guest VLAN, V-Voice VLAN
Port : gi4/1/45
Port Mode: Access
Gvrp Status: disabled
Ingress Filtering: true
Acceptable Frame Type: admitAll
Ingress UnTagged VLAN ( NATIVE ): 104
Port is member in:
Vlan               Name               Egress rule     Added by
---- -------------------------------- ----------- ----------------
104                                       Untagged          S

Forbidden VLANS:
Vlan               Name
---- --------------------------------

Classification rules:
Protocol based VLANs:
  Group ID   Vlan ID
------------ -------
and nothing with the ping.
ping 172.16.104.50
Pinging 172.16.104.50 with 18 bytes of data:
PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout
PING: no reply from 172.16.104.50
PING: timeout
----172.16.104.50 PING Statistics----
4 packets transmitted, 0 packets received, 100% packet loss
As I said previously, to avoid a possibility to ping or not the NAS, I've done the same thing with a firewall. Nothing on it.
I didn't configure any static route as I've activated the IP routing.
sh ip route
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static

S   0.0.0.0/0 [1/1] via 172.16.10.2, 1016:04:07, vlan 1
C   172.16.10.0/24 is directly connected, vlan 1
C   172.16.50.0/24 is directly connected, vlan 50
C   172.16.100.0/24 is directly connected, vlan 100
C   172.16.101.0/24 is directly connected, vlan 101
C   172.16.102.0/24 is directly connected, vlan 102
C   172.16.103.0/24 is directly connected, vlan 103
C   172.16.104.0/24 is directly connected, vlan 104
Regards.
Pat.
0 Helpful

kawasaki800
Level 1
Level 1
In response to plg_uxware

‎02-13-2017 03:00 AM 

ip default-gateway 172.16.10.2 
ip route 172.16.11.0 /24 172.16.11.1

you have two static routes in your running-config. i don't unterstand the "ip route 172.16.11.0 /24 172.16.11.1".

your nas = 172.16.104.50 255.255.255.0 gateway 172.16.104.254
make a (linux) pc with = 17.16.104.51 (or .1) 255.255.255.0 gateway 172.16.104.254

change config for ports gi1/1/1 and gi1/1/2 to

interface range gigabitethernet1/1/1 - 2
 storm-control broadcast enable 
 switchport mode access 
 switchport access vlan 104

plug in nas gi1/1/1 (is interface up?)
plug in pc gi1/1/2 (is interface up?)
------------------------
from pc make ping to 172.16.104.51 (PC to PC self)
should work

from pc make ping to 172.16.104.254 (PC to Switch "interface vlan 104")
ok?

from pc make ping to 172.16.104.50 (PC over Switch to NAS)
ok?

login from pc to switch:
$: ssh 172.16.104.254 (+ user / password)

uxsg500-1#sh mac address-table int gi1/1/1
uxsg500-1#sh mac address-table int gi1/1/2
or
uxsg500-1#sh mac address-table vlan 104
you see the mac from nas at gi1/1/1 and pc at gi1/1/2?

...to be continued

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X
Customers Also Viewed These Support Documents