Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1188
Views
0
Helpful
3
Replies

SG300 inter-vlan routing troubles

Jonathan Fisher
Level 1
Level 1

‎08-16-2013 09:28 AM

Hey guys, having trouble getting routing to work across my vlans. Read this very helpful thread

https://supportforums.cisco.com/thread/2153236, but still have no luck.

Switch is in L3 mode

My firewall has internal ip of 192.168.63.254/255.255.0.0

DNS is 192.168.62.1

Vlan port settings:

Port VLAN Membership Table
Go
InterfaceModeAdministrative VLANsOperational VLANsLAG
GE1Trunk200UP200UP

GE2Trunk200UP200UP

GE3Trunk200UP200UP

GE4Trunk200UP200UP

GE5Trunk1UP1UP

GE6Trunk1UP1UP

GE7Trunk1UP1UP

IPv4 Interface Table
InterfaceIP Address TypeIP AddressMaskStatus
VLAN 200Static192.168.20.62255.255.255.192Valid
VLAN 1DHCP192.168.61.2255.255.252.0Valid

IPv4 Static Routing Table
Destination IP PrefixPrefix LengthRoute TypeNext Hop Router IP AddressRoute OwnerMetricAdministrative distance
0.0.0.00Remote192.168.63.254Static21
192.168.20.026Local0.0.0.0Directly Connected
192.168.60.022Local0.0.0.0Directly Connected

I have a windows8 host connected to port 1 of the sg300. It's configured with a static address of 192.168.20.20/255.255.255.192 with gateway of

192.168.20.62.

From the windows8 host, I can ping to 192.168.20.62, however, I cannot ping to 192.168.63.254 or 192.168.62.1.

Any help much appreciated!!!

Labels:
0 Helpful
3 Replies 3

Tom Watts
VIP Alumni
VIP Alumni

‎08-16-2013 02:53 PM

Hi Jonathan, any reason you're suppernetting your router? You're using a /16 there and everything else is inside that scope... I'd recommend to normalize your addresses...

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Jonathan Fisher
Level 1
Level 1
In response to Tom Watts

‎08-17-2013 01:44 PM

What would a better plan be? I will have 15x SG300-52s very soon, The goal was to limit broadcast scope to just the physical switch you're attached to.

0 Helpful

Tom Watts
VIP Alumni
VIP Alumni
In response to Jonathan Fisher

‎08-17-2013 02:34 PM

Hi Jonathan, a pretty typical deployment would be to have a management vlan/subnet. For an argument purpose you can use vlan 1 as management and put it on a 255.255.255.224 mask if that is enough to permit the 15 switches and all of the other network devices.

Next you can either have the router support the network traffic with a normal trunk and vlans tag or you can have the switches handle the network load. If the router supports subinterfaces or network subnets, that is fine, otherwise you'd simply need a static route to point to the switch SVI to be able to route the desired subnets.

As an example-

Management is the /28 on vlan 1 - 192.168.1.1 - 192.168.1.31

Then you could create additional vlans basically as much as you want

vlan 2 - 192.168.2.1 /24

vlan 3 - 192.168.3.1 /24

etc

To implement the switch configuration is basic something like this-

config t

int vlan 1

ip address 192.168.1.2 /28

int vlan 2

ip address 192.168.2.1 /24

int vlan 3

ip address 192.68.3.1 /24

exit

ip default-gateway 192.168.1.1

Then your router, if it doesn't support the subnets you could use static routes

something like

ip route 192.168.2.0 255.255.255.0 192.168.1.2

ip route 192.168.3.0 255.255.255.0 192.168.1.2

This should normalize the network and separate network traffic and give enough space for a management vlan.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful
Customers Also Viewed These Support Documents