cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4635
Views
2
Helpful
12
Replies

Routing problem in cisco packet tracer

MattLemonade1
Level 1
Level 1

Hello together

I have a problem where I slowly lose my mind.

I have built a network in Cisco Packet Tracer. With access switches (2960-24TT) which is connected to a multilayer switch 3650-24PS and this is connected to a core router (2911). Since this should be redundant, there are 4 access switches, 2 distribution switches and 2 core routers at site A. RSTP is enabled on the switches and OSPF on the router.

If I now want to send a ping from a computer in the VLAN to core router 1, it always fails.

What has been done:

Gateway defined for each VLAN
Access switch interface is on trunk to distribution switch
Distribution switch has ip-routing enabled and VLAN 1 has an IP address configured and is connected to the core router via ACCESS VLAN 1.
On the switch Gateway of last restort the IP address of the router is entered.

What am I missing?

Attached is a screenshot of my configuration and briefly plotted from where to where this works. I'm still learning everything but it gives me some headache right now.

Thanks a lot for your time and knowledge!

Best,
MattLemonade1

12 Replies 12

Hello,

 

You can provide your PT in a zipped file here so we can better take a look. First thought is even though routing is enabled you still need a routing protocol enabled between the DSW and the routers. Your packets may be reaching the router with the default GW but the router doesn't know how to send return traffic as it wont know what the networks are.

Try adding the following on the DSW and router:

conf t

router eigrp 1

network 0.0.0.0 255.255.255.255

 

-David

MattLemonade1
Level 1
Level 1

Hello @David Ruess 

Thanks a lot for your message!! I'm only allowed to use ospf, rstp and fhrp in this test case.

OSPF and RSTP are configured but fhrp not yet (because i'm not sure how to do it). The project is really complex by now but i really really appreciate your time. RSTP is configured on the dist-switches and access-switches. OSPF on all core-routers and the neighbors networks from each router. Location A (the left side) has a direct internet connection and provides location B internet access. Each side has their own vlan-architecture (when everything work, i will make some access-list settings on the layer-3 switch)

Attached the zipfile and again, thank you so much!

MattLemonade1

If you can only use OSPF then you can do that instead of EIGRP. Also I didnt see a password and I cannot get into your devices.

MattLemonade1
Level 1
Level 1

@David Ruess 

Sorry for the late reply! That is correct, I forgot to include the password. I have now reconfigured this and each system and the VTP have the password 1234. I have also attached notes with what I have done. The "new" file is now attached here.

Thank you very much!

zh-alt-cr01 does not have route to PC 10.0.20.5.  L3 switch and router have default routes but not detailed route back to vlan PC. PC's default gateway is 10.0.20.1. I would assume that network (and other vlans 30,40,60) should be advertised inside your network. Normally, L3 device that is default gateway for PCs should be advertise those routes to others.  So,  I would advertise networks belonging to vlans via OSPF. 

Regards, ML
**Please Rate All Helpful Responses **

 

MattLemonade1
Level 1
Level 1

@Martin L 

Hey Martin! Thank you for your time and explaination!

Okey I understand and I thank you! That means, I have to enter the subnets of all VLANS to every router in the OSPF or only to the router which is connected to the Layer-3-Switches?

And the routing I'm still trying to understand more precisely. I have defined the VLANS and their gateway on the Layer 3 switch. So I can add each VLAN subnet on the layer 3 switch and the core router 1 as gateway. On the core router 1 I can enter any VLAN subnet and the IP address of the layer 3 switch (the one I have defined for VLAN 1) or that of the respective gateway of the VLANS? And from Core-Router-1 to the ASA and back the routing would look like?

And thanks for the time and explanation!

not to every router in the OSPF, only L3 switch that has that network connected directly should advertise such network to others. So, add each VLAN 20, 30,40,60 subnets on the layer 3 switch but not on the near core routers. It would not make sense for me to advertise vlan x when I don't have it; aka its not directly connected to me.  Then, L3 switch should pass vlan 20 network advertisement to near routers via ospf route exchange.

you can use "all my networks" shortcut command:

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

but I would use more precise command network 10.0.20.0 0.0.0.255 area 0 to advertise vlan 20 via ospf on L3 switch who has that network (left switch).  I can add More info on network command later if u do not see difference.

