05-15-2020 04:50 AM
So I'm trying to ping hosts within the same vlan across switches and can't seem to get it working properly.
I have set up Vlan 10, 11 and 12 - only hosts in vlan 12 are able to ping each other.
I am very new to networking and especially switching, so I'm not sure if I even have the trunks set up properly.
Hopefully this is enough information, happy to provide more if need be.
Switch 1:
Switch#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/1 96 S 2960 Fas 0/1
Switch Fas 0/6 156 S 2960 Fas 0/6
Switch Fas 0/5 156 S 2960 Fas 0/5
Switch Fas 0/2 156 S 2960 Fas 0/2
Switch#show ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual up up
FastEthernet0/2 unassigned YES manual up up
FastEthernet0/3 unassigned YES manual down down
FastEthernet0/4 unassigned YES manual down down
FastEthernet0/5 unassigned YES manual up up
FastEthernet0/6 unassigned YES manual up up
FastEthernet0/7 unassigned YES manual down down
FastEthernet0/8 unassigned YES manual down down
FastEthernet0/9 unassigned YES manual down down
FastEthernet0/10 unassigned YES manual down down
FastEthernet0/11 unassigned YES manual down down
FastEthernet0/12 unassigned YES manual down down
FastEthernet0/13 unassigned YES manual down down
FastEthernet0/14 unassigned YES manual down down
FastEthernet0/15 unassigned YES manual up up
FastEthernet0/16 unassigned YES manual down down
FastEthernet0/17 unassigned YES manual down down
FastEthernet0/18 unassigned YES manual down down
FastEthernet0/19 unassigned YES manual down down
FastEthernet0/20 unassigned YES manual down down
FastEthernet0/21 unassigned YES manual down down
FastEthernet0/22 unassigned YES manual down down
FastEthernet0/23 unassigned YES manual down down
FastEthernet0/24 unassigned YES manual down down
GigabitEthernet0/1 unassigned YES manual up up
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan99 172.168.10.1 YES manual down down
Switch#
Switch#show vlan br
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig0/2
10 sales active
11 marketing active Fa0/15
12 production active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#show vtp status
VTP Version : 2
Configuration Revision : 6
Maximum VLANs supported locally : 255
Number of existing VLANs : 8
VTP Operating Mode : Server
VTP Domain Name : logbook
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x93 0xD6 0x0F 0x54 0x89 0x2D 0x48 0xCF
Configuration last modified by 0.0.0.0 at 3-1-93 01:26:26
Local updater ID is 0.0.0.0 (no valid interface found)
Switch#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 000c.8526.5601 DYNAMIC Fa0/1
Switch 2:
Switch>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/3 169 S 2960 Fas 0/3
Switch Fas 0/4 169 S 2960 Fas 0/4
Switch Fas 0/1 157 S 2960 Fas 0/1
Switch Fas 0/2 157 S 2960 Fas 0/2
Switch>show ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual up up
FastEthernet0/2 unassigned YES manual up up
FastEthernet0/3 unassigned YES manual up up
FastEthernet0/4 unassigned YES manual up up
FastEthernet0/5 unassigned YES manual down down
FastEthernet0/6 unassigned YES manual down down
FastEthernet0/7 unassigned YES manual down down
FastEthernet0/8 unassigned YES manual down down
FastEthernet0/9 unassigned YES manual down down
FastEthernet0/10 unassigned YES manual down down
FastEthernet0/11 unassigned YES manual down down
FastEthernet0/12 unassigned YES manual down down
FastEthernet0/13 unassigned YES manual down down
FastEthernet0/14 unassigned YES manual down down
FastEthernet0/15 unassigned YES manual up up
FastEthernet0/16 unassigned YES manual down down
FastEthernet0/17 unassigned YES manual down down
FastEthernet0/18 unassigned YES manual down down
FastEthernet0/19 unassigned YES manual down down
FastEthernet0/20 unassigned YES manual down down
FastEthernet0/21 unassigned YES manual down down
FastEthernet0/22 unassigned YES manual down down
FastEthernet0/23 unassigned YES manual down down
FastEthernet0/24 unassigned YES manual down down
GigabitEthernet0/1 unassigned YES manual down down
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan99 172.168.10.2 YES manual down down
Switch>show vlan br
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig0/1
Gig0/2
10 sales active
11 marketing active
12 production active Fa0/15
