Layer 3 Switch Inter-Vlan not working properly

keyursorathia · ‎03-24-2022

Hello All,

I have issue in configuring Layer 3 Switch Inter-Vlan routing.

The client in a particular vlan can ping the default gateway of the vlan but the clients in different vlans cannot ping each other. Also, PC in one VLAN cannot ping the default gateway of the other vlan.

Below is the configuration that I did on the switch,

Core Switch:

vlan 10

int vlan 10

ip add 192.168.10.60 255.255.255.0

vlan 20

int vlan 20

ip add 192.168.20.60 255.255.255.0

vlan 30

int vlan 30

ip add 192.168.30.60 255.255.255.0

int g1/0/19

switchport mode trunk

switchport trunk native vlan 50

ip routing

Layer 2 Switch:

vlan 10

int vlan 10

vlan 20

int vlan 20

vlan 30

int vlan 30

int g1/0/19

switchport mode trunk

switchport trunk native vlan 50

The below are the Layer 3 Switches and Layer 2 Switches in our company:

Layer 3 Switch - c9200l-24t-4g

Layer 2 Switch - c1000-24t-4g

Georg Pauwen · ‎03-24-2022

Hello,

--> switchport trunk native vlan 50

Where is Vlan 50 configured ? Post the full running configs (sh run) of both the layer 2 and the layer 3 switch...

paul driver · ‎03-24-2022

Hello

FYI - you shouldnt require the native vlan to be created for it to be applied as native on a trunk interconnect, the trunk should work without it.

Can you post the following please:

On the core

sh arp
sh interface trunk
sh vlan brief

access-switch

sh interface trunk
sh vlan brief

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

keyursorathia · ‎03-25-2022

CORE Switch

SW_Core(config)#do show vlan bri

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/24
Gi1/1/1, Gi1/1/2, Gi1/1/3
Gi1/1/4
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

SW_Core#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.10.60 - 28af.fddd.0b46 ARPA Vlan10
Internet 192.168.20.60 - 28af.fddd.0b56 ARPA Vlan20
Internet 192.168.30.60 - 28af.fddd.0b65 ARPA Vlan30

SW_Core#show int trunk

Port Mode Encapsulation Status Native vlan
Gi1/0/23 on 802.1q trunking 50

Port Vlans allowed on trunk
Gi1/0/23 1-4094

Port Vlans allowed and active in management domain
Gi1/0/23 1,10,20,30

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/23 1,10,20,30

--------------------------------------------------------------------------------------------

CLIENT Switch

SW_Cli(config)#do show vlan bri

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/24, Gi1/0/25
Gi1/0/26, Gi1/0/27, Gi1/0/28
10 VLAN0010 active
20 VLAN0020 active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10
30 VLAN0030 active Gi1/0/11, Gi1/0/12, Gi1/0/13
Gi1/0/14, Gi1/0/15, Gi1/0/16
Gi1/0/17, Gi1/0/18
200 VLAN0200 active
204 VLAN0204 active
210 VLAN0210 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

SW_Cli#show int trunk

Port Mode Encapsulation Status Native vlan
Gi1/0/23 on 802.1q trunking 50

Port Vlans allowed on trunk
Gi1/0/23 1-4094

Port Vlans allowed and active in management domain
Gi1/0/23 1,10,20,30,200,204,210

Port Vlans in spanning tree forwarding state and not pruned
Gi1/0/23 1,10,20,30,200,204,210

paul driver · ‎03-25-2022

Hello

Thank for sharing that information,
Can you confirm if:
Ip routing is disabled on the access switch.
Any software firewall enabled on the hosts negating ICMP?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Martin L · ‎03-24-2022

Most often problems with this situation are:

trunks are not formed;

missing vlans on layer 2 switch; even if traffic is passing thru (via trunks), that switch still needs vlan and trunks;

Layer 2 switch can only have 1 interface vlan up up state since it does not do routing. So, PCs' default gateways should point IP to layer 3 switch or router.

Double check all access ports and their vlans ids .

Regards, ML
**Please Rate All Helpful Responses **

keyursorathia · ‎03-25-2022

I have checked many times the vlan configuration and it is configured correctly.

Zanthra · ‎03-25-2022

Could you share the IP configuration for one of the clients? Particularly IP Address, subnet mask, default gateway, and static routes if any.