cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3971
Views
5
Helpful
9
Replies

Default VLAN routing

RussMcIntire
Level 1
Level 1

I am setting up a Cisco LAB (to closely mirror our production) with a 2 catalyst 2960's, 1 3750, and 1 SG350-52. I have set all 4 up for inter VLAN routing and it seems to be working well for the most part. In my test LAB, here is what I have:

VLAN1 192.168.0.1 255.255.0.0 (This is also our production VLAN)

VLAN100 10.1.1.0/24

VLAN200 10.1.2.0/24

VLAN300 10.1.3.0/24

With a test machine connected to each VLAN, I can ping any machine in VLAN100, 200, and 300 but nothing in or out of VLAN1.

 

When I run a "show interfaces trunk" command on each switch, I receive the following output on each switch:

Port            Mode     Encapsulation Status    Native vlan
Fa1/0/47      on          802.1q trunking                 1

 

Port Vlans allowed and active in management domain
Fa1/0/47 1,100,200,300

Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/47 1,100,200,300

 

I am sure there is probably a simple answer but I am fairly new at this and can't figure out my I can't do intervlan routing from the default VLAN

 

I can provide more info if needed and any advice would be greatly appreciated.

 

1 Accepted Solution

Accepted Solutions

The IPs need to be different for each switch. Take a look at this example for 3750 and 2960

3750

interface Vlan1
 ip address 192.168.10.1 255.255.0.0
!
interface Vlan100
 ip address 10.1.1.1 255.255.255.0
!
interface Vlan200
 ip address 10.1.2.1 255.255.255.0
!
interface Vlan300
 ip address 10.1.3.1 255.255.255.0

2960

interface Vlan1
 ip address 192.168.10.2 255.255.0.0
!
interface Vlan100
 ip address 10.1.1.2 255.255.255.0
!
interface Vlan200
 ip address 10.1.2.2 255.255.255.0
!
interface Vlan300
 ip address 10.1.3.2 255.255.255.0

Also, on both switches most of the ports are assigned to vlan 100, 200, and 300.  So, the ports that don't have any vlan assign to them are by default in vlan 1. So, if you want to test connectivity to vlan 1, you need to connect your PC/laptop to one of the ports that does not have any vlan e.g 1/0/37, 1/0/38, etc...

HTH

View solution in original post

9 Replies 9

Reza Sharifi
Hall of Fame
Hall of Fame

What switch is performing vlan routing? Can you post the output of "sh run" from the 3750 and 2960 switches?

HTH

All switches will need to perform VLAN routing due to how our network is spread out.

 

the config's are attached. I edited them to remove any sensitive info...

Hi @RussMcIntire 

 

In the images, both switches have the same ip in the vlan interfaces. That's right? You could try assigning a different ip to each swirch, within the same vlan network 1

 

Regards

So if I understand you correctly, the IP for the VLAN 1 interface should be different between all switches? If that is so, why not 100, 200, and 300?

The IPs need to be different for each switch. Take a look at this example for 3750 and 2960

3750

interface Vlan1
 ip address 192.168.10.1 255.255.0.0
!
interface Vlan100
 ip address 10.1.1.1 255.255.255.0
!
interface Vlan200
 ip address 10.1.2.1 255.255.255.0
!
interface Vlan300
 ip address 10.1.3.1 255.255.255.0

2960

interface Vlan1
 ip address 192.168.10.2 255.255.0.0
!
interface Vlan100
 ip address 10.1.1.2 255.255.255.0
!
interface Vlan200
 ip address 10.1.2.2 255.255.255.0
!
interface Vlan300
 ip address 10.1.3.2 255.255.255.0

Also, on both switches most of the ports are assigned to vlan 100, 200, and 300.  So, the ports that don't have any vlan assign to them are by default in vlan 1. So, if you want to test connectivity to vlan 1, you need to connect your PC/laptop to one of the ports that does not have any vlan e.g 1/0/37, 1/0/38, etc...

HTH

Hi @RussMcIntire 

 

I could assume that the connectivity tests between the 100,200 and 300 vlan do it between the PCs. In those cases, the destination ip is that of the pc, so that ip is not repeated.
I also suppose that the connectivity with vlan 1 you do it to the ip of the switches, and that is where there is an error, because more than one device has the same ip. As @Reza Sharifi indicates, what is recommended is that each device had a different ip.

 

Regards

At this point, with the interface IP's the same on all the switches, traffic still routes for all VLAN's except VLAN 1. Per your information, that makes sense the interface IP's should be different on each switch. I can change the IP addresses of the interfaces tomorrow. I guess I am still not understanding why VLAN 1 does not route although it is set up like the rest of the VLAN's.

 

Thoughts?

Hi @RussMcIntire 

 

Queries:

When you test connectivity between 100,200 and 300 vlan, do you point the IP of the PC?

When you test connectivity with vlan 1, do you do it to the ip of the switches?

If two devices have the same ip, when pinging, which device will the ping respond to?

 

According to my theory, the connectivity is successful in the vlans because the tests are performed with PCs, but the connectivity with vlan 1 is not successful because you occupy only the switches.

 

You could do this test: Assign a port of each switch to vlan 1. Connect a PC to each port, assign IPs and test connectivity.

 

Regards

 

 

RussMcIntire
Level 1
Level 1

I apologize for the extremely late reply. I replied before but apparently it did not submit.

It seems my issue was an incorrect gateway on my clients on VLAN 1. Once I corrected it, all traffic on VLAN 1 started to flow as it should.

 

Reza gave me a push in the right direction in changing the VLAN interface IP's for each switch.

 

I really want to thank everyone for the help. I will mark all answers that were helpful and if I miss someone, let me know.

 

Thanks.