Haha!

Something that seemingly was working is now not working... No inter vlan ip routing is not working:

Here is the redacted/obfuscated config:

!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service unsupported-transceiver
!
hostname XXXXXXXXXXXXX
!
boot-start-marker
boot-end-marker
!
username XXXXXXXXXXXXXXXXXXX
!
no aaa new-model
switch 1 provision ws-c3750-48ts
system mtu routing 1500
ip routing
ip dhcp excluded-address 10.10.1.1 10.10.1.99
ip dhcp excluded-address 10.10.2.1 10.10.2.99
!
ip dhcp pool v1
network 10.10.1.0 255.255.255.0
domain-name v1.XXXXXXXXXXXXX
dns-server 192.168.1.254
default-router 10.10.1.1
lease 30
!
ip dhcp pool v2
network 10.10.2.0 255.255.255.0
domain-name v2.XXXXXXXXXXXXX
dns-server 192.168.1.254
default-router 10.10.2.1
lease 30
!
crypto pki trustpoint XXXXXXXXXXXXXXXXXXXX

!
crypto pki certificate chain XXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
quit
!
no errdisable detect cause gbic-invalid
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending

!

interface FastEthernet1/0/12
switchport access vlan 2
switchport mode access
duplex full
!
interface FastEthernet1/0/25
switchport access vlan 3
switchport mode access
duplex full
!
interface FastEthernet1/0/47
switchport mode access
duplex full
!
interface FastEthernet1/0/48
switchport mode access
duplex full
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
ip address 10.10.1.1 255.255.255.0
!
interface Vlan2
ip address 10.10.2.1 255.255.255.0
!
interface Vlan3
ip address 10.10.3.1 255.255.255.0
!

ip default-gateway XXXXXXXXXXXXX
ip classless
ip route 0.0.0.0 0.0.0.0 XXXXXXXXXXXXX
ip http server
ip http secure-server
!
!
!
!
line con 0
line vty 0 4
privilege level 15
login local
transport input ssh
line vty 5 15
login
!
end

Ignoring the config issue to the RV325 for the moment, what have I done wrong her with inter vlan routing? After that I can tackle the RV325 setup... 

Thanks in advance,

MPA

Hi Rick,

Thanks for your response

Here's the answers to your questions...

Having poked about - inter vlan routing IS working except only on the VTP server (3750) I moved the two hosts from the 2950 to the 3750 and they can now ping each other - so we have an issue over the trunk perhaps?

Vlan3 are all servers manually configured with static IPs, gateways etc. - I'd be interested in any comments you have about this? Not best practice perhaps?

I also created Vlan100 for management, and Vlan99 for the RV325/gateway but please "ignore" for the moment...

My plan was to get Vlan1 and  Vlan3 working using a RV325 gateway - then do the other Vlans and ACL config after.

sh int status (redacted):
Port Name Status Vlan Duplex Speed Type
Fa1/0/9 notconnect 2 full auto 10/100BaseTX
Fa1/0/32 connected 3 full a-100 10/100BaseTX
Fa1/0/41 connected 1 full a-100 10/100BaseTX
Fa1/0/42 notconnect 1 full auto 10/100BaseTX
Fa1/0/43 connected 1 full a-100 10/100BaseTX
Fa1/0/44 notconnect 1 full auto 10/100BaseTX
Gi1/0/1 err-disabled 1 auto auto Not Present
Gi1/0/2 notconnect 1 auto auto Not Present
Gi1/0/3 notconnect 1 auto auto Not Present
Gi1/0/4 connected trunk a-full a-1000 unsupported

sh ip route:

Gateway of last resort is 10.10.99.2 to network 0.0.0.0

10.0.0.0/24 is subnetted, 5 subnets
C 10.10.1.0 is directly connected, Vlan1
C 10.10.2.0 is directly connected, Vlan2
C 10.10.3.0 is directly connected, Vlan3
C 10.10.99.0 is directly connected, Vlan99
C 10.10.100.0 is directly connected, Vlan100
S* 0.0.0.0/0 [1/0] via 10.10.99.2

sh int brief (redacted):

Interface IP-Address OK? Method Status Protocol
Vlan1 10.10.1.1 YES NVRAM up up
Vlan2 10.10.2.1 YES NVRAM up up
Vlan3 10.10.3.1 YES NVRAM up up
Vlan99 10.10.99.1 YES NVRAM up up
Vlan100 10.10.100.1 YES NVRAM up up
FastEthernet1/0/9 unassigned YES unset down down
FastEthernet1/0/32 unassigned YES unset up up
FastEthernet1/0/33 unassigned YES unset down down
FastEthernet1/0/41 unassigned YES unset up up
FastEthernet1/0/42 unassigned YES unset down down
FastEthernet1/0/43 unassigned YES unset up up
FastEthernet1/0/44 unassigned YES unset down down
FastEthernet1/0/45 unassigned YES unset down down
FastEthernet1/0/46 unassigned YES unset down down
FastEthernet1/0/47 unassigned YES unset down down
FastEthernet1/0/48 unassigned YES unset down down
GigabitEthernet1/0/1 unassigned YES unset down down
GigabitEthernet1/0/2 unassigned YES unset down down
GigabitEthernet1/0/3 unassigned YES unset down down
GigabitEthernet1/0/4 unassigned YES unset up up
 

sh arp:

Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.10.1.1 - 001a.e36c.ac40 ARPA Vlan1
Internet 10.10.3.1 - 001a.e36c.ac42 ARPA Vlan3
Internet 10.10.2.1 - 001a.e36c.ac41 ARPA Vlan2
Internet 10.10.1.5 10 5065.f357.bbfe ARPA Vlan1
Internet 10.10.99.1 - 001a.e36c.ac48 ARPA Vlan99
Internet 10.10.1.100 0 0050.b67e.4668 ARPA Vlan1
Internet 10.10.100.1 - 001a.e36c.ac49 ARPA Vlan100
Internet 10.10.100.2 99 0022.0d9b.0542 ARPA Vlan100
Internet 10.10.3.150 12 b827.eb25.49ac ARPA Vlan3

the 2960 responds to the address 10.10.100.2

thanks again

MPA

Hi Rick,

I think that I've done this wrong...

interface FastEthernet1/0/3
no switchport
ip address 10.10.98.1 255.255.255.0
duplex full

[...]

ip default-gateway 10.10.98.3
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.98.3

Is this what you meant?

or did you mean something like this:

interface FastEthernet1/0/3
switchport trunk encapsulation dot1q
switchport mode trunk

 [...]

interface Vlan98
ip address 10.10.98.1 255.255.255.0

[...]

ip default-gateway 10.10.98.3
ip classless
ip route 0.0.0.0 0.0.0.0 10.10.98.3

?

Thanks again

MPA

MPA

I have been on travel and am trying to catch up. Far a while there was concern about inter vlan routing. I believe that this is resolved. Is that correct?  A couple of posts ago there was mention of possible issues with the trunk to 2960. Is that resolved?

In this most recent post what you have done with FastE1/0/3 accomplishes what I was suggesting for routing between the 3750 and the RV325. It is a bit different from what I suggested, but in fact it is probably a bit better than what I suggested. So keep that. The alternative of making it a trunk interface is not what I was suggesting and I do not believe that you want to use that alternative.

HTH

Rick

Hi Rick,

The solution is slightly different than that you suggested but your replies helped reach the answer by a process of elimination...

1) You identified that the config I made should route inter-vlan. It does with that configuration. There was a different issue on one of the test hosts you could not have seen. Your question "How are hosts in vlan 3 getting IP addresses? What is their default gateway?" lead me to the mis-config of one of the hosts...

2) Your suggestion re connecting the RV325/3750, while probably correct, was based upon the premise that the RV325 doesn't use VTP... well it doesn't understand VTP but you can configure vlans on it... so as long as

a) the RV325 VLANS use the same ID number (and the same corresponding subnet config) as those defined on the 3750

b) the port on the RV325 selected for trunking is enabled for those VLANS and they are set to "Tagged" so vlan traffic is tagged on the trunk

c) the trunk port (to RV325) on the 3750 is configure as you would any other trunk 

then traffic will route between all hosts and vlans to and from the RV325 and 3750.

Thanks very much for your help.

Best,

MPA