Regards, ML
**Please Rate All Helpful Responses **

MattLemonade1
Level 1
Level 1

@Martin L 

Thank you for your explanation! I was able to successfully build the routing from router 1 to PC!!! But now I ask myself the following question (I made another screenshot). I did NOT configure OSPF on the layer 3 switches (I thought it was not possible) but on all core routers. In addition, I have RSTP in use and the DS01 is currently the root bridge. Does this mean if I do a static routing on core router 2 (zh-alt-cr02) for the VLANS, it won't work or? Because it is connected to DS02 but DS01 is currently rootbridge. That means the packets should actually make their way to core router 1 via this ASA, is this correct? Then it would make sense here to establish another connection core router 1 to DS02 and from core router 2 to DS1 or?

Regards,
MattLemonade1

no, RSPT is layer 2 tech that protects layer 2 domain from loops (prevents l2 loops). OSPF and static routing is l3 domain. Those 2 have little in common since they do different jobs.  your topology will need FHRP like HSRP which looks like is next step on "to do-list".  So, no, you do not need add more static routes in order for CR02 router to ping any PCs in any vlans.  That should be done by OSPF.  If you add network 0.0.0.0 255.255.255.255 area 0 to your 2 L3 switches and their neighboring routers, you should have connectivity to PCs. Note that network command under router ospf will tell router to find all local interfaces that are UP and start advertise them. (it is a shortcut command instead of listing each single locally connected subnet using network xyz commnad.)

Of course, you can add specific static routes here and there but it should be "special purpose use only".  Static default route is needed for all unknown destination like Internet (go via ASA, which is OK).

No, packets should not make their way to core router 1 via this ASA- unless you want them to do so. What is the ASA role/purpose in your topology ? Where will be your ISP - if there is one ?

Regards, ML
**Please Rate All Helpful Responses **

 

10.10.1.34

MattLemonade1
Level 1
Level 1

@Martin L 

You have no idea how much I value your time and information.

I think I now understand the topology as you described it. What I have done now is this:

Enabled OSPF on the layer 3 switches (DS1 & DS2) and added the subnets to the VLANs. I am currently trying to implement FHRP, but am still having trouble understanding what exactly I need to configure here and where I need to do it.

I have deployed the ASA so that I can simulate and display a DMZ with a web server and the ASA is connected to two routers that have an IP address in the public range (these simulate the ISP).

Kind regards,
MattLemonade1

PT comes with samples or examples of labs, u can find HSRP under file>open sample>hsrp folder.  This particular sample asking u to configure hsrp.

You could apply FHRP on routers or L3 switches, in your case u should use thiso 2 switches. 

Regards, ML
**Please Rate All Helpful Responses **

MattLemonade1
Level 1
Level 1

@Martin L 

Hey. I have implemented everything so and I can now achieve everything network technology. Now I am for hours on the FHRP configuration and fail with the logic. I understand the principle but can not implement this as I want.

Since I have two core routers at both locations, one of them should be the active and the other in standby, that is also the principle of FHRP.

Now I do not know exactly how to configure this. I have to do this from the ASA to the core router of the site and at site B from a connection router.

Question: I have from ASA to core router 1 the subnet 10.10.1.0/30 and from ASA to core router 2 the subnet 10.10.1.4/30. What can I take here on the interface of the core router as IP address, since I have in this subnet only two host IP addresses which are in use or? And the router which establishes a connection with the sites must also know which of them is the active router. The core router 1 is connected to the connection router in the subnet 10.10.1.8/30 and the core router 2 is connected to the connection router in the subnet 10.10.1.12/30. I've been thinking about this for ages, but honestly I fail. 

Thank you!

Regards,
MattLemonade1