SVI issues - Cisco Community

2253

Views

16

Helpful

10

Replies

Hello friends, I recently have a issue with my cisco equipments.

I have two 6500 and access switches which were configurated with ip from subnet 192.168.96.0/24, the configuration is almost like this:

CORE

int vlan 96

ip add 192.168.96.1 255.255.255.0

ip add 192.168.96.3 255.255.255.0 secondary

ACCESS SWITCH

int vlan 96

ip add 192.168.96.30 255.255.255.0

ip default-gateway 192.168.96.1

The thing is, when I try to ping 192.168.96.1 doesn't work, but, when I change the default gateway for the secondary IP (192.168.96.3) it works perfect. There's a way that my primary ip (192.168.96.1) has been broken?

Thanks for the answers!

10 Replies 10

Hi,

Why do you have a secondary IP address on the SVI all the same subnet?

You usually need one IP for the SVI.

try removing the secondary IP and test again

config t

int vlan 96

no ip add 192.168.96.3 255.255.255.0 secondary

HTH

Hi,

I just remove and put another ip in another subnet:

int vlan 96

ip add 192.168.96.1 255.255.255.0

ip add 192.168.97.1 255.255.255.0 secondary

but doesn't still work, it seems like the primary ip was broken, I can't ping to my default gateway 192.168.96.1 but, instead, I can ping to 192.168.97.1 and others devices using the vlan 96

Thanks for your help

Hi,

Can you try the ping without having an ip secondary at all?

just delete the secondary completly and test with ping to 192.168.96.1

HTH

I would also suggest using show arp on the switch and check to see if there is an entry for 192.168.96.1. And if there is an entry check the MAC address in the entry and see if it match the MAC address of the switch interface.

HTH

Rick

HTH

Rick

Can you post the output to this command: sh vlan | include 96?

Maybe VLAN 96 isn't created in the VLAN Database?

Hi,I have done this experiment. Such as:

R1#show run

Building configuration...

Current configuration : 1441 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

no ip domain lookup

ip domain name lab.local

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

switchport mode trunk

!

interface FastEthernet1/1

!

interface FastEthernet1/2

!

interface FastEthernet1/3

!

interface FastEthernet1/4

!

interface FastEthernet1/5

!

interface FastEthernet1/6

!

interface FastEthernet1/7

!

interface FastEthernet1/8

!

interface FastEthernet1/9

!

interface FastEthernet1/10

!

interface FastEthernet1/11

!

interface FastEthernet1/12

!

interface FastEthernet1/13

!

interface FastEthernet1/14

!

interface FastEthernet1/15

!

interface Vlan1

no ip address

!

interface Vlan96

ip address 192.168.96.3 255.255.255.0 secondary

ip address 192.168.96.1 255.255.255.0

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

!

end

R2#show run

Building configuration...

Current configuration : 1518 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

no ip routing

no ip cef

!

!

!

!

no ip domain lookup

ip domain name lab.local

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

no ip route-cache

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

no ip route-cache

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

switchport mode trunk

!

interface FastEthernet1/1

!

interface FastEthernet1/2

!

interface FastEthernet1/3

!

interface FastEthernet1/4

!

interface FastEthernet1/5

!

interface FastEthernet1/6

!

interface FastEthernet1/7

!

interface FastEthernet1/8

!

interface FastEthernet1/9

!

interface FastEthernet1/10

!

interface FastEthernet1/11

!

interface FastEthernet1/12

!

interface FastEthernet1/13

!

interface FastEthernet1/14

!

interface FastEthernet1/15

!

interface Vlan1

no ip address

no ip route-cache

!

interface Vlan96

ip address 192.168.96.30 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.96.1

ip forward-protocol nd

!

!

no ip http server

no ip http secure-server

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

privilege level 15

logging synchronous

line aux 0

exec-timeout 0 0

privilege level 15

logging synchronous

line vty 0 4

login

!

!

end

The results are as follows：

R2#ping 192.168.96.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.96.1, timeout is 2 seconds:

.!!!!

R2#ping 192.168.96.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.96.3, timeout is 2 seconds:

.!!!!

I hope this can help you

Hello

Is the connection between the 6500 and access switch trunked?

Both switches:

interface xxx

switchport trunk encapsulation dot1q

switchport mode trunk

ACCESS SWITCH

no ip routing

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello everyone,

Thanks a lot for your help! all the configuration that Haijun shows is almost the same I have, with trunkings and everything needed up. The vlan 96 was created like a month ago, everything was working but someone change the ip add twice, like this:

CORE

int vlan 96

ip add 192.168.96.40 255.255.255.0

exit

int vlan 96

ip add 192.168.96.1 255.255.255.0

exit

wr

After that change, the switches starts with the issue, I can't ping my switches from the CORE but my switches can ping to 192.168.96.1. In the arp table of one access switch I saw a entry like 192.168.96.1 Incomplete.

I'd like to know if someone had the same issue or almost something like that.

Again, thanks to lot for all your answers, it's very helpful for my troubleshooting

Hello

Are you still experiencing this issue?

If so can you post the running config of the access switch?

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello friends,

I just discover that the problem was realted with spanning-tree, all was about the root guard configured on the Core, it blocked the vlan96, so I need to configured the Core in order to make the vlan96 as the root bridge.

Thanks again for all you answers!

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card