Tracert and vlans problems

Mustapha elfalou · ‎03-23-2013

i set up few vlans on my sf300. Everything working fine. i can access internet from all vlans, ping...etc. The only problem when i tracert from any vlan, i am always failling the first hop. My firewall is disabled as well as my antivirus.I was wondering is this normal or am i missing something?default gateway on my PC is vlan IP.

Thank you

Tracing route to google.com [173.194.70.113]

over a maximum of 30 hops:

1 * * * Request timed out.

2 1 ms <1 ms <1 ms 192.168.1.1

3 1 ms 1 ms 1 ms 192.168.100.1

...

My configuration:

switch1#sh run

config-file-header

switch1

v1.2.9.44 / R750_NIK_1_2_584_002

CLI v1.0

file SSD indicator encrypted

@

ssd-control-start

ssd config

ssd file passphrase control unrestricted

no ssd file integrity control

ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0

!

vlan database

vlan 2-4

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

ip dhcp relay address 10.10.4.2

ip dhcp relay enable

ip dhcp information option

bonjour interface range vlan 1

hostname switch1

no passwords complexity enable

username cisco password encrypted f84f7bb9b5e52e3b755d7ec0496c50e8404869d8 privi

lege 15

ip telnet server

!

interface vlan 1

ip address 192.168.1.254 255.255.255.0

no ip address dhcp

!

interface vlan 2

name "x"

ip address 10.10.2.1 255.255.255.0

ip dhcp relay enable

!

interface vlan 3

name "y"

ip address 10.10.3.1 255.255.255.0

ip dhcp relay enable

!

interface vlan 4

name Server

ip address 10.10.4.1 255.255.255.0

!

interface fastethernet1

switchport mode access

switchport access vlan 2

!

interface fastethernet2

switchport mode access

switchport access vlan 2

!

interface fastethernet3

switchport mode access

switchport access vlan 2

!

interface fastethernet4

switchport mode access

switchport access vlan 3

!

interface fastethernet5

switchport mode access

switchport access vlan 3

!

interface fastethernet6

switchport mode access

switchport access vlan 3

!

interface fastethernet7

switchport mode access

switchport access vlan 4

!

interface fastethernet8

switchport mode access

switchport access vlan 4

!

ip route 0.0.0.0 0.0.0.0 192.168.1.1

switch1#

Tom Watts · ‎03-23-2013

It looks like you have a default route to 192.168.1.1. What is 192.168.1.1?

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Mustapha elfalou · ‎03-23-2013

192.168.1.1 is my internet gateway

Sent from Cisco Technical Support iPhone App

Tom Watts · ‎03-24-2013

Hi Mustapha, I'd suspect that default route may be causing the odd hop count.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Mustapha elfalou · ‎03-24-2013

Thank you for your reply
So what do you think the default route should be?192.168.1.1 is my isp modem

Sent from Cisco Technical Support iPhone App

Tom Watts · ‎03-24-2013

Shouldn't need one, especially if it is the only internet gateway.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Mustapha elfalou · ‎03-24-2013

Well actually i am using two routers isp router and a linksys e3000 between isp and switch. Isp router is 192.168.100.1
E3000 192.168.1.1. I am using the e3000 for nating since i couldnt configure static routes on my isp router.

Sent from Cisco Technical Support iPhone App

Mustapha elfalou · ‎03-27-2013

Anybody??

Sent from Cisco Technical Support iPhone App

Tom Watts · ‎03-27-2013

Remove the default route...

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Mustapha elfalou · ‎03-28-2013

When i remove default route, i will no longer have access to the internet. I noticed when i am on the default valn 1 tracert works normally and the first hop is 192.168.1.254

Sent from Cisco Technical Support iPhone App

Tom Watts · ‎03-28-2013

Hi Mustapha, if that default is required for internet connectivity then something else is wrong. You should not have to manually add a default route on the switch.

Reference this topic-

https://supportforums.cisco.com/thread/2123434

The only requirements will be vlan interface with IP addresses and a static route pointing back to the SVI on the router. Anything more is uncessary.

Under a normal circumstance if you trace route from host a in vlan 1 to host b in vlan 2 locally connecting to the switch, there is only 1 hop - the switch.

Your default route is telling all traffic to go somewhere else...

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Mustapha elfalou · ‎03-28-2013

So without the default route how would the switch know where to send packets to the my internet gateway 192.168.1.1

Sent from Cisco Technical Support iPhone App

Tom Watts · ‎03-28-2013

Because the switch maintains a route table. When you create a SVI and have active links on the SVI, it builds a route table.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Robert1478 · ‎04-07-2013

Hi Tom, Nice info.

David Dionne · ‎12-22-2013

Uhhhhhhhhhh, yeah...im gonna have to side with Mustapha. Upon cursory examination, idk what the rest of you are smokin but it must be stout. Is it that they used the "ip route 0.0.0.0 0.0.0.0" command instead of "ip default-gateway" that has this group all bent out of shape?

Admitedly I've never worked with an sf300 but it appears to be a switch that can route...it doesn't appear to be running any routing protocols so how in the hell could it ever, possibly know where to go to get out???

Lets hang 2 c6807's off each of the 3 vlans, so a total of 6 HONKIN cat's. Lets give them L3 vlan interfaces and lets also hang hundreds of endpoints off all 3 vlans. So now vlan 1 has 192.168.1.2 - 192.168.1.253 ALL USED UP, not one single free ip in that little fella...and lets NOT set a default gateway for sf300. LETS ALSO SAY that your life depends on pinging google from the commandline of the sf300, will you survive...without adding a default gateway?