Solved: Home Lab: Hosts on same switch cannot ping each other

Ebbi · ‎12-13-2021

Hello there,

I'm starting to study for my CCNA and I'm working towards building a small home lab to practice (in addition to using packet tracer).

I just got an old ME 3400 ts 24 and I wanted to play a bit with it while I'm in the market for another switch and at least one router.
But as I connect 2 PC's to it they cannot ping each other. They have both static set IP's ( 192.168.2.181/24 and 192.168.2.69/24 ) on the same subnet. The same is true for VLAN 1 in the switch ( 192.168.2.123/24 ).
Oh and they cannot ping the switch VLAN 1 address too or pinged by the switch.

Both PC's and the switch's ARP tables have a valid entry for the other two.
The same is valid for the switch MAC table.

The two PC's can correctly ping each other when connected to a simple unmanaged switch (same IPv4 settings and no other devices connected to it).

Some shows from the switch:

Switch#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gi0/1, Gi0/2
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 tr    101003     1500  -      -      -        -    -        0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trnet 101005     1500  -      -      -        ibm  -        0      0

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------


VLAN Type              Ports
---- ----------------- -------------------------------------------------------

Switch#show ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  192.168.2.123   YES manual up                    up
FastEthernet0/1        unassigned      YES unset  up                    up
FastEthernet0/2        unassigned      YES unset  down                  down
FastEthernet0/3        unassigned      YES unset  down                  down
FastEthernet0/4        unassigned      YES unset  down                  down
FastEthernet0/5        unassigned      YES unset  down                  down
FastEthernet0/6        unassigned      YES unset  down                  down
FastEthernet0/7        unassigned      YES unset  down                  down
FastEthernet0/8        unassigned      YES unset  down                  down
FastEthernet0/9        unassigned      YES unset  down                  down
FastEthernet0/10       unassigned      YES unset  down                  down
FastEthernet0/11       unassigned      YES unset  down                  down
FastEthernet0/12       unassigned      YES unset  down                  down
FastEthernet0/13       unassigned      YES unset  down                  down
FastEthernet0/14       unassigned      YES unset  down                  down
FastEthernet0/15       unassigned      YES unset  down                  down
FastEthernet0/16       unassigned      YES unset  down                  down
FastEthernet0/17       unassigned      YES unset  administratively down down
FastEthernet0/18       unassigned      YES unset  administratively down down
FastEthernet0/19       unassigned      YES unset  administratively down down
FastEthernet0/20       unassigned      YES unset  administratively down down
FastEthernet0/21       unassigned      YES unset  administratively down down
FastEthernet0/22       unassigned      YES unset  administratively down down
FastEthernet0/23       unassigned      YES unset  administratively down down
FastEthernet0/24       unassigned      YES unset  administratively down down
GigabitEthernet0/1     unassigned      YES unset  down                  down
GigabitEthernet0/2     unassigned      YES unset  down                  down

(only one pc connected on the switch during this show ip interfaces, cause I'm using the other one to post this )

Switch#show run
Building configuration...

Current configuration : 3068 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
!
!
!
crypto pki trustpoint TP-self-signed-1319633920
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1319633920
 revocation-check none
 rsakeypair TP-self-signed-1319633920
!
!
crypto pki certificate chain TP-self-signed-1319633920
 certificate self-signed 01
  3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 etc
  quit
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
 shutdown
!
interface FastEthernet0/18
 shutdown
!
interface FastEthernet0/19
 shutdown
!
interface FastEthernet0/20
 shutdown
!
interface FastEthernet0/21
 shutdown
!
interface FastEthernet0/22
 shutdown
!
interface FastEthernet0/23
 shutdown
!
interface FastEthernet0/24
 shutdown
!
interface GigabitEthernet0/1
 port-type nni
!
interface GigabitEthernet0/2
 port-type nni
!
interface Vlan1
 ip address 192.168.2.123 255.255.255.0
 no ip route-cache
!
no ip http server
ip http secure-server
ip sla enable reaction-alerts
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

I already did a format on flash: and reflashed ios with no results.
Any help really appreciated, since this early road block is really putting me down.

Richard Burts · ‎12-14-2021

The suggestion by @mlund that the ME3400 might be configured differently motivated me to look for documentation about this switch. It turns out that the ME3400 is quite different from the Catalyst switches that most of us are famiiiar with. I found this statement " If it is appropriate for two or more UNIs or ENIs to exchange traffic within the switch, the UNIs and ENIs can be assigned to a community VLAN." The essential part of this seems to be

 To change a VLAN from UNI-ENI isolated VLAN to a private VLAN, enter the private-vlan VLAN configuration command.

See this link for more details

https://www.cisco.com/c/en/us/td/docs/switches/metro/me3400e/software/release/12-2_60_ez/configuration/guide/ME3400e_scg/swvlan.html#66168

HTH

Rick

View solution in original post

Martin L · ‎12-13-2021

Check firewall on PCs? I know strange but check it anyway; what about cables, what do u use? not crossover?

how old is switch and does show any errors during booting process?

Regards, ML
**Please Rate All Helpful Responses **

Richard Burts · ‎12-13-2021

It might be helpful if you would post the output of show interface status from the switch. Also can you tell us which interfaces the PCs are connected on?

HTH

Rick

Ebbi · ‎12-14-2021

The PC's are connected to Fa0/1 and Fa0/3:

Switch#show interfaces stat
Vlan1
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor        204      18809          1         64
             Route cache          0          0          0          0
                   Total        204      18809          1         64
FastEthernet0/1
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0         14        896
             Route cache          0          0          0          0
                   Total          0          0         14        896
FastEthernet0/2
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0          0          0
             Route cache          0          0          0          0
                   Total          0          0          0          0
FastEthernet0/3
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0         11        704
             Route cache          0          0          0          0
                   Total          0          0         11        704
Interface FastEthernet0/4 is disabled

Interface FastEthernet0/5 is disabled

Interface FastEthernet0/6 is disabled

Interface FastEthernet0/7 is disabled

Interface FastEthernet0/8 is disabled

Interface FastEthernet0/9 is disabled

Interface FastEthernet0/10 is disabled

Interface FastEthernet0/11 is disabled

Interface FastEthernet0/12 is disabled

Interface FastEthernet0/13 is disabled

Interface FastEthernet0/14 is disabled

Interface FastEthernet0/15 is disabled

Interface FastEthernet0/16 is disabled

Interface FastEthernet0/17 is disabled

Interface FastEthernet0/18 is disabled

Interface FastEthernet0/19 is disabled

Interface FastEthernet0/20 is disabled

Interface FastEthernet0/21 is disabled

Interface FastEthernet0/22 is disabled

Interface FastEthernet0/23 is disabled

Interface FastEthernet0/24 is disabled

GigabitEthernet0/1
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0          0          0
             Route cache          0          0          0          0
                   Total          0          0          0          0
GigabitEthernet0/2
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0          0          0
             Route cache          0          0          0          0
                   Total          0          0          0          0

ARP table on the switch:

Switch#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.2.123           -   34a8.4ea8.0440  ARPA   Vlan1
Internet  192.168.2.69            0   00e0.4c30.ef32  ARPA   Vlan1
Internet  127.0.0.20              -   34a8.4ea8.0400  SNAP   Virtual1
Internet  192.168.2.181           0   305a.3a02.7cfd  ARPA   Vlan1

Ebbi · ‎12-14-2021

No it's not strange at all since afaik Windows on an unidentified network shouldn't be answering pings.
Anyway one pc is on Linux and Windows' one is set to allow and respond to pings on every network.

Ping correctly works on both machines when connected to a small unmanaged switch (same configuration with same static IP addresses due to no DHCP).

Neither PC can even ping the vlan 1 address I set on the switch, but ARP tables are correct on both the 2 PC's and the Cisco switch.

The Cisco switch was manufactured in 2012 and it runs iOS 12.2.
During boot it passes all the tests and I see no issues.

Georg Pauwen · ‎12-14-2021

Hello,

have you tried the GigabitEthernet ports as well ? What is the output of:

sh interfaces x

where 'x' is the interface the PC is connected to ?

Ebbi · ‎12-14-2021

The GigabitEthernet interfaces need SFP adapters. Sadly I don't own any atm.

Here's the 2 interfaces with the PC's connected plus arp and mac tables:

Switch#show interfaces fa0/1
FastEthernet0/1 is up, line protocol is up (connected)
  Hardware is Fast Ethernet, address is 34a8.4ea8.0403 (bia 34a8.4ea8.0403)
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, media type is 10/100BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     423 packets input, 42872 bytes, 0 no buffer
     Received 61 broadcasts (40 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 40 multicast, 0 pause input
     0 input packets with dribble condition detected
     69 packets output, 4686 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out
Switch#
Switch#show interfaces fa0/3
FastEthernet0/3 is up, line protocol is up (connected)
  Hardware is Fast Ethernet, address is 34a8.4ea8.0405 (bia 34a8.4ea8.0405)
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, media type is 10/100BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 00:00:04, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     866 packets input, 143337 bytes, 0 no buffer
     Received 862 broadcasts (593 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 593 multicast, 0 pause input
     0 input packets with dribble condition detected
     17 packets output, 1088 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 PAUSE output
     0 output buffer failures, 0 output buffers swapped out
     
Switch#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.2.123           -   34a8.4ea8.0440  ARPA   Vlan1
Internet  192.168.2.69            0   00e0.4c30.ef32  ARPA   Vlan1
Internet  127.0.0.20              -   34a8.4ea8.0400  SNAP   Virtual1
Internet  192.168.2.181           0   305a.3a02.7cfd  ARPA   Vlan1

     
 Switch#show mac address-table dynamic
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    00e0.4c30.ef32    DYNAMIC     Fa0/1
   1    305a.3a02.7cfd    DYNAMIC     Fa0/3
Total Mac Addresses for this criterion: 2

mlund · ‎12-14-2021

Hi

I'm not sure, but isn't me3400 configured with service instances. something like this

remove ip from int vl 1 first, then configure

bridge-domain 1

interf fa0/1

service instance 1 ethernet

encapsulation untagged

bridge-domain 1

exit

interface bdi 1

ip address 192.168.2.123 255.255.255.0

no shut

/Mikael

Richard Burts · ‎12-14-2021

The suggestion by @mlund that the ME3400 might be configured differently motivated me to look for documentation about this switch. It turns out that the ME3400 is quite different from the Catalyst switches that most of us are famiiiar with. I found this statement " If it is appropriate for two or more UNIs or ENIs to exchange traffic within the switch, the UNIs and ENIs can be assigned to a community VLAN." The essential part of this seems to be

 To change a VLAN from UNI-ENI isolated VLAN to a private VLAN, enter the private-vlan VLAN configuration command.

See this link for more details

https://www.cisco.com/c/en/us/td/docs/switches/metro/me3400e/software/release/12-2_60_ez/configuration/guide/ME3400e_scg/swvlan.html#66168

HTH

Rick

Ebbi · ‎12-15-2021

Dang that was it!!

Thank you everybody especially @Richard Burts and @mlund
VLAN 1 is not configurable as UNI-ENI community (learned today of their existence) so I just had to create a new VLAN and set it as community, following the documentation you posted, and assign my ports to it.

Lesson here I guess is to double check before getting a cheap used Cisco switch on Ebay and that it doesn't do much more than you need and maybe check its documentation

Georg Pauwen · ‎12-15-2021

@Richard Burts @mlund Great find !

Richard Burts · ‎12-15-2021

This has been an interesting discussion. The ME switches (Metro Ethernet) were designed for a different environment than the Catalyst (or Nexus, etc) switches that we are used to dealing with. They were intended to facilitate multiple customers connecting to provider network. And in that context they act very differently and perhaps it makes sense that by default they would not support switch interface to switch interface communication. @Ebbi makes a very good point that when we use eBay or similar sources to purchase equipment that we should be careful and be sure that we understand what we are getting.

Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick

John22 · ‎07-19-2023

Had to turn of public network firewall in firewall & network protection.

Joseph W. Doherty · ‎07-19-2023

"Had to turn of public network firewall in firewall & network protection."

You meant?

"Had to turn off public network firewall in firewall & network protection."

Hosts running Windows?

John22 · ‎07-20-2023

Yes