08-13-2012 02:08 AM - edited 03-07-2019 08:18 AM
Hello everyone,
I have 5 SVIs configured for VLAN Interfaces 121-125 for my vSphere environment.
All VMs can ping IPs on all the VLANs (VMs on VLAN 124 can ping VMs on VLAN121)
All VMs, except those on VLAN 124, can access the Internet or even ping my router IP.
If I change one of the VLAN 124 VMs to use a different VLAN, and update the addressing appropriately, it can access the Internet.
The problem is exhibited with Windows and Linux VMs. So, I believe something in my switch setup is the problem with VLAN 124 in particular.
If i do a show vlan brief, VLAN 124 is listed.
If I do a show ip int brief, VLAN 124 is listed as up\up. I also tried to shut\no shut the VLAN 124 interface.
Has anyone encountered a similar problem where one specific VLAN has connectivity problems?
My topology is Catalyst 3560 to home router to Internet.
Here is my IOS image: c3560-ipservicesk9-mz.122-55.SE6.bin
Here is my show run output:
3560_02#sh run
Building configuration...
Current configuration : 5900 bytes
!
version 12.2
service config
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 3560_02
!
boot-start-marker
boot-end-marker
aaa new-model
!
!
aaa session-id common
system mtu routing 1600
vtp interface lo0 only
authentication mac-move permit
ip routing
ip domain-name test.com
!
!
ip multicast-routing distributed
ip igmp snooping querier address 192.168.120.254
!
!
interface Loopback0
ip address 11.1.1.11 255.255.255.0
!
interface Port-channel1
switchport access vlan 121
switchport mode access
!
interface FastEthernet0/17
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,120-125
switchport mode trunk
!
interface FastEthernet0/18
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,120-125
switchport mode trunk
!
interface FastEthernet0/19
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,120-125
switchport mode trunk
!
interface FastEthernet0/20
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,120-125
switchport mode trunk
!
interface FastEthernet0/29
switchport access vlan 122
switchport mode access
!
interface FastEthernet0/30
switchport access vlan 122
switchport mode access
!
interface FastEthernet0/31
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,121-125
switchport mode trunk
!
interface FastEthernet0/33
switchport access vlan 121
switchport mode access
channel-protocol lacp
channel-group 1 mode active
!
interface FastEthernet0/34
switchport access vlan 121
switchport mode access
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet0/4
no switchport
ip address 10.66.95.254 255.255.255.0
!
interface Vlan1
no ip address
shutdown
!
interface Vlan120
ip address 192.168.120.254 255.255.255.0
ip pim sparse-dense-mode
!
interface Vlan121
ip address 192.168.121.254 255.255.255.0
!
interface Vlan122
ip address 192.168.122.254 255.255.255.0
!
interface Vlan123
ip address 192.168.123.254 255.255.255.0
!
interface Vlan124
ip address 192.168.124.254 255.255.255.0
!
interface Vlan125
ip address 192.168.125.254 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.66.95.194
ip http server
ip http secure-server
!
ip pim ssm default
!
ip sla enable reaction-alerts
!
end
Solved! Go to Solution.
08-13-2012 02:19 AM
Hi,
Can any of the VMs in vlan 124 ping 10.66.95.254 ?
Can you also provide the config from the router
Regards.
Alain
Don't forget to rate helpful posts.
08-13-2012 02:24 AM
Hi Trevor,
what you describe does not seem to be a switch issue.
Check first of all your default gateway routing (if it knows the route back to vlan 124) on 10.66.95.194.
If you have firewalls in between make sure they have the correct configuration.
Also, can the switch ping any address in the Internet sourcing from SVI 124 - 192.168.124.254?
Riccardo
08-13-2012 02:19 AM
Hi,
Can any of the VMs in vlan 124 ping 10.66.95.254 ?
Can you also provide the config from the router
Regards.
Alain
Don't forget to rate helpful posts.
08-13-2012 02:24 AM
Hi Trevor,
what you describe does not seem to be a switch issue.
Check first of all your default gateway routing (if it knows the route back to vlan 124) on 10.66.95.194.
If you have firewalls in between make sure they have the correct configuration.
Also, can the switch ping any address in the Internet sourcing from SVI 124 - 192.168.124.254?
Riccardo
08-13-2012 02:38 AM
Thank you gentlemen!
I forgot to go back to the basics.
Since the home router is Linksys and there's no routing protocol, I forgot that I had to manually add static routes for the earlier VLANs that I had setup.
After adding the static route for this VLAN, I am able to get out.
Best regards,
Trevor
08-13-2012 02:48 AM
sometime that happens...
this is what the forum can be useful for: help identify what has been overlooked.
Riccardo
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: