04-30-2015 08:42 AM - edited 03-07-2019 11:49 PM
I have a 3750 switch with two 48-port switches connected via stacking cable. On these switches I have two VLANS: VLAN100 for data, and VLAN300 for Desktop VTCs (dVTCs). I configured the switch with VLAN 100 having an ip address.
I have verified:
-IP Routing is enabled
-the default gateway is correct
-my trunk port is dot1q encapsulated and passing VLANS 100 & 300.
-On my Cisco 2951 router, I have created sub-interfaces with IPs and dot1q encapsulation.
-I am running OSPF and verified that both my data and video networks are being advertised.
Here's the problem: When I move my dVTCs into VLAN 300, I cannot ping the devices from either the switch or the router. I am able to ping the VLAN 300 gateway from the switch, but I am not able to ping either of my dVTCs. When I move the dVTCs into VLAN 300, I see them in the mac address-table, but I cannot see them in the arp table on the router . The interesting thing is that when I move my two dVTCs into VLAN 100 and move the VLAN 300 sub-interface address to the VLAN 100 sub-interface as a secondary address, everything works great on my dVTCs (I can ping the dVTCs from both the router and switch and the devices show up in my arp table on the router).
I have other campuses where I run the same configuration of VLANs, and everything works great. I feel like I am just missing something on my switch that I missed in my configuration but I am not seeing it. I apologize, but I am not able to post my configuration as my network is an isolated DoD network and cannot be posted. But if you have some ideas for me to check, I would appreciated it.
04-30-2015 11:28 AM
Also I hope all are in /29 network and switch ports are correctly assigned to vlan 300
sh vlan id 300 will help you verify that.
04-30-2015 11:46 AM
The dVTC switchports are assigned to VLAN 300. Also, I confirmed the dVTCs are in the /29 network
04-30-2015 11:35 AM
I was able to call the distant end and the nulled out the password. I will do the pings and then give the results
04-30-2015 12:16 PM
sure Mike
04-30-2015 12:26 PM
So after doing all the pings, I was not able to get any replies (from the dVTC to the SVI [.76] and the gateway [.73] and nothing showed up in my arp debug on my router and switch as I was attempting the ping
04-30-2015 02:29 PM
Mike
The default gateway for the dVTC devices is .73 isn' it ?
If so can you delete the SVI for vlan 300 on the switch as you don't need it.
Can you also confirm if either of the vlans on the trunk are configured as the native vlan ?
Can you also confirm if either of the subinterfaces on the router have been configured with the "dot1q encapsulation <vlan num> native" command.
In terms of ping only do it from the dVTC devices just in case they are running firewalls.
Jon
04-30-2015 11:56 AM
When I pinged the different interfaces from the dVTC, I received no reply. On the router and switch, I did not get any debug statements
04-30-2015 11:57 AM
Just to clarify, I pinged the .73 and .76 interfaces from the dVTC and received no reply.
04-30-2015 12:26 PM
Ok.As a work around, try configuring static arp entry on router
command could be like
arp <ip> <mac> <gi0/0.300> vlan etc...
Also if dont work, try configuring a static arp on dvtc also.
Thanks,
Madhu
04-30-2015 12:35 PM
I tried creating the static arp using this command:
arp 11.XX.XX.74 <mac> arpa g0/0.300
and I received the following error:
"Bad ARP command - Interface may only be specified when bridging IP"
04-30-2015 11:26 AM
I cannot ping from the dVTC as I do not have admin privileges on the unit. Our dVTCs are managed remotely so we have no local administrators who have admin access to the device.
04-30-2015 11:04 AM
My show IP route from my Switch looks something like:
C 11.XX.XX.72 is directly connected, VLAN 300
C 192.XX.XX.64 is directly connected, VLAN 100
My show IP router from my Router is way too long to try to print what it shows. Are you looking for something specific that I can see if is there?
04-30-2015 10:20 AM
Also, when I sh int trunk, see the trunk is passing VLAN 300 and VLAN 300 is active and allowed
04-30-2015 10:01 AM
hi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide