Re: basic routing help, please

crisbayer · ‎10-03-2006

I'm trying to break some users off of our 192.168.100.0 network and add them to a 192.168.102.0 net. On a 2600 I have f0/0 ip of 192.168.100.100 and f0/1 ip of 192.168.102.1.

Problem is I can't get the host on .102 to ping anything on .100. The host address is 192.168.102.10 with a dg of 192.168.102.1. It can ping the f0/0 int, but nothing on the other side of that interface, e.g. 192.168.100.4.

From the router I can ping everything, but from the host I can't get 'through' the interface. I'll post part of the config below, do I need to add routes? I'm not sure what I have wrong, would appreciate any help with this. Thanks.

interface FastEthernet0/0

ip address 192.168.100.100 255.255.255.0

no ip directed-broadcast

!

interface Serial0/0

no ip address

no ip directed-broadcast

no ip mroute-cache

shutdown

!

interface FastEthernet0/1

ip address 192.168.102.1 255.255.255.0

no ip directed-broadcast

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.100.253

no ip http server

sh ip route

Gateway of last resort is 192.168.100.253 to network 0.0.0.0

C 192.168.102.0/24 is directly connected, FastEthernet0/1

C 192.168.100.0/24 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 192.168.100.253

ananddiwakar · ‎10-03-2006

Hie,

Does your PC in .100 network ping 102.1 interface.

Also how are you connecting your PCs to the router

rajinikanth · ‎10-03-2006

Hi,

Can you tell me whose ip is

192.168.100.253

The problem with ur ping to 192.168.100.X network is ur static route is being used instead of directly connected interface

Try to remove ur static defualt route and try to ping.

HTH

Thanks

Raj

globalnettech · ‎10-03-2006

Hello,

in addition to the other posts, make sure that your clients on the 192.168.100.0/24 segment have the correct default gateway (192.160.100.100) configured as well. If possible, can you post the output of 'route print' from one client computer on each segment ?

Regards,

GNT

gpulos · ‎10-04-2006

the problem is not your 'static route' as stated earlier.

the two subnets are directly connected, therefore, the static route you have configured will not affect communication between the 100 & 102 subnets.

the problem is either the traffic is begin blocked by perhaps a personal firewall, VACLs (vlan ACLs on the switch), or the PCs in question do not have the proper routes to the other subnets.

(if the PCs have DGs of their respective subnet, .100.100 & .102.1, then this should work)

example:

PC1 -

192.168.100.140/24 DG = 192.168.100.100

PC2 -

192.168.102.75/24 DG = 192.168.102.1

the two above pc configurations with no VACLs or personal firewalls blocking, should allow all IP connectivity.

if your PC DGs are not as described above and cannot be set as such, then a 'persistant route' in the PCs routing tables will be required.

ie:

PC1 - (CMD line command; aka DOS prompt)

route add 192.168.102.0 mask 255.255.255.0 192.168.102.1 -p

PC2 - (CMD line command; aka DOS prompt)

route add 192.168.100.0 mask 255.255.255.0 192.168.100.100 -p

sarbjeet-dhillon · ‎10-07-2006

Check to make sure the PC subnet masks are correct

SD

bdantzig · ‎10-27-2006

Check the default gateway on the PC's in 192.168.100.0. It probably points to to 192.168.100.253 which I guess is your Internet firewall/router. The workstations on the 192.168.100.0 network don't know how to reply back to 192.168.102.0. You have several options.

1. Move your Internet/Router to another subnet connected by your 2600 router at 192.168.100.1. Change default gateways for nodes on 192.168.100.0.

2. Add a route for 192.168.102.0/24 to your firewall and nodes on 192.168.100.0. and let the Internet traffic hairpin through the 2600 router.

3. Add a route to the firewall for 192.168.102.0/24 pointing to 192.168.100.1. Your firewall may not like this as it requires traffic to hairpin.

A 2600 router is not a very good platform for LAN to LAN routing as it is only capable of 16000 pps. A L3 switch can probably beat this by a factor of 10 to 1000. Think about your traffic flows when setting up a network. If the 192.168.100.0 and 192.168.102.0 keep most of their traffic local and only Internet traffic is crossing the router, then a 2600 should be fine as your internet connection is probably slower than the router. If you have users on one net talking to servers on the other, you could have problems.