Solved: Inter vlan routing default gateway problems

Christophe Normand · ‎02-25-2014

Hello,

I'm configuring inter-vlans routing and I've got a problem. Here's my network, I got 3 vlans :

vlan 1 - management (10.0.0.0 /24 GW : 10.0.0.5)

vlan 2 - server (10.1.1.0/24 GW : 10.1.1.5)

vlan 3 - hosts (172.16.0.0/16 GW : 172.16.1.5)

So i've configured routing (ip routing) and added the default gateway (ip route 0.0.0.0 0.0.0.0 10.0.0.1). 10.0.0.1 is my router address.

So from the vlan management I can easily go on the internet but not from the other vlans. I've got tested the communication between hosts on each vlan and there is no problem, exemple a ping between my server (10.1.1.10) and a machine in the management vlan (10.0.0.100) and it works.

So my question is, why the vlan 2 and 3 can't access the default gateway (10.0.0.1) ?

Here's my ip route table:

Gateway of last resort is 10.0.0.1 to network 0.0.0.0

10.0.0.0/24 is subnetted, 2 subnets

C 10.1.1.0 is directly connected, Vlan2

C 10.0.0.0 is directly connected, Vlan1

S* 0.0.0.0/0 [1/0] via 10.0.0.1

Thanks for your help !

Jon Marshall · ‎02-25-2014

Christophe

You need to add that route on your firewall not the 3550.

Basically your firewall has no idea how to get to the 10.1.1.0/24 network because it is not directly connected to that network. So you need to tell it how to get to that network ie. the route i posted says to the firewall -

to get to 10.1.1.0/24 you need to send packets so 10.0.0.5. It knows how to get to 10.0.0.5 because it has an interface in that subnet.

Jon

View solution in original post

chandra_rc16 · ‎02-25-2014

Hi,

As per your configuration i think only vlan 3 - hosts (172.16.0.0/16 GW : 172.16.1.5) are not able to communicate. Because there is no route defined for them.

So define the routing for it and then check.

Please don't forget to rate the posts that are helpful.

Regards,
Chandu

Regards, Chandu

Christophe Normand · ‎02-25-2014

Hi,

thanks for your response but, I don't care about vlan 3, if it's not routed it's because it has no hosts connected to it, so it's not automatically routed as the others.

My first purpose here, is to access from the vlan 2 to internet (10.1.1.0/24 to 10.0.0.1/32) but I can't.

Jon Marshall · ‎02-25-2014

Christophe

Are these vlans created on a L3 switch ?

If so you need routes for any vlans/IP subnets the router is not connected to. So on your router -

ip route 10.1.1.0 255.255.255.0 10.0.0.5

Jon

Christophe Normand · ‎02-25-2014

Thanks for your response Jon, i forgot to precise it's an old 3550 so yes it's a layer 3.

I don't understand what you mean, my vlan 1 and 2 are connected to the switch. And my firewall (10.0.0.1) is directly connected to the switch on the vlan 1.

P.S. I've tested your command but it just return the error %Invalid next hop address (it's this router)

Thanks,

Jon Marshall · ‎02-25-2014

Christophe

You need to add that route on your firewall not the 3550.

Basically your firewall has no idea how to get to the 10.1.1.0/24 network because it is not directly connected to that network. So you need to tell it how to get to that network ie. the route i posted says to the firewall -

to get to 10.1.1.0/24 you need to send packets so 10.0.0.5. It knows how to get to 10.0.0.5 because it has an interface in that subnet.

Jon

Christophe Normand · ‎02-25-2014

Thanks a lot that was my problem ...

I should think a little bit more some times