Solved: layer 3 switch and ping problems

tolinrome tolinrome · ‎12-31-2013

I have a lab with different networks and on one network I have a layer 2 and layer 3 switch, the layer 3 switch is directly connected to a router. I have a few different vlans on this network. All vlans can communicate with each other and the switches and router, vice versa etc.

I can ping externally to another router on another network form this layer 3 switch (going accross many routers even) with no problem. However, I cannot ping the internal clients in that remote network from the layer 3 switch, just the router. Why?

Also from the from the layer 2 switch on this "problem network" and the computers on the vlans on this same network I cant ping to anything past their own router on their network, but from the layer 3 switch I can as explained before. What is it that is preventing replies when I ping externally?

There are no acl's on any of the routers.

Thanks!

Collin Clark · ‎01-01-2014

You add the routes under OSPF on the device where those subnets are configured, the L3 switch, not on the router.

View solution in original post

Collin Clark · ‎12-31-2013

Sounds like a routing issue and/or default gateway problem. Make sure the router has all the appropriate remote routes.

tolinrome tolinrome · ‎12-31-2013

In the router I have I already had "ip route 10.1.0.0 255.255.255.0 10.1.60.1" and it wasn't working and now I added:
R1(config)#ip route 10.1.20.0 255.255.255.0 10.1.60.1
R1(config)#ip route 10.1.30.0 255.255.255.0 10.1.60.1
R1(config)#ip route 10.1.10.0 255.255.255.0 10.1.60.1
R1(config)#ip route 10.1.40.0 255.255.255.0 10.1.60.1

and it still doesn't work.

10.1.60.1 is the interface of the L3 switch that connects to the router.

Collin Clark · ‎12-31-2013

Can you post the results of a traceroute from the L3 switch? A diagram would be helpful as well.

tolinrome tolinrome · ‎12-31-2013

Switch>traceroute 10.7.1.3
Type escape sequence to abort.
Tracing the route to 10.7.1.3

1   10.1.60.2       0 msec    0 msec    0 msec
2   15.15.15.2      0 msec    1 msec    1 msec
3   14.14.14.2      5 msec    2 msec    1 msec
4   16.16.16.2      4 msec    2 msec    10 msec
5   17.17.17.2      4 msec    2 msec    2 msec
6   18.18.18.2      3 msec    4 msec    6 msec
7   19.19.19.2      3 msec    5 msec    5 msec
8   10.7.1.3        7 msec    5 msec    6 msec

When I do a tracert on the computer to the sam eip it only gets as far as the router (2 hops) then times out for the rest. A diagram of the network, I wouldnt know where to begin seeing how many routers are in between.

Collin Clark · ‎12-31-2013

On the last successful hop check that routers peers for the clients subnet.

tolinrome tolinrome · ‎12-31-2013

on the routers peers it has the route of the L3 network but not the networks (vlans) behind them. I dont know whats preventing those subnets form not being able to ping while the L3 switch can. I woudl think it has to be either the L3 switch oe the router but I've done all the routes I can think of. Not sure here.

Jon Marshall · ‎01-01-2014

Not sure i fully understand but you have added routes to R1 for the subnets routed on the L3 switch. These routes need to be passed to all the other routers in your network or else the packets cannot be routed back to the L3 switch ie. you say -

on the routers peers it has the route of the L3 network but not the networks (vlans) behind them.

If the routers (other than R1) do not know how to get to the subnets on the L3 switch then a ping/traceroute will never work. You either need to add static routes to all routers for these subnets or run a dynamic routing protocol and advertise those subnets from either the L3 switch or R1.

The fact that you added statics to R1 suggests you are not running a dynamic routing protocol ?

Jon

tolinrome tolinrome · ‎01-01-2014

Yes, I am running dynamic routing, ospf. Even if on R1 I add those subnets using ospf they dont take effect.

R1(config)#router ospf 1

R1(config-router)#net

R1(config-router)#network 10.1.30.0 0.0.0.255 area 0

R1(config-router)#network 10.1.40.0 0.0.0.255 area 0

R1(config-router)#network 10.1.20.0 0.0.0.255 area 0

R1(config-router)#network 10.1.10.0 0.0.0.255 area 0

R1(config-router)#exit

R1#show ip route ospf

10.0.0.0/8 is variably subnetted, 13 subnets, 3 masks

O 10.4.1.0 [110/193] via 15.15.15.2, 00:02:19, Serial0/1/0

O 10.5.1.0 [110/321] via 15.15.15.2, 00:02:19, Serial0/1/0

O 10.7.1.0 [110/385] via 15.15.15.2, 00:02:19, Serial0/1/0

O 10.8.1.0 [110/449] via 15.15.15.2, 00:02:19, Serial0/1/0

O 10.9.1.0 [110/193] via 15.15.15.2, 00:02:19, Serial0/1/0

14.0.0.0/29 is subnetted, 1 subnets

O 14.14.14.0 [110/128] via 15.15.15.2, 00:02:29, Serial0/1/0

16.0.0.0/29 is subnetted, 1 subnets

O 16.16.16.0 [110/192] via 15.15.15.2, 00:02:29, Serial0/1/0

17.0.0.0/29 is subnetted, 1 subnets

O 17.17.17.0 [110/256] via 15.15.15.2, 00:02:19, Serial0/1/0

18.0.0.0/29 is subnetted, 1 subnets

O 18.18.18.0 [110/320] via 15.15.15.2, 00:02:19, Serial0/1/0

19.0.0.0/29 is subnetted, 1 subnets

O 19.19.19.0 [110/384] via 15.15.15.2, 00:02:19, Serial0/1/0

20.0.0.0/29 is subnetted, 1 subnets

O 20.20.20.0 [110/448] via 15.15.15.2, 00:02:19, Serial0/1/0

R1#

It seems that I can ping other hosts (receive replies) from a host directly connected behind the router (no switches involved, router connected to laptop), then I can ping anything, networks that have the L3 switch in front of the subnets, I cant ping past.

Message was edited by: tolinrome tolinrome

Collin Clark · ‎01-01-2014

You add the routes under OSPF on the device where those subnets are configured, the L3 switch, not on the router.

tolinrome tolinrome · ‎01-01-2014

Thanks, that did it. I didnt know I should have done it on the L3 switch instead of the router.

Collin Clark · ‎01-01-2014

Great, glad we got it working!