03-29-2016 12:08 PM - edited 03-08-2019 05:08 AM
Hi All,
We have 2 switches(voice switc) interconnected with few SVI( HSRP). Here what is the issue is we are unable to ping from different vlan hosts. We verified ip routing is enabled even we can ping from different SVI but not able communicate from different vlans. These switches are connected with core switches with running eigrp. What we noticed that those hosts are reachablefrom core switches or from outside ofnetworks so its rule out the degault gateway or ip routing issue. Could you please help me to find the issue.
Switch Model: 3560x
VSW1<------>VSW2
VSW1-----> Vlan 2 ( 192.168.10.2/24), Vlan 3 ( 192.168.100.2/24) --> Both r HSRP primary
VSW2----> Vlan 2 ( 192.168.10.3/24), Vlan 3 ( 192.168.100.3/24) --> Both r HSRP primary
host 192.168.10.10 not able to communicate to 192.168.20.100
Regards
Sanu
03-29-2016 01:15 PM
Have the switches got routing enabled?
ip routing
03-29-2016 01:16 PM
Does the default gateway on the hosts with the issues point to the HSRP address of the 3560 in the respective VLAN?
03-29-2016 10:19 PM
Just correcting ip from core switch.
Hi All,
I attached the diagram and out put results.
Issue is IP 192.168.10.10(vlan 301) not able to communicate to 192.168.20.100( vlan 210). Not a single Ip issue , any IP belongs to 192.168.10.0/24 except SVI interface vlan 210 and 301 not able to communicate.
VDM01#show ip int brie | ex una
Interface IP-Address OK? Method Status Protocol
Vlan210 192.168.20.3 YES NVRAM up up
Vlan214 165.43.107.3 YES NVRAM up up
Vlan301 192.168.10.2 YES NVRAM up up
VDM01#ping 192.168.20.100 sou 192.168.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.100, timeout is 2 seconds:
Packet sent with a source address of 192.168.10.2
.....
Success rate is 0 percent (0/5)
VDM01#ping 192.168.20.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.100, timeout is 2 seconds:
!.!.!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/6/16 ms
VDM01#show run int gi0/6
Building configuration...
Current configuration : 250 bytes
!
interface GigabitEthernet0/6
description MUMPT-IPSI-ACM-CTRL-A
switchport access vlan 210
switchport mode access
speed 100
duplex full
srr-queue bandwidth share 1 22 33 44
priority-queue out
mls qos vlan-based
spanning-tree portfast
end
VDM01#show run int vlan 210
Building configuration...
Current configuration : 277 bytes
!
interface Vlan210
description IPSI-A_192.168.20.0/24
ip address 192.168.20.3 255.255.255.0
no ip redirects
no ip proxy-arp
load-interval 30
standby 1 ip 192.168.20.1
standby 1 timers 1 3
standby 1 authentication baronet2
service-policy input VOICE.VLAN
end
VDM01#show policy-map
Policy Map VOICE.VLAN
Class VOICE.BEARER.ACCESS.LIST
trust dscp
service-policy PORT.VOICE.BEARER
Class VOICE.SETUP.ACCESS.LIST
trust dscp
Extended IP access list VOICE.BEARER.ACCESS.LIST
10 permit ip any any dscp ef
Extended IP access list VOICE.SETUP.ACCESS.LIST
10 permit ip any any dscp af31
20 permit ip any any dscp cs3
Its reachable from core switch9 (from core to vdm connecting through routing protocol).
cr01#ping 192.168.20.100 so 165.43.114.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.20.100, timeout is 2 seconds:
Packet sent with a source address of 165.43.114.3
!.!.!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/1/1 ms
Regards
Sanu
03-30-2016 06:59 AM
Firstly, it seems that whatever switch has the address 192.168.20.100 does not know how to reach vlan 301. It does not know how to route it, or it does not have vlan 301 configured in it.
It would be nice if you could give us the sh vlan br and sh int trunk in the 192.168.20.100 switch.
BR!
JC
03-30-2016 12:02 PM
Hi JC,
I will provide those soon. But I don't know why show int trunk required?
I noticed that no ip proxy-arp is not configured on vlan 301. Is it creat this type of problem?
Regard
Sanu
03-30-2016 02:56 PM
I wouldlike to know if vlan exists in its vlan database and if the trunk is permitting the vlans.
Regards!
JC
03-31-2016 12:42 PM
Hi JC,
Please find the details below.
VDM01#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
5 Switch_Mgmt_BB_Routing active
210 192.168.20.0/24 active Gi0/6, Gi0/7, Gi0/28
214 165.43.107.0/24 active
301 192.168.10.0/24 active
VDM01#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl210 1 100 Standby 192.168.20.3 local 192.168.20.1
Vl214 1 105 P Active local 165.43.107.2 165.43.107.1
Vl301 1 105 P Active local 192.168.10.3 192.168.10.1
VDM01#show int trunk
Port Mode Encapsulation Status Native vlan
Po1 on 802.1q trunking 1
Port Vlans allowed on trunk
Po1 1-4094
Port Vlans allowed and active in management domain
Po1 1,5,210,214,301
Port Vlans in spanning tree forwarding state and not pruned
Po1 1,5,210,214,301
VDM02#show vlan brie
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
5 Switch_Mgmt_BB_Routing active
210 192.168.20.0/24 active
214 165.43.107.0/24 active Gi0/5, Gi0/6, Gi0/28, Gi0/29
301 ACM-A_165.43.107.144/29 active Gi0/21
VDM02#show standby brief
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl210 1 105 P Active local 192.168.20.3 192.168.20.1
Vl214 1 100 Standby 165.43.107.3 local 165.43.107.1
Vl301 1 100 Standby 192.168.10.2 local 192.168.10.1
VDM02#show int trunk
Port Mode Encapsulation Status Native vlan
Po1 on 802.1q trunking 1
Port Vlans allowed on trunk
Po1 1-4094
Port Vlans allowed and active in management domain
Po1 1,5,210,214,301
Port Vlans in spanning tree forwarding state and not pruned
Po1 1,5,210,214,301
Regards
Sanu
03-29-2016 01:17 PM
Hello Sanoop,
I do not see any SVI in the 192.168.20.0 range so, if you are using SVIs as gateway the you will need a way to reach 20.0 segment in your switch i.e. creating a SVI of a vlan for that segment.
Best Regards!
JC
03-29-2016 01:30 PM
Hi,
What default Gateway is configured on hosts on Subnet 192.168.10.0/24?
Does this Default Gateway know the Subnet of 192.168.20.0/24?
Take a look at the output from show ip route on the Gateway for 192.168.10.0/24, then the same for other Subnet 192.168.20.0/24 does this Gateway know the way back?
If there is no route for these subnets all packets will redirectet to routers default route, then i think EIGRP isn´t configured corect.
For more information post a show run output of the devices.
Regards
Marco
03-29-2016 02:18 PM
Hello
Bit hard to Ts without understanding your topology but if you can ping from the core to any vlan but not from between vlans then it would seem to point the intervlan -routing!
Can you ping from the core switch sourcing from another l3 SVi on the same core switch? if not what does you arp cache show?
Do you have PVLANs or ip routing enabled on any access switches when not applicable, when a default-gateway should be defined
On your L3 svi do you have the correct subnet range for that vlan or any Racls applied
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide