cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Popup Hotspot Using ISR 1000 with WiFi/LTE for Teleworkers and Micro Branchesr
328
Views
0
Helpful
3
Replies
Highlighted
Beginner

Cannot access anything outside the L2 switch

Hi everyone

 

I'm having an odd issue with Cisco Catalyst Switches. We have several VLAN (more than a 100) where we use 4500-X VSS as the distribution Layer, and 2960X stacks as Access Layer (10 stacks directly attach to the 4500X VSS).

 

The 4500-X VSS is the default gateway for 4 VLANs. a few weeks ago, one of this VLANs began to fail. Where users in it cannot reach any device outside the stack where they connect.

 

For testing, we assigned an IP in this VLAN to the 2960X stack, we see that this stack (access layer), also, cannot ping anything outside it. But all other VLANs that reside in this same stack does not have this issue.

 

We look at the trunk links to see if the VLAN disappear from it, we look the "show vlan" output to see if the VLAN was remove from the stack (because we are using VTP to replicate all the VLANs).

 

Have you ever had a similar issue? can you recommend something?

 

Regards

 

 

3 REPLIES 3
Highlighted
VIP Mentor

Re: Cannot access anything outside the L2 switch

Hi

Have you verified the STP for that VLAN? is the VLAN created on the stack (the ports could be assigned to that VLAN but the VLAN is gone) also is that VLAN allowed on both ends?




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
Highlighted
Beginner

Re: Cannot access anything outside the L2 switch

Hi Julio

 

Thanks for the reply.

 

We checked for the VLANs in both ends (4500-X and 2960X), they exist in both ends. As for STP, we are running MST, we check the configuration and statistics and it seems clear, no errors, one way to go out of the stack as we have no loops in the network.

 

We already troubleshoot all basic configuration, trunks vlans, vtp, mst. All seems ok, however, VSS show drops in the "show platform software drop-port" output, but not sure is this drops are normal or not.

 

The values that show drops are:

- DropActivityCount

- XppTmmPtdDropPortCount

-SptDrop

-InpL2AclDrop

-L2FwdDrop

 

But haven't find any document that explains what this values means.

 

Regards

Highlighted
VIP Mentor

Re: Cannot access anything outside the L2 switch

Hello

 

From the VSS can you ping the other vlans sourced from the troublesome vlan?

 


@Alvaro Rugama wrote:

We look at the trunk links to see if the VLAN disappear from it, we look the "show vlan" output to see if the VLAN was remove from the stack (because we are using VTP to replicate all the VLANs).

 


 

Having vtp enabled is one thing but do you also have pruning enabled?
Are all you switches running the same vtp version?
Is it possible you can have a duplicate ip address relating to the L3 of that vlan?

Are the clients obtaining the correct addressing subnet mask etc..
res
Paul

 

 

 

 



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
CreatePlease to create content
Content for Community-Ad