Joh

Correct this is an L2 switch and the L3 routing is comming from my core stack. From my other 3560's the ip default-gateway is not set and it routes correctly, so I thought i did not have to add it. How is it possible that the other switches router without the gateway harcoded?  Thanks

From my core these are the interface vlan gateways:

interface Vlan224

ip address 10.23.224.5 255.255.255.0

ip helper-address 10.23.224.24

interface Vlan229

ip address 10.23.229.5 255.255.255.0

ip helper-address 10.23.224.24

ip route 0.0.0.0 0.0.0.0 10.23.224.1

Jon,

  This is the 3560 I copied the config  for the 4948 and did the sh ip route as shown below and it seems empty but I am able to ping the SAN gateway 10.23.229.5 and it is reacheable from the outside. My two issues remain in the 4948 I am not able to ping the SAN gateway and I cant reach it out of the LAN. I added the defaulr gateway and still no luck out of the LAN.

I attached the copy of 3560 i copied from so

3560 below

sw#sh ip route

Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface

ICMP redirect cache is empty

sw#ping 10.23.229.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.23.229.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

sw#ping 10.23.224.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.23.224.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

sw#

3560 configuration:

Current configuration : 16924 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname myname

!

enable password 7 012339255658145E224D

!

username admin privilege 15

username goc privilege 15 secret 5 $1$GSJY$PT.qhBRRkCV4BQHXz/iez1

aaa new-model

!

aaa session-id common

system mtu routing 1500

vtp mode transparent

ip subnet-zero

!

!

mls qos map cos-dscp 0 8 16 26 32 46 48 56

mls qos srr-queue input bandwidth 90 10

mls qos srr-queue input threshold 1 8 16

mls qos srr-queue input threshold 2 34 66

mls qos srr-queue input buffers 67 33

mls qos srr-queue input cos-map queue 1 threshold 2  1

mls qos srr-queue input cos-map queue 1 threshold 3  0

mls qos srr-queue input cos-map queue 2 threshold 1  2

mls qos srr-queue input cos-map queue 2 threshold 2  4 6 7

mls qos srr-queue input cos-map queue 2 threshold 3  3 5

mls qos srr-queue input dscp-map queue 1 threshold 2  9 10 11 12 13 14 15

mls qos srr-queue input dscp-map queue 1 threshold 3  0 1 2 3 4 5 6 7

mls qos srr-queue input dscp-map queue 1 threshold 3  32

mls qos srr-queue input dscp-map queue 2 threshold 1  16 17 18 19 20 21 22 23

mls qos srr-queue input dscp-map queue 2 threshold 2  33 34 35 36 37 38 39 48

mls qos srr-queue input dscp-map queue 2 threshold 2  49 50 51 52 53 54 55 56

mls qos srr-queue input dscp-map queue 2 threshold 2  57 58 59 60 61 62 63

mls qos srr-queue input dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31

mls qos srr-queue input dscp-map queue 2 threshold 3  40 41 42 43 44 45 46 47

mls qos srr-queue output cos-map queue 1 threshold 3  5

mls qos srr-queue output cos-map queue 2 threshold 3  3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3  2 4

mls qos srr-queue output cos-map queue 4 threshold 2  1

mls qos srr-queue output cos-map queue 4 threshold 3  0

mls qos srr-queue output dscp-map queue 1 threshold 3  40 41 42 43 44 45 46 47

mls qos srr-queue output dscp-map queue 2 threshold 3  24 25 26 27 28 29 30 31

mls qos srr-queue output dscp-map queue 2 threshold 3  48 49 50 51 52 53 54 55

mls qos srr-queue output dscp-map queue 2 threshold 3  56 57 58 59 60 61 62 63

mls qos srr-queue output dscp-map queue 3 threshold 3  16 17 18 19 20 21 22 23

mls qos srr-queue output dscp-map queue 3 threshold 3  32 33 34 35 36 37 38 39

mls qos srr-queue output dscp-map queue 4 threshold 1  8

mls qos srr-queue output dscp-map queue 4 threshold 2  9 10 11 12 13 14 15

mls qos srr-queue output dscp-map queue 4 threshold 3  0 1 2 3 4 5 6 7

mls qos queue-set output 1 threshold 1 138 138 92 138

mls qos queue-set output 1 threshold 2 138 138 92 400

mls qos queue-set output 1 threshold 3 36 77 100 318

mls qos queue-set output 1 threshold 4 20 50 67 400

mls qos queue-set output 2 threshold 1 149 149 100 149

mls qos queue-set output 2 threshold 2 118 118 100 235

mls qos queue-set output 2 threshold 3 41 68 100 272

mls qos queue-set output 2 threshold 4 42 72 100 242

mls qos queue-set output 1 buffers 10 10 26 54

mls qos queue-set output 2 buffers 16 6 17 61

mls qos

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 224-226,228

!

!

interface FastEthernet0/48

description uplink to Core Stack

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape  10  0  0  0

priority-queue out

mls qos trust cos

auto qos voip trust

interface Vlan1

no ip address

!

interface Vlan224

ip address 10.23.224.4 255.255.255.0

!

ip classless

ip http server

ip http authentication aaa login-authentication default

ip http authentication aaa exec-authorization default

!

1646

!

control-plane

!

!

line con 0

line vty 0 4

password 7 012339255658145E224D

length 0

line vty 5

password 7 113926241A41195D072B

line vty 6 15

!

end

Aaron

From one your earlier posts -

From my core these are the interface vlan gateways:

interface Vlan224

ip address 10.23.224.5 255.255.255.0

ip helper-address 10.23.224.24

interface Vlan229

ip address 10.23.229.5 255.255.255.0

ip helper-address 10.23.224.24

ip route 0.0.0.0 0.0.0.0 10.23.224.1

what is 10.23.224.1 ie. what device  ?

what device(s) are the core switches ?

can you from a 3560 do a traceroute to a remote LAN and post the results

can you from the 4948 do a traceroute to the same remote LAN and post the results

Finally i recently was involved in a thread about a new 4500-X switch that was also only L2 but did not use it's default gateway. The documentation was rather vague as to when you would need a default route instead of a default gateway. The 4948 shares the same IOS as the 4500s (or it did) so, although i am not a big fan of just making changes for changes sake it might be worth trying to replace the default gateway on the 4948 with a default route pointing to the same IP address.

Perhaps try the traceroute from the 4948 first though before you try adding the default route.

Jon

Thanks much and yes this ios is quite different the rest of the 3560's. Below are my asnwers

what is 10.23.224.1 ie. what device ? This IP address is the AT&T routers converted locally into 10.23.224.5

what device(s) are the core switches ? 2x 48port 3750 Stack

Can you from a 3560 do a traceroute to a remote LAN and post the results?

USBLRLS001#ping 10.23.232.253

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.23.232.253, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 42/43/50 ms

USBLRLS001#trace

USBLRLS001#traceroute 10.23.232.253

Type escape sequence to abort.

Tracing the route to 10.23.232.253

  1 10.23.224.2 0 msec 0 msec 0 msec This is one of the dual AT&T routers in EIGRP  mode set as default gt 10.23.224.1

  2 32.3.178.133 17 msec 25 msec 17 msec

  3 32.3.174.74 42 msec *  *

can you from the 4948 do a traceroute to the same remote LAN and post the results

USBLRLS008>ping 10.23.232.253

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.23.232.253, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

USBLRLS008>tra

USBLRLS008>traceroute 10.23.232.253

Type escape sequence to abort.

Tracing the route to 10.23.232.253

  1  *  *  *

  2  *  *  *

  3  *  *  *

  4  *  *  *

  5  *  *  *

  6  *  *  *

  7  *  *  *

  8  *  *  *

Aaron

Thanks for that. When a host  has no defaut gateway (and a L2 switch acts as a host in respect of it's management interface) it arps out for every destination IP. I suspect there may be some form of proxy arp going on with the AT&T routers.

The 4948, as i mentioned my well not be using it's default gateway ie. it is not acting like a host so can you add the default route and retest.

Jon

I removed the previously hardcoded gateway on the 4948 abd added  the ip router as suggested and I am now both of my problems were resolved. Althought the other switches did not require the iproute or gateway I found out all of these switches have a comand "Ip Classless" which I am not able to set in the 4948. Just a thought maybe it is not related at all.

Thanks for all the help.

Aaron

Thanks for letting me know. The documentation on the 4500/4900 switches in terms of when to use a default gateway vs a default route is, as i say, very vague so it was worth a try and it's good to know it worked.

I don't think it is ip classless as i suspect the 4948 is running that anyway ie. you can't turn it off.

What i would say though is i still think your other switches may be working via proxy arp so bear that in mind if you ever decide you want to turn it off or you replace one of the AT&T routers.

Jon