04-08-2011 05:15 AM - edited 03-06-2019 04:30 PM
Hello people,
This is no doubt a simple one however cant work out whats wrong..
I have a c3750 switch to switch connection.. looks like this.. (attached..)
I cannot ping the standby ip 10.128.16.137/29 from the top switch...
Switch config as follows:
interface GigabitEthernet1/0/8
description ada
switchport access vlan 71
switchport mode access
interface Vlan71
description ada
ip address 10.128.16.140 255.255.255.248
sh ip route output:
C 10.128.16.136/29 is directly connected, Vlan71
I dont have control of the 2 bottom switches as they are client ones..
there will be a 2nd switch installed at my end(top of diagram) sometime soon so that a second connection can be made to the second switch.. I will then use hsrp too...
What can be wrong?
thanks in advance..
Solved! Go to Solution.
04-11-2011 09:27 AM
And to answer your question, you can use BPDU filter in this case, but I recommend this type of workaround only when necessary. If you can get the job done with a simpler configuration, then that's the way to go.
04-08-2011 05:40 AM
The link between your switches are in different vlans. Top switch is in vlan 71 and bottom is in vlan 12. Either you should have a trunk and allow the vlans or put both in the same vlan.
HTH,
Ian
04-08-2011 05:49 AM
Its shouldnt matter if they are on diff vlans as they are only tagged if on a trunk no?
I did try with the same vlans anyways and still no joy.
thanks for your prompt response! Im really scratching my head with this as its such a simple setup...
anymore ideas please?
04-08-2011 07:32 AM
They are only tagged if on a trunk, but two different vlans can't comunicate between each other without layer 2-3 resolution. You cannot connect switches together as in your diagram and expect them to work because it is a direct link and no router inbetween to route between the vlans.
04-08-2011 05:41 AM
Can you ping the physical interface IPs ie. 137 & 138 ?
Are you sure there are no acls applied on the bottom switches ?
Can you make sure you are using extended ping from your switch with source IP of .140
Edit - or just ignore all that and listen to Ian who is obviously more on the ball than me today
Jon
04-08-2011 05:45 AM
Hi,
Int Vlan71 is in same subnet as Int Vlan12, if you do a debug arp on the top switch while pinging you will see no replies and a sh arp will have an incomplete entry for the VIP on bottom switch.
Regards.
Alain.
04-08-2011 06:00 AM
spot on!
i used debug arp and then tried to ping:
sh arp output:
Internet 10.128.16.137 0 Incomplete ARPA
how do I get around this?
is the only answer to use a routed port with the ip addressing I have?
I want to use a vlan int for my side and then run hsrp when I get my 2nd switch in place.
Thanks in advance!
04-08-2011 06:05 AM
If you can't modify the config of the bottom switches either -
1) change vlan 71 to vlan 12 ie. the switchport on your switch into vlan 12 and modify the SVI to be int vlan 12
or
2) make the port on your switch a routed port with the vlan 71 ip address.
Jon
04-08-2011 06:27 AM
I have done just that :
I created vlan12 and added to the switch int
still no joy..
config is below :
interface GigabitEthernet1/0/8
description ada
switchport access vlan 12
interface Vlan12
ip address 10.128.16.140 255.255.255.248
C 10.128.16.136/29 is directly connected, Vlan12
The above should work no?
sh arp:
Internet 10.128.16.137 0 Incomplete ARPA
Could there be something configured at the remote end blocking?
04-08-2011 06:30 AM
Yes there could be ie. an access-list on their L3 SVIs.
Can you ping the physical IPs ?
Jon
04-08-2011 06:35 AM
No I cannot, I have tried all 3 ip's .137 .138 and .139
no reply from each..
its probably an access list at the remote end.. I will fire off a mail to the remote end tech and see what he says..
04-08-2011 06:31 AM
Could you do sh ip int br | be Vlan12
Regards.
Alain.
04-08-2011 06:41 AM
ran the command:
sh ip int brief | begin vlan12
recieved no output at all?
I did sh int br
and vlan12 is up up..
with the following info:
Vlan12 10.128.16.140 YES manual up up
04-08-2011 07:32 AM
Can you do a show cdp neighbor (if neighbouring switches are Cisco)?
Also post a show spanning-tree vlan 12?
Looks like a L2 issue if not the acls as already mentioned.
04-08-2011 07:51 AM
you genius!
sh spanning tree vlan12
VLAN012
Spanning tree enabled protocol rstp
Root ID Priority 33480
Address ecc8.8290.4680
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 33480 (priority 32768 sys-id-ext 712)
Address ecc8.8290.4680
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/2 Desg FWD 4 128.2 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg BKN*4 128.8 P2p *TYPE_Inc <--------- This port is blocking!
how do unblock this port and force another to block instead?
is the best way to change the priority? Please can you give me the commands if possible
to add to this please see detail output below:
Port 8 (GigabitEthernet1/0/8) of VLAN012 is broken (Port Type Inconsistent)
Port path cost 4, Port priority 128, Port Identifier 128.8.
Designated root has priority 32768, address 001c.7308.df64
Designated bridge has priority 33480, address ecc8.8290.4680
Designated port id is 128.8, designated path cost 4
Timers: message age 0, forward delay 13, hold 0
Number of transitions to forwarding state: 1
Link type is point-to-point by default
BPDU: sent 3991, received 4015
What can I do to fix this?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: