If it was partially working

dbuckley77 · ‎04-19-2016

We had an issue where an inter vlan data transfer crashed the network.

Our rotuing is being done on a pair of 4506s which serve as our core with a mix of HSRP and VRRP.

We initiated a data transfer from a host on vlan 110 (subnet 10.100.110.0/24) to vlan 7 (subnet 10.100.7.0/24). We thinkit may be a routing issue so I have pasted the vlan interfaces and routing table below.

interface Vlan110
ip address 10.100.110.253 255.255.255.0
ip helper-address 10.100.5.50
standby 0 ip 10.100.110.1
standby 0 timers msec 250 msec 750
standby 0 preempt
end

CH-CORE-4506-01#sh run int vlan 7
Building configuration...

Current configuration : 176 bytes
!
interface Vlan7
ip address 10.100.7.253 255.255.255.0
shutdown
standby 0 ip 10.100.7.1
standby 0 timers msec 250 msec 750
standby 0 priority 110
standby 0 preempt
end

CH-CORE-4506-01#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.100.250.2 to network 0.0.0.0

O E2 172.16.0.0/16 [80/75] via 10.100.120.5, 6w4d, Vlan120
O E2 192.168.200.0/24 [80/100] via 10.100.250.254, 6w4d, Vlan250
                      [80/100] via 10.100.120.3, 6w4d, Vlan120
                      [80/100] via 10.100.9.254, 6w4d, Vlan9
     10.0.0.0/8 is variably subnetted, 36 subnets, 4 masks
C       10.100.110.0/24 is directly connected, Vlan110
C       10.100.111.0/24 is directly connected, Vlan111
C       10.100.108.0/24 is directly connected, Vlan108
C       10.100.109.0/24 is directly connected, Vlan109
C       10.100.107.0/24 is directly connected, Vlan107
C       10.100.104.0/24 is directly connected, Vlan104
O E2    10.0.0.0/10 [80/100] via 10.100.250.254, 6w4d, Vlan250
                    [80/100] via 10.100.120.3, 6w4d, Vlan120
                    [80/100] via 10.100.9.254, 6w4d, Vlan9
C       10.100.120.0/24 is directly connected, Vlan120
O       10.100.114.0/24 [80/2] via 10.100.9.6, 7w0d, Vlan9
                        [80/2] via 10.100.9.5, 7w0d, Vlan9
O       10.100.112.0/24 [80/2] via 10.100.9.6, 7w0d, Vlan9
                        [80/2] via 10.100.9.5, 7w0d, Vlan9
O       10.100.113.0/24 [80/2] via 10.100.9.6, 7w0d, Vlan9
                        [80/2] via 10.100.9.5, 7w0d, Vlan9
C       10.100.95.0/26 is directly connected, Vlan95
C       10.100.34.0/24 is directly connected, Vlan34
C       10.100.32.0/24 is directly connected, Vlan32
C       10.100.33.0/24 is directly connected, Vlan33
O       10.100.1.12/30 [80/2] via 10.100.250.254, 7w0d, Vlan250
                       [80/2] via 10.100.120.3, 7w0d, Vlan120
                       [80/2] via 10.100.9.254, 7w0d, Vlan9
C       10.100.10.0/24 is directly connected, Vlan10
C       10.100.9.0/24 is directly connected, Vlan9
C       10.100.1.8/30 is directly connected, GigabitEthernet6/9
C       10.100.6.0/24 is directly connected, Vlan6
O       10.100.7.0/24 [80/41] via 10.100.1.9, 7w0d, GigabitEthernet6/9
O IA    10.99.0.0/24 [80/11] via 10.100.250.2, 6w4d, Vlan250
C       10.100.4.0/24 is directly connected, Vlan4
O IA    10.98.2.0/24 [80/21] via 10.100.250.2, 6w4d, Vlan250
C       10.100.5.0/24 is directly connected, Vlan5
O       10.99.2.0/26 [80/11] via 10.100.120.5, 7w0d, Vlan120
O IA    10.98.3.0/24 [80/21] via 10.100.250.2, 6w4d, Vlan250
C       10.100.2.0/24 is directly connected, Vlan2
O IA    10.98.4.0/24 [80/21] via 10.100.250.2, 6w4d, Vlan250
C       10.100.30.0/24 is directly connected, Vlan30
C       10.100.25.0/26 is directly connected, Vlan25
C       10.100.22.0/24 is directly connected, Vlan22
C       10.100.21.0/24 is directly connected, Vlan21
C       10.100.250.0/24 is directly connected, Vlan250
S       10.100.200.0/24 [1/0] via 10.100.250.6
C       10.100.160.0/24 is directly connected, Vlan160
S*   0.0.0.0/0 [1/0] via 10.100.250.2

jonathanlunt · ‎04-19-2016

Do you realise VLAN 7 is shutdown?

dbuckley77 · ‎04-19-2016

I did not notice that. I checked our other core and it has the same config showing shutdown(below). Even though they are shutdown traffic has been passing on vlan 7 to other vlans. Does this make sense?

CH-CORE-4506-02#sh run int vlan 7
Building configuration...

Current configuration : 152 bytes
!
interface Vlan7
ip address 10.100.7.254 255.255.255.0
shutdown
standby 0 ip 10.100.7.1
standby 0 timers msec 250 msec 750
standby 0 preempt

dbuckley77 · ‎04-19-2016

I issued a no shut and it took down some switches.

pwwiddicombe · ‎04-19-2016

If it was partially working with vlan7 shutdown on the core switches; then its possible there is another device acting as a router for that subnet. When you opened it up where you expected it to be, there was a duplicate gateway on the network...? You must have had a default gateway on the vlan7 devices for them to be working before - find out that device, and determine which gateway you WANT to have running.

It's not impossible that you have a Unix host that somebody had enabled IP routing, and it had interfaces on multiple vlans... ?

Inter-vlan data transfer crashed network