10-03-2019 12:18 PM
I am setting up a Cisco LAB (to closely mirror our production) with a 2 catalyst 2960's, 1 3750, and 1 SG350-52. I have set all 4 up for inter VLAN routing and it seems to be working well for the most part. In my test LAB, here is what I have:
VLAN1 192.168.0.1 255.255.0.0 (This is also our production VLAN)
VLAN100 10.1.1.0/24
VLAN200 10.1.2.0/24
VLAN300 10.1.3.0/24
With a test machine connected to each VLAN, I can ping any machine in VLAN100, 200, and 300 but nothing in or out of VLAN1.
When I run a "show interfaces trunk" command on each switch, I receive the following output on each switch:
Port Mode Encapsulation Status Native vlan
Fa1/0/47 on 802.1q trunking 1
Port Vlans allowed and active in management domain
Fa1/0/47 1,100,200,300
Port Vlans in spanning tree forwarding state and not pruned
Fa1/0/47 1,100,200,300
I am sure there is probably a simple answer but I am fairly new at this and can't figure out my I can't do intervlan routing from the default VLAN
I can provide more info if needed and any advice would be greatly appreciated.
Solved! Go to Solution.
10-03-2019 03:42 PM
The IPs need to be different for each switch. Take a look at this example for 3750 and 2960
3750
interface Vlan1
ip address 192.168.10.1 255.255.0.0
!
interface Vlan100
ip address 10.1.1.1 255.255.255.0
!
interface Vlan200
ip address 10.1.2.1 255.255.255.0
!
interface Vlan300
ip address 10.1.3.1 255.255.255.0
2960
interface Vlan1
ip address 192.168.10.2 255.255.0.0
!
interface Vlan100
ip address 10.1.1.2 255.255.255.0
!
interface Vlan200
ip address 10.1.2.2 255.255.255.0
!
interface Vlan300
ip address 10.1.3.2 255.255.255.0
Also, on both switches most of the ports are assigned to vlan 100, 200, and 300. So, the ports that don't have any vlan assign to them are by default in vlan 1. So, if you want to test connectivity to vlan 1, you need to connect your PC/laptop to one of the ports that does not have any vlan e.g 1/0/37, 1/0/38, etc...
HTH
10-03-2019 12:36 PM
What switch is performing vlan routing? Can you post the output of "sh run" from the 3750 and 2960 switches?
HTH
10-03-2019 01:06 PM - edited 10-03-2019 01:10 PM
10-03-2019 01:24 PM
In the images, both switches have the same ip in the vlan interfaces. That's right? You could try assigning a different ip to each swirch, within the same vlan network 1
Regards
10-03-2019 02:05 PM
So if I understand you correctly, the IP for the VLAN 1 interface should be different between all switches? If that is so, why not 100, 200, and 300?
10-03-2019 03:42 PM
The IPs need to be different for each switch. Take a look at this example for 3750 and 2960
3750
interface Vlan1
ip address 192.168.10.1 255.255.0.0
!
interface Vlan100
ip address 10.1.1.1 255.255.255.0
!
interface Vlan200
ip address 10.1.2.1 255.255.255.0
!
interface Vlan300
ip address 10.1.3.1 255.255.255.0
2960
interface Vlan1
ip address 192.168.10.2 255.255.0.0
!
interface Vlan100
ip address 10.1.1.2 255.255.255.0
!
interface Vlan200
ip address 10.1.2.2 255.255.255.0
!
interface Vlan300
ip address 10.1.3.2 255.255.255.0
Also, on both switches most of the ports are assigned to vlan 100, 200, and 300. So, the ports that don't have any vlan assign to them are by default in vlan 1. So, if you want to test connectivity to vlan 1, you need to connect your PC/laptop to one of the ports that does not have any vlan e.g 1/0/37, 1/0/38, etc...
HTH
10-03-2019 03:51 PM
I could assume that the connectivity tests between the 100,200 and 300 vlan do it between the PCs. In those cases, the destination ip is that of the pc, so that ip is not repeated.
I also suppose that the connectivity with vlan 1 you do it to the ip of the switches, and that is where there is an error, because more than one device has the same ip. As @Reza Sharifi indicates, what is recommended is that each device had a different ip.
Regards
10-03-2019 05:28 PM - edited 10-03-2019 05:29 PM
At this point, with the interface IP's the same on all the switches, traffic still routes for all VLAN's except VLAN 1. Per your information, that makes sense the interface IP's should be different on each switch. I can change the IP addresses of the interfaces tomorrow. I guess I am still not understanding why VLAN 1 does not route although it is set up like the rest of the VLAN's.
Thoughts?
10-03-2019 06:10 PM
Queries:
When you test connectivity between 100,200 and 300 vlan, do you point the IP of the PC?
When you test connectivity with vlan 1, do you do it to the ip of the switches?
If two devices have the same ip, when pinging, which device will the ping respond to?
According to my theory, the connectivity is successful in the vlans because the tests are performed with PCs, but the connectivity with vlan 1 is not successful because you occupy only the switches.
You could do this test: Assign a port of each switch to vlan 1. Connect a PC to each port, assign IPs and test connectivity.
Regards
01-27-2020 10:27 AM - edited 01-27-2020 10:30 AM
I apologize for the extremely late reply. I replied before but apparently it did not submit.
It seems my issue was an incorrect gateway on my clients on VLAN 1. Once I corrected it, all traffic on VLAN 1 started to flow as it should.
Reza gave me a push in the right direction in changing the VLAN interface IP's for each switch.
I really want to thank everyone for the help. I will mark all answers that were helpful and if I miss someone, let me know.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide