Solved: NEXUS 9k Inter-VLAN issue

tom.blackstone@broan.com · ‎12-16-2024

Hello:
I am an IOS guy, and NEXUS is new to me. We have a NEXUS9000 switch I want to use as our Layer 3, Core Stack. We actually have two of them via VPC, but I broke that so I could experiment with one of the units.

I have the unit configured (see below). The NEXUS can ping everything. The Server attached to it can ping itself and its gateway. The CISCO 3850X I have attached can ping itself and its gateway. The Server and the Switch cannot ping each other. It seems like the VLAN interfaces cannot pass traffic. I got to believe I am missing something in the configuration.

Can someone take a look at this and let me know what you think? I have a ticket open with TAC but they are REALLY slow getting back to me.

Configuration:

version 10.4(2) Bios:version
hostname NEXUS

vdc NEXUS id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4097
limit-resource port-channel minimum 0 maximum 511
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

feature interface-vlan
feature vtp

no password strength-check

ip domain-lookup
vtp domain MUDD

rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1,6,8,31
vlan 6
name office
vlan 8
name office_2
vlan 31
name MGT

spanning-tree vlan 1-3967 priority 0
vrf context management

interface Vlan1

interface Vlan6
no shutdown
ip address 10.100.6.1/24

interface Vlan8
no shutdown
ip address 10.100.8.1/24

interface Vlan31
no shutdown
ip address 10.100.31.1/24

interface Ethernet1/1
description 3850X switch
switchport mode trunk
switchport trunk native vlan 31

interface Ethernet1/2
description SERVER
switchport access vlan 6

interface mgmt0
vrf member management
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos64-cs.10.4.2.F.bin

Here is the routing information:

NEXUS# sh ip route
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.100.6.0/24, ubest/mbest: 1/0, attached
*via 10.100.6.1, Vlan6, [0/0], 02:05:48, direct
10.100.6.1/32, ubest/mbest: 1/0, attached
*via 10.100.6.1, Vlan6, [0/0], 02:05:48, local
10.100.8.0/24, ubest/mbest: 1/0, attached
*via 10.100.8.1, Vlan8, [0/0], 02:05:48, direct
10.100.8.1/32, ubest/mbest: 1/0, attached
*via 10.100.8.1, Vlan8, [0/0], 02:05:48, local
10.100.31.0/24, ubest/mbest: 1/0, attached
*via 10.100.31.1, Vlan31, [0/0], 02:05:48, direct
10.100.31.1/32, ubest/mbest: 1/0, attached

MHM Cisco World · ‎12-19-2024

so it real or lab ?

MHM

View solution in original post

Flavio Miranda · ‎12-16-2024

tom.blackstone@broan.com

The command "feature interface-vlan" is required but you have that already. Which leaves the gataway configuration on both servers and switch. You mentioned that they can ping gateway but they have the gateway properly configured?

For the 3850 I believe you need to have at least ip default-gateway 10.100.31.1 or a static route "ip route 0.0.0.0 0.0.0.0 10.100.31.1"

On the server, it will depend on the OS.

M02@rt37 · ‎12-16-2024

Hello tom.blackstone@broan.com

A missing default gateway on the Cisco 3850 could cause the issue where it cannot communicate with the server connected to the Nexus. If the 3850 does not have a default gateway configured, it will not know how to route traffic destined for subnets outside its own VLAN, such as the server's VLAN.

So configure a default gateway or ip default route on your 3850 so it can forward traffic to the Nexus for inter-VLAN routing.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

MHM Cisco World · ‎12-16-2024

Can I see topolgy

MHM

paul driver · ‎12-17-2024

Hello

tom.blackstone@broan.com wrote:
The NEXUS can ping everything.

The Server and the Switch cannot ping each other.

Make sure ip routing is disabled on the switch, as it doesn't need any default route just a default-gateway

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

tom.blackstone@broan.com · ‎12-17-2024

Good day:

I decided to wipe my equipment and start from scratch and now it is working. I can't determine WHY it is working.
Here is what I setup in the computer room. I did notice I configured VTP for transparent, and previously VTP mode was off (however the VLANs were present when in VTP Mode off) but I can't think that would be the answer.

Give me a few days to see if I can repeat the issue.

MHM Cisco World · ‎12-19-2024

so it real or lab ?

MHM

tom.blackstone@broan.com · ‎12-19-2024

No, this was real. My lab is in the computer room. I have CISCO 3750's, 3850's which I have configured to mimic my production environment. MY NEXUS switches (two) were in production, so I took one out of the rack and moved it to my LAB.

Honestly, I cannot figure out what the problem was. After I wiped and started again It worked as expected. I am thinking it was the Core switch. I thought demoting it by using the "no ip routing" command and removing the SVI's would have done the trick.