12-20-2013 04:53 AM - edited 03-10-2019 12:24 PM
Hi Fellow Techies,
I've been trying to tackle this problem for 2 weeks or so and it has become irritating finally I thought i should get your thoughts on this problem. What am i missing ?
This is part of my homelab infrastructure.
InterVLAN routing is working flawlessly, meaning i can ping all vlans and its hosts.The problem is that i can't reach the router 192.168.1.254 from any of my VLANs, though i can reach 192.168.1.1 which is the routed interface (Fe 0/15) on Layer 3 switch.Furthermore i can reach 192.168.1.254 from the layer 3 switch but not from the VLANs
Here is the config from 3550 L3 switch
1 | isis#sho run |
2 | Building configuration... |
3 | |
4 | Current configuration : 5711 bytes |
5 | ! |
6 | version 12.1 |
7 | no service pad |
8 | |
9 | ! |
10 | hostname isis |
11 | ! |
12 | ! |
13 | ip subnet-zero |
14 | ip routing |
15 | ! |
16 | no ip domain-lookup |
17 | ! |
18 | spanning-tree mode pvst |
19 | spanning-tree extend system-id |
20 | ! |
21 | ! |
22 | interface FastEthernet0/15 |
23 | description To Internet |
24 | no switchport |
25 | ip address 192.168.1.100 255.255.255.0 |
26 | |
27 | !Interfaces 0/17 to 0/32 belongs to VLAN 20 |
28 | !link to saber |
29 | interface FastEthernet0/17 |
30 | switchport access vlan 20 |
31 | switchport mode access |
32 | no ip address |
33 | |
34 | |
35 | !link to pegasus |
36 | interface FastEthernet0/18 |
37 | switchport access vlan 20 |
38 | switchport mode access |
39 | no ip address |
40 | |
41 | |
42 | |
43 | !link to icarus |
44 | interface FastEthernet0/19 |
45 | switchport access vlan 20 |
46 | switchport mode access |
47 | no ip address |
48 | |
49 | |
50 | !Interfaces 0/34 to 0/48 belongs to VLAN 10 |
51 | !link to deadalus |
52 | interface FastEthernet0/34 |
53 | switchport access vlan 10 |
54 | switchport mode access |
55 | no ip address |
56 | ! |
57 | |
58 | interface Vlan1 |
59 | no ip address |
60 | ! |
61 | interface Vlan10 |
62 | ip address 10.10.10.1 255.255.255.0 |
63 | ! |
64 | interface Vlan20 |
65 | ip address 10.20.20.1 255.255.255.0 |
66 | ! |
67 | ip default-gateway 192.168.1.100 |
68 | ip classless |
69 | ip route 0.0.0.0 0.0.0.0 192.168.1.254 |
70 | ip http server |
71 | ! |
72 | ! |
73 | alias exec c conf t |
74 | alias exec s sho ip int br |
75 | ! |
76 | end |
Pings From Layer3
isis#ping 192.168.1.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms isis#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms isis#ping 10.10.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms isis#ping 10.10.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms isis#ping 10.20.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms isis#ping 10.20.20.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms isis#ping 10.20.20.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.20.20.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
I can reach my file server pegasus from my workstation saber, and i can reach deadalus which is my ESXi server from saber as well, meaning InterVLAN routing is working.
I've tried equivalent config on Netgear GSM7312 L3gigabit switch and 3COM/HP 4924 L3 gigabit switch and the issue remains unsolved.
Thanks for your support.
12-20-2013 09:12 AM
What router do you have? It sounds like the problem is that your router doesn't know about any of your other subnets. If you have the option, you will need to add static routes on the router pointing to your switch (192.168.1.100). The problem that you'll then have is that your router will need to be able to nat all of those other subnets in order to be able to give internet access. The router probably only has 192.168.1.0/24 as an internal subnet and doesn't know about the 10.10 and 10.20. subnets.
HTH,
John
*** Please rate all useful posts ***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide