Solved: OSPF and Management Vlan issue

Ignacio Rios · ‎05-25-2011

Please forgive the rough drawing. I came home from work and still didn't know what was causing the problem.

Basically, I can't get the 6509s to share their VLAN20 information to eachother. We don't have too many access switches and we have a few OSPF connections. We had 141.59.24.0 255.255.255.0 and subnetted it to have: 141.59.24.1 255.255.255.128 to use on the Management VLAN 20 through out our 3560s and 3509s. The OSPF routes use 141.59.24.1 255.255.255.252 for their point-to-point connections between the 6509s.

Right now if I SSH into a 6509 I can only ping the VLAN20 address of switches that are directly trunked to it.

e.g. If I SSH into the 6509 on the right I can only ping 141.59.24.9 and any other switches that are trunked to it.

If I run a show cdp neighbor the 6509s see each other but only on there OSPF ip address, 141.59.24.129/30 and 141.59.24.130/30.

I tried setting INT VLAN20 as no-passive on OSPF, but that didn't help.

The picture only shows a segment of the network, but I know if I can figure out what's wrong in this section it will work out for the rest.

Any ideas?

Giuseppe Larosa · ‎05-25-2011

Hello Ignacio,

you have divided the IP subnet in two parts !

it cannot work this way:

or you change the ip subnet on one side or you change the link between the two C6509 allowing vlan 20 (=joining the broadcast domain ) and another vlan that you will use for the OSPF adjacency that is making a L2 trunk

interface gi1/0

switchport

switchport mode trunk

switchport trunk protocol dot1q

switchport trunk allowed vlan 20, 810

!

on both C6500 devices where 810 is a vlan you create

+

interface vlan 810

ip address x.y.z.k 255.255.255.252

where x.y.z.k is only a place holder

the fact that Vlan 20 exists on both sides doesn't mean that you can use the same IP subnet unless you create an end to end L2 path in Vlan 20 if a routed link is in between you have half hosts in one side and half hosts in the other side according to your network diagram

Take care

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎05-25-2011

Hello Ignacio,

you have divided the IP subnet in two parts !

it cannot work this way:

or you change the ip subnet on one side or you change the link between the two C6509 allowing vlan 20 (=joining the broadcast domain ) and another vlan that you will use for the OSPF adjacency that is making a L2 trunk

interface gi1/0

switchport

switchport mode trunk

switchport trunk protocol dot1q

switchport trunk allowed vlan 20, 810

!

on both C6500 devices where 810 is a vlan you create

+

interface vlan 810

ip address x.y.z.k 255.255.255.252

where x.y.z.k is only a place holder

the fact that Vlan 20 exists on both sides doesn't mean that you can use the same IP subnet unless you create an end to end L2 path in Vlan 20 if a routed link is in between you have half hosts in one side and half hosts in the other side according to your network diagram

Take care

Hope to help

Giuseppe

Ignacio Rios · ‎05-26-2011

Guiseppe,

I had a typo in the first post, th OSPF paths start at 141.59.24.128 255.255.255.252. We subnetted it on purpose thinking that our OSPF would advertise the 131.58.24.1 255.255.255.128 because we have:

router ospf 10

network 141.59.0.0 0.0.255.255 area 0

We figured if its the same area it would be seen....

Thank you for your response!

davy.timmermans · ‎05-26-2011

If I check your drawing, there's a L3 link between the two 6500 but all devices are IP'd in the same range.

If that's the case, it's normal you can't ping a device from the same vlan which resides on another L3 segment. Coz the vlan subnet will appear as connected on the local 6500 and thus forwarded in this layer 2 domain.

Best solution: dual uplinks to each core

Other solution: Connect the 3560 with at least allowing the management vlan

other solution: Use for side right another management subnet

Ignacio Rios · ‎05-26-2011

We just grabbed another Class B and subnetted it. Obviously didn't really think the first idea through all the way. Thanks for the help!

Working now!