Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2864
Views
0
Helpful
6
Replies

3850 Switch IP Address Issue

Mitchell Theriot
Level 1
Level 1

‎01-22-2019 02:20 PM - edited ‎03-08-2019 05:06 PM

I have ran into an issue with an VLAN SVI IP Address on a 3850-12S switch. The current IP is set to 172.20.3.1/21. There is another 3850 switch upstream of this switch and a 2960X downstream. I have a server plugged into the upstream switch that resides on a different VLAN. My issue is from the server (10.102.0.175/24) I am unable to ping the switch IP 172.20.3.1. However, If I go to the 3850 switch that the server is plugged into I am able to ping the IP even with it sourced from the interface that is in the 10.102.0.0/24 network. From the server I am able to ping 172.20.3.3 which is the IP assigned to the 2960X switch. If i change the 3850 switch IP from 172.20.3.1 to another IP in the subnet such as 172.20.3.100, then I am able to ping the switch from the server. If I revert back to the .1 address communication is once again lost from the server. I have verified there are no duplicate IPs on the network. verified ARP entries are correct, verified routing, verified subnet masks and default gateways are all correct, and also verified there are no ACLs acting on the traffic. There are also no firewalls in play. I have attached a drawing which illustrates the small network. There is something about using the .1 address on the 3850. Any suggestions are greatly appreciated. 

Labels:
Preview file
20 KB
0 Helpful
6 Replies 6

VIvanov
Level 1
Level 1

‎01-22-2019 02:59 PM

Sounds really odd.  check sh ip arp  on the .254 when 3850-12s is .100 (im guessing standby is on somewhere if thats not it theres a typo somewhere or a bug)

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎01-22-2019 11:07 PM

Looks bizzared issue.

 

If i change the 3850 switch IP from 172.20.3.1 to another IP in the subnet such as 172.20.3.100, then I am able to ping the switch from the server. If I revert back to the .1 address communication is once again lost from the server.

 

can you post the 3850-12sconfig, and show ip arp on all the switches.

Tracertoute from server  to 172.30.3.3

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Palaniswamy P
Level 1
Level 1
In response to balaji.bandi

‎01-23-2019 01:11 AM

Along with above config/output request. Please share the routing output from the 3850
sh ip route 172.20.3.1
are you able to ping 172.20.3.1 from 2960x??
0 Helpful

Mitchell Theriot
Level 1
Level 1
In response to Palaniswamy P

‎01-23-2019 06:10 AM

I will see what information I can provide as far as configurations. Customer has strict security policies in place so it is difficult to get copies of the configurations. All pings work fine from 2960. The only think that is not working is pinging from the 3850 to the server and server to 3850 when using the .1 address.

0 Helpful

Mitchell Theriot
Level 1
Level 1
In response to balaji.bandi

‎01-24-2019 06:37 AM

Here is what I am able to provide for the two switches. I am working on trying to collect the arp entries and a possible trace route.

Switch 1:

Server is connected to port Gi1/0/3

Switch 2 is connected to port Gi1/1/2

 

no ip source-route
ip routing
no ip gratuitous-arps

 

interface GigabitEthernet1/0/3
switchport access vlan 3
switchport mode access
speed 1000
duplex full
spanning-tree portfast

 

interface GigabitEthernet1/1/2
no switchport
ip address 172.20.3.254 255.255.248.0
no ip redirects
no ip unreachables
no ip proxy-arp

 

interface Vlan251
ip address 10.102.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp

 

ip default-gateway 172.20.8.254
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server

 

ip route 0.0.0.0 0.0.0.0 172.20.8.254
ip ssh version 2

 

----------------------------------------------------

 

Switch 2:

Switch 3 connected to port Gi1/0/1

Switch 1 connected to port Gi1/0/11

 

no ip source-route
no ip gratuitous-arps

 

interface GigabitEthernet1/0/1
switchport access vlan 2
switchport mode access

 

interface GigabitEthernet1/0/11
switchport access vlan 2
switchport mode access

 

interface Vlan201
ip address 172.20.3.1 255.255.248.0
no ip route-cache

 

ip default-gateway 172.20.3.254
no ip classless
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip ssh version 2

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Mitchell Theriot

‎01-24-2019 07:38 AM

High level this seems to wrong here :

 

ip default-gateway 172.20.8.254   <-- remove this
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server

 

ip route 0.0.0.0 0.0.0.0 172.20.8.254  <-- change this to 172.20.3.254

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents