https://www.youtube.com/edit

mjime10 · ‎10-27-2016

this has been stumping me; I think there's an issue with the routing tables however because it's reporting 10.0.0.0/24 as being subnetted with 2 subnets and 10.0.30.0 is falling under that forest hierarchy in the routing tables, which doesn't make sense, since 10.0.30.0 could only be a subnet of a /16 or lesser-value subnet notation.

Only 2 hosts are at play here, since the rest haven't been configured. The diagram illustrates the end state but at present only the two interfaces hosted on stryker--dual NICs, and the two interfaces on AX3950-2--also dual NICS, are configured with L3 IP addresses.

The switch can ping all sub-interfaces, the 10.0.30.12 interface (on AX3950-2, residing in VLAN30) but not the other L3 interface (ethernet dongle) assigned IP 131.107.0.12.

The router can ping everything.

From the stryker end host, as seen in the diagram, I can ping the default gateway for vlan 10 (10.0.0.1), I can remotely manage both the switch and the router via SSH through the native vlan, IPs 192.168.10.2 & 192.168.10.1 respectively. But I cannot ping the subinterfaces (other vlan gateways).

However, from the AX3950-2 host in VLAN30, I can ping all of the subinterfaces (VLAN gateways) and the IP for the switch.

The routing table concerns me because it seems to have summarized the 10.0.0.0 & 10.0.30.0 nets, even though they are discrete--each configured as /24 networks.

I just want a basic router-on-a-stick configuration that works where L3 connectivity is working between all hosts.

Here's the route table:

871w#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, FastEthernet4.1
     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.0.0 is directly connected, FastEthernet4.10
C       10.0.30.0 is directly connected, FastEthernet4.30
     131.107.0.0/24 is subnetted, 1 subnets
C       131.107.0.0 is directly connected, FastEthernet4.131

I attached the two running configurations into a single text file, which is attached.

Anybody who can help me get this working--you are a god!!!

I researched disabling auto-summarization but I believe that only applies to actual routing protocols and not in this case where I'm working with only directly-connected subnetworks. Not really sure how to affect that, I tried specifying static routes but it had no bearing on the route table.

Here's the trunk interface status from the switch, since the 871 is a router--I cannot perform any diagnostic on the trunk as it stands. Not sure if any debug commands would be relevant here.

C2960(config)#do sho int trunk

Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-4094

Port Vlans allowed and active in management domain
Fa0/1 1,10,30,131

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,10,30,131

Also mac-address table of switch barring all the CPU ports:

C2960(config)#do sho mac address-table
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports
---- ----------- -------- -----

...

...
10 001e.4a18.01d1 DYNAMIC Fa0/1
10 7824.afd9.680a DYNAMIC Gi0/1
1 001e.4a18.01c7 DYNAMIC Fa0/2
1 001e.4a18.01d1 DYNAMIC Fa0/1
1 7824.af47.10bf DYNAMIC Fa0/8
30 d027.889f.8a06 DYNAMIC Fa0/6
131 001e.4a18.01d1 DYNAMIC Fa0/1
131 7088.6b80.7666 DYNAMIC Fa0/7
Total Mac Addresses for this criterion: 28

I find it interesting that the mac in vlan 30 is pingable from the switch. It appears the other traffic from the NIC assigned to VLAN131 on the same VLAN 30 host got registered through its access port, but then the router registered its MAC as well, coming over the trunk with said VLAN 131 traffic? But why didn't the VLAN-30 assigned host do the same???

I'm a former CCNA (expired 2013) and I'm confused about what I should be expecting to see in the mac address-table. I'm trying to get a working router-on-a-stick config for my MCSA 2012 lab, since I had the 871 on-hand and came across the 2960 for only $60. Plus, I figure it can keep me in practice and I intend to renew my CCNA and possibly pursue CCNP in the future.

Please help!

Thanks!

mjime10 · ‎12-07-2016

the issue ended up being multi-fold, 2 points in particular with Windows Firewall (enabling ICMPv4 echo requests--inbound & outbound, and then modifying the scope of the remote subnet which by default on Win7 is limited to same-subnet), and then a multi-homed configuration from the test host. Windows cannot handle multiple default-gateways when configured exclusively through the GUI but leveraging the command-prompt route commands, will allow you to specify default-gateways on a per-interface basis...in my case, my wireless NIC was trying to handle routing to external subnets which were non-routable. After configuring the local host route tables to forward to the appropriate sub-if for each corresponding, external subnet--ICMP replies were received end-to-end, bi-directionally.

mjime10 · ‎12-07-2016

https://www.youtube.com/edit?o=U&video_id=GQJpBuI5c-A

I recorded a session briefly addressing each aspect of the solution for my scenario, if you want to learn more.

Moderators, if it's a violation to link offsite--feel free to remove the comment, no questions asked.

issues with inter-VLAN routing in a router-on-a-stick layout using an 871W & C2960-8TC-L