09-25-2019 10:52 PM
Hello,
I have two sites are connected together through fiber, OSPF is configured on both core switches, now the problem is; I have VLAN needs to configured on both sites
Site A: VLAN 10, SVI 10.10.10.1
Site B: VLAN 10, SVI 10.10.10.2
I can reach only one site although the VLAN has been allowed in the trunk between both sites.
Problem description;
From site A I can reach servers in site A (ex. 10.10.10.3) and from Site B i can reach (ex. 10.10.10.4) but from Site A i'm not able to reach 10.10.10.4 in site B, and even the SVI on site B is not reachable from Site A, now when i shutdown the SVI on Site A, Site B became reachable from Site A due to passing through OSPF as a L3 but site A became unreachable from Site B.
Any advice please?
09-26-2019 05:54 AM
09-27-2019 12:12 AM
Your configuration looks okay and I understand what you are trying to do.
What are the default gateway settings for servers in vlan 10 in both sites ?
When you say you cannot reach them where are you pinging from ?
Are there any acls etc. applied anywhere ?
Jon
09-27-2019 12:29 AM - edited 09-27-2019 12:32 AM
No ACLs are configured, as for the gateway of servers;
Servers in Site B 10.10.10.2
Servers in Site A 10.10.10.1
as for ping, when i'm trying to ping GW of site B from site A is not reachable and vise versa
09-27-2019 02:11 AM
Ping from where ie. the vlan 10 subnet as source IP or one of the other subnets.
Are all the subnets seen in OSPF routing tables on each site ?
Jon
09-27-2019 06:10 AM
Apologies if this is winding the clock back in the conversation - I've had this on a site where the link provided was suppressing any 802.1q traffic - so a single VLAN, no issue. Try a native VLAN plus a tagged one... only the native was passed.
So - is the intersite link Layer 2 or Layer 3?
If it's L2 - is it 802.1q capable? - if it's not 802.1q-capable, can you get the service provider to make it 802.1q-capable? If not then you might need to consider doing something esoteric & messy like use the L2 link to run a VPN tunnel over it and trunk everything within the VPN tunnel (or go to a supplier that can give you an 802.1q-capable link)
If it's a L3 link - I'd be tempted to run a P2P VPN tunnel over the link just so I could extend the layer 2 through it - but it's still messy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide