I have a problem that I don´t undertand that is happening in my network.
I have one architecture like the bottom picture. PC1 and PC2 have internet. However when I do one ping from PC1 to PC2 I have no answer. If I do one ping from L3 switch to PC2 I has ping.
Which could be the problem?
These are the route and AC list.
S* 0.0.0.0/0 [1/0] via 10.0.0.254 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.0.0.0/16 is directly connected, Vlan2 L 10.0.0.1/32 is directly connected, Vlan2 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.0.0/16 is directly connected, Vlan10 L 172.16.0.254/32 is directly connected, Vlan10 172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.17.0.0/16 is directly connected, Vlan20 L 172.17.0.254/32 is directly connected, Vlan20 172.18.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.18.0.0/16 is directly connected, Vlan30 L 172.18.0.254/32 is directly connected, Vlan30 C 192.168.0.0/16 is directly connected, Vlan1 192.168.1.0/32 is subnetted, 1 subnets L 192.168.1.1 is directly connected, Vlan1
Standard IP access list 1 10 permit 192.168.0.0, wildcard bits 0.0.255.255 20 permit 172.16.0.0, wildcard bits 0.0.255.255 30 permit 172.17.0.0, wildcard bits 0.0.255.255 40 permit 10.0.0.0, wildcard bits 0.0.255.255 50 permit 172.18.0.0, wildcard bits 0.0.255.255 Standard IP access list 23 10 permit 192.168.0.0, wildcard bits 0.0.255.255 (16 matches) 20 permit 172.16.0.0, wildcard bits 0.0.255.255 30 permit 172.17.0.0, wildcard bits 0.0.255.255 40 permit 10.0.0.0, wildcard bits 0.0.255.255 (2 matches) 50 permit 172.18.0.0, wildcard bits 0.0.255.255 Extended IP access list preauth_ipv4_acl (per-user) 10 permit udp any any eq domain 20 permit tcp any any eq domain 30 permit udp any eq bootps any 40 permit udp any any eq bootpc 50 permit udp any eq bootpc any 60 deny ip any any IPv6 access list preauth_ipv6_acl (per-user) permit udp any any eq domain sequence 10 permit tcp any any eq domain sequence 20 permit icmp any any nd-ns sequence 30 permit icmp any any nd-na sequence 40 permit icmp any any router-solicitation sequence 50 permit icmp any any router-advertisement sequence 60 permit icmp any any redirect sequence 70 permit udp any eq 547 any eq 546 sequence 80 permit udp any eq 546 any eq 547 sequence 90 deny ipv6 any any sequence 100
NaveNueva#sh vtp status VTP Version capable : 1 to 3 VTP version running : 1 VTP Domain Name : VTP Pruning Mode : Disabled VTP Traps Generation : Disabled Device ID : 58ac.7899.9980 Configuration last modified by 192.168.1.1 at 9-28-17 13:55:37 Local updater ID is 192.168.1.1 on interface Vl1 (lowest numbered VLAN interface found) Feature VLAN: -------------- VTP Operating Mode : Server Maximum VLANs supported locally : 1005 Number of existing VLANs : 11 Configuration Revision : 8 MD5 digest : 0xDC 0x0A 0x56 0x0B 0x41 0x44 0x23 0xD6 0xD4 0x68 0xA0 0x47 0x5B 0x97 0xD3 0x01
NaveNueva#show interface gig 1/0/10 trunk Port Mode Encapsulation Status Native vlan Gi1/0/17 on 802.1q trunking 1 Port Vlans allowed on trunk Gi1/0/17 1-3,10,20,30,40,50,1002-1005 Port Vlans allowed and active in management domain Gi1/0/17 1-2,10,20,30 Port Vlans in spanning tree forwarding state and not pruned Gi1/0/17 1-2,10,20,30
I did not find the picture. The configuration from devices is also too difficult to read. Put as txt attached or insert as code by using the simble </> above.
Also, send me the route table from both PC.
-If I helped you somehow, please, rate it as useful.-
Is PC1 using the linksys router as its default gateway (10.0.0.254) ? If so, does that router have a route to VLAN1 ? Something like:
! ip route 192.168.0.0 255.255.0.0 10.0.0.1 !
The output is the next ( I have summaried it)
Switch#sh mac add | include 1/0/5 2 547c.6946.ef30 DYNAMIC Gi1/0/5 Switch#sh mac add | include 1/0/10 2 fcaa.14ce.8a9e DYNAMIC Gi1/0/8 Switch#sh ip arp vlan 2 Protocol Address Age (min) Hardware Addr Type Interface Internet 10.0.0.1 - 58ac.7899.99f7 ARPA Vlan2 Internet 10.0.0.254 0 c056.2773.3167 ARPA Vlan2 Internet 10.0.0.71 137 fcaa.14ce.8a9e ARPA Vlan2 NaveNueva#sh ip arp vlan 1 Internet 192.168.11.100 0 0024.9b23.04dd ARPA Vlan1
It seems all right, doesn't it?
This output looks to have been edited too much! :)
sh mac add | include 1/0/10
Shows a mac address on 1/0/8
Also I assume the output was all gathered on the same L3 switch (3560), but the hostname changes from Switch to NaveNueva .
Can you provide the following output (un-summarised):
sh mac add dyn vlan 1
sh mac add dyn vlan 2
sh ip arp vlan 1
sh ip arp vlan 2
Also what are the MAC addresses of PC1 and PC2?
sh mac add | include 1/0/10
Yes, I have edited fastly becouse I had changed the PC's port and I want to keep the picture scenario.
Now it is the port 8.
NaveNueva#sh mac add | include 1/0/8 2 fcaa.14ce.8a9e DYNAMIC Gi1/0/8
Also I assume the output was all gathered on the same L3 switch (3560), but the hostname changes from Switch to NaveNueva
Yes, I forget edit the name of NaveNueva to Switch sorry.
sh mac add dyn vlan 1 . . . 1 0024.9b23.04dd DYNAMIC Gi1/0/17 . . . (This is my Mac PC 1) . .sh mac add dyn vlan 2 .... 2 fcaa.14ce.8a9e DYNAMIC Gi1/0/8 (This is Mac PC 2) sh ip arp vlan 1 Internet 192.168.11.100 0 0024.9b23.04dd ARPA Vlan1 (PC 1 ip) sh ip arp vlan 2 Internet 10.0.0.71 34 fcaa.14ce.8a9e ARPA Vlan2 (PC 2 ip)