Re: SG300 intervlan routing

pfontana · ‎04-19-2011

Does anyone have some tips and trick on how to configure and sg300 for intervlan routing.

I already have the switch set up for layer 3

I already set up multiple vlans and each vlan has a ip interface setup with the desired subnet

I see the local routes set up in the static routing page.

I cannot seem to get from one subnet/vlan (I am using one subnet for each VLAN) to the next.

Any help or info would be appreciated.

David Hornstein · ‎04-19-2011

Hi Paul.

Ok, Your in layer 3 mode

Within the switch, you have setup the IP addresses of the VLANs. These are the gateway addresses for the PC hosts in that VLAN .

If that is the case then all should route without issue.

It sure would be useful to see some screen shots of the switches ;

VLAN configurations
IP configuration,
maybe screen capture the static route table as well.
how are you allocating addresses to the VLANs?
IP addresses are being allocated to all PC, can you maybe paste the result of a command line command ipconfig /all

But, why not back up your startup configuration file to your next posting. Gotta try to better understand how you configured your switch.

Layer 3 switching just works, it's gotta be one of two things configuration issue or bad switch and I really doubt the later.

regards Dave

David Carr · ‎04-20-2011

Hey Paul,

Make sure your gateway address for the pc's connecting to that vlan are using the ip address of the switch for that vlan.

For Example, if you have 192.168.1.254 as the ip address for vlan 1. Connect to a port for vlan one and make sure that your gateway is 192.168.1.254. If the switch is the gateway for all vlans, then it will route between the vlans.

pfontana · ‎04-20-2011

I currently am not able to upload the config data. I will upload tommrow if need be.

However I did use the ip interface as the gateway on my connected pcs.

I have three VLANS each with its own subnet and interface. Both vlans are trunked between two switches and both switches have the same subnets for the same VLAN.

Switch 1:

VLAN 1, 192.168.1.0(network), 192.168.1.254 (interface)

VLAN 2, 192.168.2.0(network), 192.168.2.254 (interface)

VLAN 5, 192.168.5.0(network), 192.168.5.254 (interface)

Switch 1 route table:

192.168.1.0 local

192.168.2.0 local

192.168.5.0 local

Switch 2:

VLAN 1, 192.168.1.0(network), 192.168.1.253 (interface)

VLAN 2, 192.168.2.0(network), 192.168.2.253 (interface)

VLAN 5, 192.168.5.0(network), 192.168.5.253 (interface)

Switch 2 route table:

192.168.1.0 local

192.168.2.0 local

192.168.5.0 local

A pc connected to VLAN 5 at switch 1 with an ip of 192.168.5.75 and gateway of 192.168.5.254

can ping the 192.168.2.254 and 253 gateways but cannot ping a client machine that is at 192.168.2.1 which is connected to vlan2 at switch 2.

Also through the ping utility on switch 2 I can ping 192.168.2.1

Thanks again for your help!

cope.chris · ‎04-20-2011

I'm having exactly the same issue… I can ping the interfaces when they are up but cannot ping any clients. I’m assuming that this layer 3 switch does its own NAT between the VLANS?

David Carr · ‎04-22-2011

Paul,

Based on what your describing, it looks like you have both sg300's in layer 3 mode with both of them having the same vlans.

What is happening is pretty much you have mirrored two separate network schemes and they have the same exact routing table and client addresses resulting in an ip conflict between the networks.

Ideally what you need is one switch in layer 3 mode and then setup the second switch in layer2 mode with a trunk port connecting to the layer3 switches trunk port.

This will pass the vlans to the second switch and allow the first switch to be the gateway for all vlans.

jcejka · ‎05-19-2011

Which switch needs to be what mode though?

Assume Firewall - Switch 1 - Switch 2