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch>show vtp status
VTP Version : 2
Configuration Revision : 6
Maximum VLANs supported locally : 255
Number of existing VLANs : 8
VTP Operating Mode : Client
VTP Domain Name : logbook
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x93 0xD6 0x0F 0x54 0x89 0x2D 0x48 0xCF
Configuration last modified by 0.0.0.0 at 3-1-93 01:26:26
Switch>show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 00d0.ff3d.2101 DYNAMIC Fa0/1
11 00d0.ff3d.2101 DYNAMIC Fa0/1
12 00d0.ff3d.2101 DYNAMIC Fa0/1
Switch 3:
Switch#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/3 144 S 2960 Fas 0/3
Switch Fas 0/4 144 S 2960 Fas 0/4
Switch Fas 0/5 132 S 2960 Fas 0/5
Switch Fas 0/6 132 S 2960 Fas 0/6
Switch#show ip int br
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual down down
FastEthernet0/2 unassigned YES manual down down
FastEthernet0/3 unassigned YES manual up up
FastEthernet0/4 unassigned YES manual up up
FastEthernet0/5 unassigned YES manual up up
FastEthernet0/6 unassigned YES manual up up
FastEthernet0/7 unassigned YES manual down down
FastEthernet0/8 unassigned YES manual down down
FastEthernet0/9 unassigned YES manual down down
FastEthernet0/10 unassigned YES manual down down
FastEthernet0/11 unassigned YES manual down down
FastEthernet0/12 unassigned YES manual down down
FastEthernet0/13 unassigned YES manual down down
FastEthernet0/14 unassigned YES manual down down
FastEthernet0/15 unassigned YES manual up up
FastEthernet0/16 unassigned YES manual up up
FastEthernet0/17 unassigned YES manual up up
FastEthernet0/18 unassigned YES manual up up
FastEthernet0/19 unassigned YES manual down down
FastEthernet0/20 unassigned YES manual down down
FastEthernet0/21 unassigned YES manual down down
FastEthernet0/22 unassigned YES manual down down
FastEthernet0/23 unassigned YES manual down down
FastEthernet0/24 unassigned YES manual down down
GigabitEthernet0/1 unassigned YES manual down down
GigabitEthernet0/2 unassigned YES manual down down
Vlan1 unassigned YES manual administratively down down
Vlan99 172.168.10.3 YES manual down down
Switch#show vlan br
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 sales active Fa0/15, Fa0/16
11 marketing active Fa0/17
12 production active Fa0/18
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#show vtp status
VTP Version : 2
Configuration Revision : 6
Maximum VLANs supported locally : 255
Number of existing VLANs : 8
VTP Operating Mode : Client
VTP Domain Name : logbook
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x93 0xD6 0x0F 0x54 0x89 0x2D 0x48 0xCF
Configuration last modified by 0.0.0.0 at 3-1-93 01:26:26
Switch#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 00d0.ff3d.2105 DYNAMIC Fa0/5
11 00d0.ff3d.2105 DYNAMIC Fa0/5
12 00d0.ff3d.2105 DYNAMIC Fa0/5
Thank you for looking over my post, let me know if I can provide anymore information.
05-15-2020 05:01 AM
Look at the config
how is these switches connected each other ? what port they connect( between switches, may be some information or diagram to help you.
where your Layer 3 SVI interface configured for VLAN 10,11,12
Most of the ports on all switches belong to VLAN 1, other 1 or 2 ports configured VLAN 11 or LAN 12
Also give what IP adress of their VLANs
05-15-2020 10:42 AM
Looking through the output posted it shows that SW1 has only one access port that is not in the default vlan 1, which is 0/15 in vlan 11. SW2 has only one access port that is not in the default vlan 1 which is 0/15 in vlan 12. SW3 has 4 access port that are not in the default vlan 1 which are 0/15 and 0/16 in vlan 10, 0/17 in vlan 11, and 0/18 in vlan 12.
Am I correct in understanding that devices in vlan 12 can ping each other but that in vlan 11 can not? What about in vlan 10?
it might be helpful if you post the output of show interface trunk from each switch.
Would you test test ping in vlan 11 again (pinging sw1 to sw3 and sw3 to sw1) and then immediately get the output of show arp (arp-a or whatever for the OS).
Have you you checked for the possibility that firewall on one or both may be preventing ping?
05-17-2020 03:46 AM
Sorry for the late reply, the email notifications got sent to my junk mail for some reason!
Here is the show interface trunk output for each switch.
Switch 1:
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 99
Fa0/2 on 802.1q trunking 99
Fa0/5 on 802.1q trunking 99
Fa0/6 on 802.1q trunking 99
Gig0/1 on 802.1q trunking 99
Port Vlans allowed on trunk
Fa0/1 1-1005
Fa0/2 1-1005
Fa0/5 1-1005
Fa0/6 1-1005
Gig0/1 10-12
Port Vlans allowed and active in management domain
Fa0/1 1,10,11,12
Fa0/2 1,10,11,12
Fa0/5 1,10,11,12
Fa0/6 1,10,11,12
Gig0/1 10,11,12
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,10,11,12
Fa0/2 10,11,12
Fa0/5 10,11,12
Fa0/6 10,11,12
Gig0/1 10,11,12
Switch 2:
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 99
Fa0/2 on 802.1q trunking 99
Fa0/3 on 802.1q trunking 99
Fa0/4 on 802.1q trunking 99
Port Vlans allowed on trunk
Fa0/1 10-12,99
Fa0/2 10-12,99
Fa0/3 10-12,99
Fa0/4 10-12,99
Port Vlans allowed and active in management domain
Fa0/1 10,11,12
Fa0/2 10,11,12
Fa0/3 10,11,12
Fa0/4 10,11,12
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 10,11,12
Fa0/2 none
Fa0/3 10,11,12
Fa0/4 10,11,12
Switch 3:
Port Mode Encapsulation Status Native vlan
Fa0/3 on 802.1q trunking 99
Fa0/4 on 802.1q trunking 99
Fa0/5 on 802.1q trunking 99
Fa0/6 on 802.1q trunking 99
Port Vlans allowed on trunk
Fa0/3 10-12,99
Fa0/4 10-12,99
Fa0/5 10-12,99
Fa0/6 10-12,99
Port Vlans allowed and active in management domain
Fa0/3 10,11,12
Fa0/4 10,11,12
Fa0/5 10,11,12
Fa0/6 10,11,12
Port Vlans in spanning tree forwarding state and not pruned
Fa0/3 none
Fa0/4 none
Fa0/5 10,11,12
Fa0/6 none
Here is a screenshot of the arp -a output on the vlan 11 host:
The pings between switch 1 to switch 3, and switch 3 to switch 1 both failed.
As I was typing up this reply I was testing pings between vlans 10, 11 and 12 again - previously only vlan 12 could ping each other, but now none of those vlans can ping each other.
I don't think I have any firewalls switch on, they are definitely not turned on within the host machines, and honestly I'm unsure of how to check if they are on within the switches.
Appreciate the help so far, hopefully my further information helps you!
05-17-2020 11:28 AM
No problem about delays responding. I have the experience from time to time that notification emails were in junk folder. Not sure why. Just happens.
It it is difficult to determine what connects to what since all switches have the default name. Might make it easier if each switch had a unique name- perhaps some thing simple like sw1, sw2, sw3. I am assuming that sw1 0/1 and 0/2 connect to sw2 0/1 and 0/2 and sw1 0/5 and 0/6 connect to sw3 0/5 and 0/6 and sw2 0/3 and 0/4 connect to sw3 0/3 and 0/4. Can you verify this is correct?
the output of show interface trunk is interesting. It shows that there is a single interface carrying the vlans between sw1 and sw2 (0/1 but not 0/2) and a single interface carrying the vlans between sw1 and sw3 (0/5 but not 0/6). And there are no interfaces carrying the vlans between sw2 and sw3. This is almost certainly the result of spanning tree blocking potential loops in the network. The good news is that there is an active layer 2 path for each of the vlans between each of the switches.
Based on on this I would expect that any 2 PCs in the same vlan to be able to communicate. I would not expect any PC to be able to communicate with any PC in a different vlan. So taking things one step at a time, you have 2 PCs in vlan 10. Would you post the IP address, mask, and gateway of both of them? The do arp-a, attempt ping, arp-a again and post the outputs?
05-18-2020 03:53 AM
Yes those connections are correct, sorry I should have posted that already.
For vlan 10 I only have one PC and one server. Each vlan has 1 pc and 1 server, the 3 pc's are connected to switch 3 as well as the vlan 10 server, switch 2 has vlan server 12, and switch 1 has vlan server 11 as well as a router.
Sorry for any confusion, I am frustratingly new to this.
I will post the outputs requested for the vlan 10 PC and the vlan 10 server and hopefully that will provide some sort of helpful output.
Left: PC on Vlan 10. Right: Server on Vlan 10
And their arp outputs.
Left: PC on Vlan 10. Right: Server on Vlan 10.
:
Thank you so much for your help and patience so far.
05-18-2020 12:18 PM
Perhaps I created some confusion when I talked about PCs in your network. I should have been more careful about terminology and said that you have 2 hosts with IP address in each vlan (in this discussion it does not matter whether it is actually a PC or actually a server).
The output from pc and server are quite helpful. When 2 hosts are in the same vlan we expect them to be in the same subnet. It looks like you intended the subnet to be 172.168.10 but the pc address changes the second octet and is 172.165.10.98. Since they aren't in the same subnet they can't arp for each other and can't communicate with each other. Fix the address and see if it works.
If that does work then let us move on to another vlan. Can you send the same outputs for pc and server in another vlan?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide