What are you talking about exactly? I'm confused here. I have dozens of servers (VLANS) work on that second switch just fine, except 2 of the created VLANs I mentioned a few times by now.

So what is x.x.30.3 ie. what device and where is it connected ?

Jon

VLAN 26 is a linux server connected on port 21 on switch #1

it has xxx.55.30.0/24 subnet assigned to it as primary not secondary. It's set up right in Centos 7 network config too, as I've done with endless other Centos boxes the same.

Sorry, when you say vlan 26 is a Linux server do you mean x.x.30.3 is a Linux server ?

If so for some reason it is not responding to an arp.

Can you post a "sh vlan brief" from the switch.

Also what happens if you try to ping x.x.30.1 from x.x.30.3 ?

Jon

VLAN 26 = is a linux server on switch #1 with xxx.50.30.0/24 assigned to it (routed to it). 30.3 and 30.1 is the same exact server, subnet on the same VLAN.

The whole issue is, that I created 4 new VLANs last week (all 4 are Centos linux boxes). 2 on switch #1, 2 on switch #2. None of their IPs ping publicly except the first public IP address. That's the core issue I'm having and the odd thing is, I've created the VLANs the same way I've always done before, for years. For a crazy unknown reason, these 4 in particular are not working entirely.

Cisco3650#sh vlan brief
26   VLAN26                           active    Gi1/0/21

I think maybe we are referring to different things. I was assuming each vlan had multiple devices in it but if I understand correctly 30.1 and 30.3 are the same server and those IPs are on different NICs ?

So when you say vlan you mean a single server is that correct ?

Jon

I think maybe we are referring to different things. I was assuming each vlan had multiple devices in it but if I understand correctly 30.1 and 30.3 are the same server and those IPs are on different NICs ?

No. One Linux server, one NIC port, one switch port, on one VLAN. It has one /24 subnet assigned to it on the switch and on the server internally itself.

Once again, only IPs that ping are the gateway of that subnet and first public IP.

So you route x.x.30.0/24 to this server ie. all the IPs for x.x.30.0/24 are handled by that server. Is that correct ?

The point is you are not routing the subnet to the server. The switch has an IP in that subnet so there is no routing. The switch will send an arp for any IP in that subnet and it is up to the server to respond which it isn't doing according to the arp table.

How exactly is this meant work ie. why does a server have a whole./24 assigned to it and what is it meant to achieve ?

Jon

> The switch has an IP in that subnet so there is no routing.

I don't understand, why that single /32 is there and how to remove it, fix it. Now, what I've done was change that /24 subnet to secondary (on the Cisco switch) and add a /29 as primary. Same on Centos 7 internally. This time, only the gateway pings on that /24 subnet. 

[root@localhost network-scripts]# cat ifcfg-em1-range0
IPADDR_START=xxx.55.30.2
IPADDR_END=xxx.55.30.254
CLONENUM_START=0  
NETMASK=255.255.255.0

What I'm trying to achieve is simply get that /24 pinging on the linux box (VLAN 26). I don't know why you're asking why it has a whole /24, but why does that even matter? The client wants a /24 and I have multiple boxes with far greater amount of IPs for their business usage.

Cisco3650#show ip route xxx.55.30.1
Routing entry for xxx.55.30.1/32
  Known via "connected", distance 0, metric 0 (connected)
  Routing Descriptor Blocks:
  * directly connected, via Vlan26
      Route metric is 0, traffic share count is 1

You cannot remove it, it is just the way it is recorded in the routing table. That is not your problem as far as I can tell.

I understand your frustration with some of the questions but I am coming at it from a network perspective and I suspect you from a server perspective. If you allocate a /24 to the server then it is up to the server to respond to pings to those IPs.

So how does the server do this ie. when the switch pings x.x.30.3 it first sends an arp request, which is a broadcast, in that vlan. So the server will see that arp request but it is not responding.

So as far as I can see the issue is with the server not the switch.

Jon

These are all standard install Centos 7 boxes. I've installed so many and assigned various IPs, subnets on the same switches using same simple steps on both sides.

I understand but all I can do is come at it from the network side as I am not a server person.

If the NIC on the server only has one IP allocated to it then how does the server know it is meant to respond for all the other IPs in the subnet and how does it do it.

Jon

Hello Bashedroot
We are trying to understand your network topology and the logic behind why you are trying to achieve,
I think the confusion lies with the attachment of your servers and what role they play

The setup as you have explained is:

L3switch<----trunk----->Switch2
   |                                      |
 svrs                                srvs

Now from a network perspective above the basic setup would be:

L3 switch = Ip routing enabled and all L3 interfaces applied pertaining to your L2 vlans - trunk interface to switch 2

Trunk = should allow all vlans to traverse this link between each switch
Switch2 = ip routing disabled and assigned default-gateway of MGT vlan -  trunk interface to L3switch, L2 vlans propagated from L3 switch

Servers = switchport interface attaching server configured in access-port mode assigned to relative vlan, (Unless your servers require  tagging of multiple vlans or are virtualised you would not need to trunk the switch port these servers are connected to.

VLAN 26 = is a linux server on switch #1 with xxx.50.30.0/24 assigned to it (routed to it). 30.3 and 30.1 is the same exact server, subnet on the same VLAN

What is confusing is seeing a whole lot of other subnets you have specified to be allowed over the server trunk interface, which are not being seen in the switches vtp database and now it looks like the server is also performing some kind of routing function with multiple ip addressing on the same vlan26 subnet

Anyhow for this to work from a network perspective the setup would be be as follows:

L3switch - int Vlan 26 = xxx.55.30.1 /24 also L2 vlan26 created on both switches
Swtich2 -  Trunk to L3switch and Trunk to Server
Server -  assigned ip address - xxx.55.30.X /24
Default route pointing to the L3switch SVI vlan26 interface - xxx.55.30.1
(this is so the server can reach other subnets the L3 switch is routing for)

L3switch:

ip routing

int vlan 26
ip adddress xxx.55.30.1 255.255.255.0

int xx
Description Link to Switch2
switchport trunk encap dot1q ( older ios only)
switchport mode trunk

vlan26
exit

Switch2  - Depending if the server is tagging 802.1q or not will result in using either a trunk port or access port on the switch

no ip routing

int xx
Description Link to L3switch
switchport trunk encap dot1q ( older ios only)
switchport mode trunk

vlan26
exit

int xx
Description Link to Server
switchport trunk encap dot1q ( older ios only)
switchport mode trunk

or

int xx
Description Link to Server
switchport host
switchport access vlan 26

Server
ip address xxx.55.30.X /24
Ip route 0.0.0.0 0.0.0.0 xxx.55.30.1


res
Paul

This is crazy. I ran the below to wipe that VLAN26 clean to start from scratch:

Cisco3650#conf t
Enter configuration commands, one per line.  End with CNTL/Z.

Cisco3650(config)#no vlan 26

Cisco3650(config)#end

Cisco3650#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi1/0/1, Gi1/1/1, Gi1/1/2, Gi1/1/3, Gi1/1/4
2    VLAN2                            active    Gi1/0/13
3    VLAN3                            active    Gi1/0/6
7    VLAN7                            active    Gi1/0/10
12   VLAN12                           active    Gi1/0/14
13   VLAN13                           active    Gi1/0/16
21   VLAN21                           active    Gi1/0/11
22   VLAN22                           active    Gi1/0/12
23   VLAN23                           active    Gi1/0/17
24   VLAN24                           active    Gi1/0/18
25   VLAN25                           active    Gi1/0/3
80   VLAN80                           active    Gi1/0/2
93   VLAN93                           active    Gi1/0/9
95   VLAN95                           active    Gi1/0/4
98   VLAN98                           active    Gi1/0/5
111  VLAN111                          active    Gi1/0/7
113  VLAN113                          active    Gi1/0/8
120  VLAN120                          active    Gi1/0/15


Cisco3650#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Cisco3650(config)#int Gi1/0/21
Cisco3650(config-if)#no switchport mode access
Cisco3650(config-if)#no switchport access vlan 26
Cisco3650(config-if)#end


Cisco3650#show running-config interface Gi1/0/21
Building configuration...

Current configuration : 228 bytes
!
interface GigabitEthernet1/0/21
 description Server 26
 switchport trunk allowed vlan 3,5,8,17-19,39,43,50,51,70,74,76,78,84,97-99
 switchport trunk allowed vlan add 101-103,108,110,112,119,500,600,611,612,950
 speed 100
end


Cisco3650#show interfaces  Gi1/0/21 switchport    
Name: Gi1/0/21
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 3,5,8,17-19,39,43,50,51,70,74,76,78,84,97-99,101-103,
     108,110,112,119,500,600,611,612,950
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Then I ran this after "wr":

Cisco3650#show run int vlan 26
Building configuration...

Current configuration : 135 bytes
!
interface Vlan26
 description Server 26
 ip address xxx.55.30.1 255.255.255.0 secondary
 ip address xxx.xxx.98.49 255.255.255.248
end

Why is it still there?