cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2172
Views
73
Helpful
40
Replies
Highlighted
Beginner

ping hsrp gateway from svi

Hello people,

This is no doubt a simple one however cant work out whats wrong..

I have a c3750 switch to switch connection.. looks like this.. (attached..)


I cannot ping the standby ip 10.128.16.137/29 from the top switch...

Switch config as follows:
interface GigabitEthernet1/0/8
description ada
switchport access vlan 71
switchport mode access

interface Vlan71
description ada
ip address 10.128.16.140 255.255.255.248

sh ip route output:
C       10.128.16.136/29 is directly connected, Vlan71

I dont have control of the 2 bottom switches as they are client ones..

there will be a 2nd switch installed at my end(top of diagram) sometime  soon so that a second connection can be made to the second switch.. I  will then use hsrp too...

What can be wrong?

thanks in advance..

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

And to answer your question, you can use BPDU filter in this case, but I recommend this type of workaround only when necessary.  If you can get the job done with a simpler configuration, then that's the way to go.

View solution in original post

40 REPLIES 40
Highlighted
Enthusiast

The link between your switches are in different vlans. Top switch is in vlan 71 and bottom is in vlan 12. Either you should have a trunk and allow the vlans or put both in the same vlan.

HTH,

Ian

Highlighted

Its shouldnt matter if they are on diff vlans as they are only tagged if on a trunk no?

I did try with the same vlans anyways and still no joy.

thanks for your prompt response! Im really scratching my head with this as its such a simple setup...

anymore ideas please?

Highlighted

They are only tagged if on a trunk, but two different vlans can't comunicate between each other without layer 2-3 resolution. You cannot connect switches together as in your diagram and expect them to work because it is a direct link and no router inbetween to route between the vlans.

Highlighted
Hall of Fame Guru

Can you ping the physical interface IPs ie. 137 & 138 ?

Are you sure there are no acls applied on the bottom switches ?

Can you make sure you are using extended ping from your switch with source IP of .140

Edit - or just ignore all that and listen to Ian who is obviously more on the ball than me today

Jon

Highlighted
Advisor

Hi,

Int Vlan71 is in same subnet as Int Vlan12, if you do a debug arp on the top switch while pinging you will see no replies and a sh arp will have an incomplete entry for the VIP on bottom switch.

Regards.

Alain.

Don't forget to rate helpful posts.
Highlighted

spot on!

i used debug arp and then tried to ping:

sh arp output:

Internet  10.128.16.137           0   Incomplete      ARPA

how do I get around this?

is the only answer to use a routed port with the ip addressing I have?

I want to use a vlan int for my side and then run hsrp when I get my 2nd switch in place.

Thanks in advance!

Highlighted

If you can't modify the config of the bottom switches either -

1) change vlan 71 to vlan 12 ie. the switchport on your switch into vlan 12 and modify the SVI to be int vlan 12

or

2) make the port on your switch a routed port with the vlan 71 ip address.

Jon

Highlighted

I have done just that :

I created vlan12 and added to the switch int

still no joy..

config is below :

interface GigabitEthernet1/0/8
description ada
switchport access vlan 12

interface Vlan12
ip address 10.128.16.140 255.255.255.248

C       10.128.16.136/29 is directly connected, Vlan12

The above should work no?

sh arp:

Internet  10.128.16.137           0   Incomplete      ARPA

Could there be something configured at the remote end blocking?

Highlighted

Yes there could be ie. an access-list on their L3 SVIs.

Can you ping the physical IPs ?

Jon

Highlighted

No I cannot, I have tried all 3 ip's .137 .138 and .139

no reply from each..

its probably an access list at the remote end.. I will fire off a mail to the remote end tech and see what he says..

Highlighted

Could you do sh   ip int br | be Vlan12

Regards.

Alain.

Don't forget to rate helpful posts.
Highlighted

ran the command:

sh ip int brief | begin vlan12

recieved no output at all?

I did sh int br    

and vlan12 is up up..

with the following info:

Vlan12                10.128.16.140   YES manual up                    up

Highlighted

Can you do a show cdp neighbor (if neighbouring switches are Cisco)?

Also post a show spanning-tree vlan 12?

Looks like a L2 issue if not the acls as already mentioned.

Highlighted

you genius!

sh spanning tree vlan12


VLAN012
  Spanning tree enabled protocol rstp
  Root ID    Priority    33480
             Address     ecc8.8290.4680
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    33480  (priority 32768 sys-id-ext 712)
             Address     ecc8.8290.4680
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi1/0/1          Desg FWD 4         128.1    P2p
Gi1/0/2          Desg FWD 4         128.2    P2p
Gi1/0/7          Desg FWD 4         128.7    P2p
Gi1/0/8          Desg BKN*4         128.8    P2p *TYPE_Inc <--------- This port is blocking!

how do unblock this port and force another to block instead?

is the best way to change the priority? Please can you give me the commands if possible

to add to this please see detail output below:

Port 8 (GigabitEthernet1/0/8) of VLAN012 is broken  (Port Type Inconsistent)
  Port path cost 4, Port priority 128, Port Identifier 128.8.
  Designated root has priority 32768, address 001c.7308.df64
  Designated bridge has priority 33480, address ecc8.8290.4680
  Designated port id is 128.8, designated path cost 4
  Timers: message age 0, forward delay 13, hold 0
  Number of transitions to forwarding state: 1
  Link type is point-to-point by default
  BPDU: sent 3991, received 4015

What can I do to fix this?

Content for Community-Ad