Pinging of VLANS (Core and Access Switch)

dianawinskymartin · ‎10-04-2024

Have you ever experienced VLAN issues? I'm facing an issue where my laptop should be able to ping all VLANs, but it can only ping the VLAN it's assigned to.

Here's what I encountered:

1. I enabled IP routing on the C9500, but when I run the "show run" command, I don't see it listed.
2. VLAN routing seems to be working on the core switch when I test communication between VLANs by using the command "ping [VLAN 10 SVI] source [VLAN 20 SVI]". The VLANs can ping each other from the core switch.
3. However, when I test from a laptop connected to an access switch (set to access mode for VLAN 10), the laptop can only ping its own gateway, and can't reach other VLANs.

For the setup: The core switch connection to the access switch is configured as a trunk, and the access switch uplink is also trunked. It's strange that VLAN pinging isn't working from the laptop even if I use another laptop and other ports that are in access mode to its own designated vlan

MHM Cisco World · ‎10-04-2024

can you share topolgy to understand why ping failed

MHM

balaji.bandi · ‎10-04-2024

New IOS XE new code default ip routing enabled - you see when you issue command as below :

#show run all | in routing

2. VLAN routing seems to be working on the core switch when I test communication between VLANs by using the command "ping [VLAN 10 SVI] source [VLAN 20 SVI]". The VLANs can ping each other from the core switch.

This is inside Cat 9500 so you have routing working as expected.

3. However, when I test from a laptop connected to an access switch (set to access mode for VLAN 10), the laptop can only ping its own gateway, and can't reach other VLANs.

how is this access switch configured as Layer 2 or Layer 3, how is routing configured on the access switch ? defaul-gateway or ip routing enabled ? what access switches ?

Can you provide show output if VLAN SVI :

show run interface vlan 10 and 20

show run interface x/x (connected link betweek Core and Access switch)

show ip route (from access switch)

ipconfig /all from Device you trying to test.

ping from Device to gateway and otehr gateway ( also traceroute information to gateway IP and other VLAN IP).

 It's strange that VLAN pinging isn't working from the laptop even if I use another laptop and other ports that are in access mode to its own designated vlan

is this mean you are not able to ping own Gateway of the vLAN ? did you created VLANS on the access switch - make sure you have spanning tree running (Hope trunk allowed all the VLAN )

what IP address access switch has, does the device allocated IP from DHCP or static ? are you using Gateway of Access switch IP or Core VLAN SVI IP ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dianawinskymartin · ‎10-04-2024

access switch configured as layer 2. I used catalyst 1300 model.

I have also created vlans in access switch

the ip address of access switch is static and belong to vlan management, so the gateway is core vlan svi ip

balaji.bandi · ‎10-04-2024

have requested some information - so we can look and advise..

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dianawinskymartin · ‎10-04-2024

sorry, I cannot give some information since I'm doing remote to the client and I don't have a screenshot. But here's what I have got the sh run output. I deleted some parts and get only the necessary info
version 17.9
!
hostname CORE_SWITCH
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family

!
no ip domain lookup
ip dhcp excluded-address 192.20.10.1 192.20.10.10
ip dhcp excluded-address 192.20.20.1 192.20.20.10
ip dhcp excluded-address 192.20.50.1 192.20.50.10
!
ip dhcp pool VLAN10
network 192.20.10.0 255.255.255.0
default-router 192.20.10.1
!
ip dhcp pool VLAN20
network 192.20.20.0 255.255.255.0
default-router 192.20.20.1
!
ip dhcp pool VLAN50
network 192.20.50.0 255.255.254.0
default-router 192.20.50.1
!
!
login on-success log
vtp version 1
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
transceiver type all
monitoring
!
!
!
interface Port-channel2
description CORE SWITCH UPLINK
switchport mode trunk
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 192.20.40.10 255.255.255.0
negotiation auto
!
interface TwentyFiveGigE1/0/1
description CORE SWITCH TO ACCESS SWITCH
switchport trunk native vlan 999
switchport trunk allowed all
switchport mode trunk
!
interface TwentyFiveGigE1/0/48
switchport mode trunk
channel-group 2 mode active
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.20.10.1 255.255.255.0
!
interface Vlan20
ip address 192.20.20.1 255.255.255.0
!
interface Vlan30
ip address 192.20.30.1 255.255.254.0
!
interface Vlan40
ip address 192.20.40.1 255.255.255.0
!
interface Vlan50
ip address 192.20.50.1 255.255.254.0
end

balaji.bandi · ‎10-05-2024

This is on the Cat 9500 switch config - How about access switch configuration.

Are you running VTP environment, if not make it VTP transparent on both the switches.

is the DHCP working ? i would also advice to create Native vlan 999 on both the switches. (if you are not using default vlan 1 as native).

as i requested before show ip route output is important here now on from CORE switch and Access switch.

Best Practice make CORE switch as Spanning root for all the VLAN, accedentally Access switch should not become as root for all the VLAN, this have other side effects.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dianawinskymartin · ‎10-05-2024

Dhcp is working. Native vlan also created in both switch.

What do you mean by vtp? Can you please enlighten me on this? And its example config, as well as to spanning root. Thanks

dianawinskymartin · ‎10-05-2024

But why in my testing in packet tracer, commands that i paste in c9500 and c1300 is working. But when it comes to real device, it didn't work.

balaji.bandi · ‎10-05-2024

show vtp status show you are you running VTP transparent as Server (this is not related to that issue you reported - but worth noting)

as i requested before show ip route output is important here now on from CORE switch and Access switch.

But why in my testing in packet tracer, commands that i paste in c9500 and c1300 is working. But when it comes to real device, it didn't work.

There may be difference when you paster depends on the version, does the PT have cat 9500 IOS XE ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dianawinskymartin · ‎10-05-2024

ah, I didn't get a screenshot of the output of "show ip route" since I'm doing a remote session with the client, but I also use this command for troubleshooting.

I quietly remember the output:

C 192.20.10.0/24 is directly connected, Vlan10
L 192.20.10.1/32 is directly connected, Vlan10
C 192.20.20.0/24 is directly connected, Vlan20
L 192.20.20.1/32 is directly connected, Vlan20
C 192.20.30.0/23 is directly connected, Vlan30
L 192.20.30.1/32 is directly connected, Vlan30
C 192.20.40.0/24 is directly connected, Vlan40
L 192.20.40.1/32 is directly connected, Vlan40
C 192.20.50.0/23 is directly connected, Vlan50
L 192.20.50.1/32 is directly connected, Vlan50

balaji.bandi · ‎10-06-2024

unfortunatly you posting less output, can you post complete show ip route.

also below information requestedm if you looking to solve the issue easy way :

Can you provide show output if VLAN SVI :

show run interface vlan 10 and 20

show run interface x/x (connected link betweek Core and Access switch)

show ip route (from access switch)

ipconfig /all from Device you trying to test.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎10-05-2024

Since mgmt VLAN in vrf then try

Ip vrf mgmt 0.0.0.0 0.0.0.0 <next-hop>

MHM

balaji.bandi · ‎10-05-2024

Since mgmt VLAN in vrf then you need 

Ip vrf mgmt 0.0.0.0 0.0.0.0 <next-hop>

i was not sure intervlan routing related to MGMT VRF hee ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

dianawinskymartin · ‎10-05-2024

i was thinking the same. I don't think it has an effect on my encountered issue, I think that's the default "mgmt vrf" since I only input the IP address in int g0 to access the webui or management GUI of the core switch.