cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5829
Views
0
Helpful
12
Replies

Unable to ping between 2 directly connected switches

marvin-thomas
Level 1
Level 1

I'm setting up a lab and I'm having problems with one of the vlans.  I've got 2 3550 switches connected via 2 trunk links(fastethernet0/1 & 0/11 on each switch).  There are vlan interfaces that are pingable between the 2 switches but the problem is with vlan 20.  Here ae the relevant parts of the config:

Switch 1

!

interface Vlan20

ip address 10.2.2.2 255.255.255.0

end

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

channel-protocol lacp

end

!

interface FastEthernet0/11

switchport trunk encapsulation dot1q

switchport mode trunk

channel-protocol lacp

end

3550_SWITCH#sh cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,

                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID

2950SW           Fas 0/24          120              S I   WS-C2950- Fas 0/2

3550_SWITCH2     Fas 0/11          159             R S I  WS-C3550- Fas 0/11

3550_SWITCH2     Fas 0/1           158             R S I  WS-C3550- Fas 0/1

3550_SWITCH#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan

Fa0/1       on               802.1q         trunking      1

Fa0/11      on               802.1q         trunking      1

Fa0/24      on               802.1q         trunking      1

Port        Vlans allowed on trunk

Fa0/1       1-4094

Fa0/11      1-4094

Fa0/24      1-4094

Port        Vlans allowed and active in management domain

Fa0/1       1,10,20,200

Fa0/11      1,10,20,200

Fa0/24      1,10,20,200

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/1       1,10,20,200

Fa0/11      1

Fa0/24      1,10,20,200

Switch 2

!

interface Vlan20

ip address 10.2.2.1 255.255.255.0

end

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

channel-protocol lacp

end

!

interface FastEthernet0/11

switchport trunk encapsulation dot1q

switchport mode trunk

channel-protocol lacp

end

3550_SWITCH2#sh cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID

2950SW           Fas 0/24          135           S I      WS-C2950- Fas 0/1

3550_SWITCH      Fas 0/11          148          R S I     WS-C3550- Fas 0/11

3550_SWITCH      Fas 0/1           143          R S I     WS-C3550- Fas 0/1

R4               Fas 0/23          171            R       1750      Fas 0

3550_SWITCH2#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan

Fa0/1       on               802.1q         trunking      1

Fa0/11      on               802.1q         trunking      1

Fa0/24      on               802.1q         trunking      1

Port        Vlans allowed on trunk

Fa0/1       1-4094

Fa0/11      1-4094

Fa0/24      1-4094

Port        Vlans allowed and active in management domain

Fa0/1       1,10,20,200

Fa0/11      1,10,20,200

Fa0/24      1,10,20,200

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/1       10,20,200

Fa0/11      10,20,200

Fa0/24      1,10,20,200

The thing thats concerning me is that it looks like there are vlans being pruned on the trunk links between the switches.  I've tried to allow all vlans on each link but its not having any impact.  Any suggestions are appreciated.

12 Replies 12

cadet alain
VIP Alumni
VIP Alumni

Hi,

on SW1 can you do a sh spann vlan 20

Regards.

Alain.

Don't forget to rate helpful posts.

3550_SWITCH#sh span vlan 20

VLAN0020

  Spanning tree enabled protocol ieee

  Root ID    Priority    32788

             Address     000d.bce4.b200

             Cost        19

             Port        1 (FastEthernet0/1)

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32788  (priority 32768 sys-id-ext 20)

             Address     000f.8fb2.eb00

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Fa0/1               Root FWD 19        128.1    P2p

Fa0/11              Altn BLK 19        128.11   P2p

Fa0/24              Desg FWD 19        128.24   P2p

Hi,

So you got your answer as there is no port-channel, spanning-tree must block a port  and it blocked f0/11 on this switch.

This is a normal behaviourthat doesn't affect connectivity between the 2 switches..

Regards.

Alain

Don't forget to rate helpful posts.

That doesn't seem to be the problem.  Now there is a port channel:

3550_SWITCH#sh spanning-tree vlan 20

VLAN0020

  Spanning tree enabled protocol ieee

  Root ID    Priority    32788

             Address     000d.bce4.b200

             Cost        12

             Port        65 (Port-channel12)

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32788  (priority 32768 sys-id-ext 20)

             Address     000f.8fb2.eb00

             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type

------------------- ---- --- --------- -------- --------------------------------

Fa0/24              Desg FWD 100       128.24   P2p

Po12                Root FWD 12        128.65   P2p

Pings still fail:

3550_SWITCH#ping 10.2.2.1          

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.2.2.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

Can you do debug arp while pinging

Regards.

Alain.

Don't forget to rate helpful posts.

Hi Marvin,

do some L1 troubeshooting.

Ie shut down fa0/ on both sides and see if you can ping; if not try to shut fa0/11 instead.

Also remove portchannel and lacp from ports and see if can ping.

During all the tests always check both mac and arp tables to see if IP is arped and correct mac address is learned on the ports.

Riccardo

Thanks Riccardo and Alain.  I tried your suggestions and I'm still not able to ping the other switches vlan 20 interface.  Something I should re iterate is that there are other vlan interfaces on the same switch that I can ping and they are going over the same trunk.  Its only vlan 20 that's the problem.  Vlans 10 and 200 aren't experiencing the same problem.

3550_SWITCH#sh arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  10.2.2.2                -   000f.8fb2.eb00  ARPA   Vlan20

Internet  10.2.1.1                -   000f.8fb2.eb00  ARPA   Vlan10

Internet  10.2.2.1                9   000d.bce4.b200  ARPA   Vlan20

Internet  10.2.1.2                9   000d.bce4.b200  ARPA   Vlan10

Internet  192.168.0.112           0   0016.41e1.8382  ARPA   Vlan1

Internet  192.168.0.9           235   001a.6dbf.9f00  ARPA   Vlan1

Internet  192.168.0.19            -   000f.8fb2.eb00  ARPA   Vlan1

Internet  192.168.1.129           -   000f.8fb2.eb00  ARPA   Vlan200

Internet  192.168.1.130           9   000d.bce4.b200  ARPA   Vlan200

Internet  10.2.1.254              -   0000.0c07.ac0a  ARPA   Vlan10

The mac address for vlan 20 is the correct mac address.

Marvin

It is interesting that the ARP table has the MAC for the other switch interface, and that you say that it is the correct MAC. So my suggestion for the next step in troubleshooting this is to see if the MAC 000d.bce4.b200 is in the switch MAC address forwarding table and if so what interface is it associated with?

HTH

Rick

HTH

Rick

To me everything looks as I would expect:

3550_SWITCH#sh adjacency 10.2.2.1 detail

Protocol Interface                 Address

IP       Vlan20                    10.2.2.1(7)

                                   0 packets, 0 bytes

                                   epoch 0

                                   sourced in sev-epoch 0

                                   Encap length 14

                                   000DBCE4B200000F8FB2EB000800

                                   L2 destination address byte offset 0

                                   L2 destination address byte length 6

                                   Link-type after encap: ip

                                   ARP

3550_SWITCH#sh ip cef 10.2.2.1 detail

10.2.2.1/32, epoch 0, flags attached

  Adj source: IP adj out of Vlan20, addr 10.2.2.1 037B15A0

   Dependent covered prefix type adjfib cover 10.2.2.0/24

  attached to Vlan20

And I just tried a reload of both switches(for the second time)

Try creating vlan 20 (layer-2) on both switches and test again

"vlan 20"

name vlan-20-test"

If not, remove the ports from the portchannell and just use one port and test

I don't know.  Here's what I did.  Took the IP off vlan 20, and created vlan 40.  I assigned the IP's I was using on vlan 20 to vlan 40 and it works.  Vlan.dat file corrupt in some way? Would be interested to hear others thoughts.  Thanks again for the responses from everyone.

Marvin

Could you please confirm whether you have configured any access port into that vlan ? if you not, the vlan won't come up & unable to ping.

please confirm whether the interface is up in both switches.

I don't think so port channel issue as STP will block only one interface not both so it should work with one interface.

Thanks

Vignesh

Review Cisco Networking for a $25 gift card