Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2485
Views
5
Helpful
8
Replies

Problem with routing on a 3560 layer 3 switch

Go to solution
Simoniscool
Level 1
Level 1

‎04-19-2017 11:07 AM - edited ‎03-08-2019 10:15 AM

Hi Everyone,

Ive searched for answers for this and from the tutorials I read etc I couldn't find anything wrong with what I was doing.

I have a switch which I use just when I need one for something. Today i want to configure a little 3G / wifi router which I bought. It has a static IP in a different subnet to my network.

On my switch I have my pc and broadband router on access ports in vlan 100. and my 3g router on a routed port with ip in that router's subnet.

vlan 100 has ip 192.168.0.2/28
my pc has ip 192.168.0.7/28

3g router IP 192.168.100.1 - subnet unspecified, assuming /24

I have the ip routing command in

output of show ip route looks like this:

Gateway of last resort is 192.168.0.1 to network 0.0.0.0

192.168.0.0/28 is subnetted, 1 subnets

C 192.168.0.0 is directly connected, Vlan100

C 192.168.100.0/24 is directly connected, FastEthernet0/23

S* 0.0.0.0/0 [1/0] via 192.168.1.1

sh ip int brief:

FastEthernet0/1 unassigned YES unset up up         --PC

FastEthernet0/2 unassigned YES manual up up      --Broadband Router

FastEthernet0/23 192.168.100.2 YES manual up up  --3G router

Vlan100 192.168.0.2 YES manual up up

 

I can ping everything from the switch, but if I do:

ping 192.168.100.1 source vlan 100
it fails.

The goal is to ping and connect to the 3G router from the PC, but the switch does not appear to be routing.

I recreated this in packet tracer and found that the ping from the PC gets sent to the broadband router (default gateway) and that router doesnt know about the 192.168.100.0 network. I dont understand why the switch seems to read the destination MAC as the port where the default gateway is before it looks at layer 3.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Simoniscool

‎04-19-2017 12:14 PM

When you ping the 3G device using the vlan 100 interface IP as the source then when the 3G device tries to send a return packet it needs to know how to get to 192.168.0.2 so it needs a route ie. in Cisco terminology -

"ip route 192.168.0.0 255.255.255.248 192.168.100.2"

although obviously on the 3G device the syntax will be different.

As for your PC you should be able to ping 192.168.100.2 so not sure what is happening there but first add that route then we can look at the PC.

Jon

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎04-19-2017 11:31 AM

There are a number of things about this situation that we do not know and having more information might help us to give better answers. But based on what you have told us so far I would guess that the problem here is with the 3G/wireless router and its default gateway (its default gateway being one of the things that we do not know).  If the switch normal ping to the 3G router is successful but switch ping to 3G specifying a "remote" source fails is a classic symptom of default gateway issues with the 3G.

I also note this from what you have posted

S* 0.0.0.0/0 [1/0] via 192.168.1.1

The switch seems to have the correct gateway of last resort. But this static route is problematic since its next hop is not an address that the switch knows how to reach.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Simoniscool
Level 1
Level 1
In response to Richard Burts

‎04-19-2017 12:02 PM

Hi Rick,

Thanks for your help. Im not 100% I understand what you mean, I assumed the 3G router was a gateway with an interface IP of 192.168.100.1, and wouldnt have another gateway specified. At the moment it is out of the box, and does not have an internet dongle attached. I only intend to use it as a wifi hotspot with an arduino board on the ethernet port.  (I could just set up my pc on the same subnet but I wanted to learn about layer 3 routing on a switch which is why im going through this trouble lol)

And your last satement about the static route, I can access the internet no problem from my PC because the PC and the broadband router are both on access ports on vlan 100.  192.168.0.1 is in the arp table on Fa0/2 so I think thats how it knows how to reach it.

Also i should mention, I cannot ping the Fa0/23 interface IP from the PC either, which I thought indicated that the switch is not routing the packet at layer 3 at all because it does have the route to the 192.168.100.0 subnet via Fa0/23.

Interestingly the ping from PC just times out, but in packet tracer the reply "destination unreachable" came from 192.168.0.1 (so obviously your right about the static route issue I think)

I removed the static route, and now I can ping 192.168.100.2 source vlan 100
but i still cannot ping 192.168.100.1 source vlan 100

and I cant ping either address from the PC still :(

0 Helpful

Go to solution
Simoniscool
Level 1
Level 1
In response to Simoniscool

‎04-19-2017 12:10 PM

Update, Ive just noticed I can ping vlan100 on the switch ok from the PC, but cannot ping the PC from the switch!!??
Im guessing probably my AV or something cos thats just stupid lol 

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Simoniscool

‎04-19-2017 12:14 PM

When you ping the 3G device using the vlan 100 interface IP as the source then when the 3G device tries to send a return packet it needs to know how to get to 192.168.0.2 so it needs a route ie. in Cisco terminology -

"ip route 192.168.0.0 255.255.255.248 192.168.100.2"

although obviously on the 3G device the syntax will be different.

As for your PC you should be able to ping 192.168.100.2 so not sure what is happening there but first add that route then we can look at the PC.

Jon

0 Helpful

Go to solution
Simoniscool
Level 1
Level 1
In response to Jon Marshall

‎04-19-2017 12:50 PM

Right ok, so its like asymetric routing? The 3G router doesnt know where the 192.168.0.0 network is? And its default gateway is probably its 3/4G interface which is a usb.

So solution is basically then, unless I can configure the 3G router with a route back to my network, I need to just put my pc and switch onto 192.168.100.0/24.

Many thanks

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Simoniscool

‎04-19-2017 12:58 PM

No problem although I should point out Rick mentioned the same issue.

Just for your info, it's not asymmetric routing, it is just no routing ie. the 3G device would simply drop the packet because it had no route. Asymmetric routing is a packet takes one path one way and another path on the return but the ping would still work with asymmetric routing.

Jon

0 Helpful

Go to solution
Simoniscool
Level 1
Level 1
In response to Jon Marshall

‎04-19-2017 01:04 PM

Haha yes I know it just didnt quite click with me until I read it again from you lol, thanks to both of you then

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎04-19-2017 12:58 PM

When a device, such as your 3G router, needs to communicate with an IP in a remote subnet (such as your ping with source of vlan 100) there are two ways for this to work:

1) it can have a route for that subnet configured (which is what Jon talks about)

2) it can have a default gateway (which is what I mentioned) usually set up by configuring a default route

The device needs one or the other (or perhaps both) to be able to communicate with an IP in a remote subnet. The symptoms you describe indicate that it has neither.

As far as the PC is concerned, I believe that the most recent update was that the PC is now able to ping vlan 100. So that seems to validate that the switch is routing. As far as not being able to ping the PC is concerned, I would assume that there is some firewall or security policy on the PC that is not allowing ping.

HTH

Rick

HTH

Rick
Customers Also Viewed These Support Documents