vlans not in "show IP route"

support · ‎11-26-2008

Greetings,

I have a Catalyst 3550 with 5 vlans configured. They appear ok........

"Show VLAN" result is attachment 1

However, although the vlans appear in "show vlan", they do not appear in "show IP route".

Show IP Route result is attachment 3

I attempted to use "vlan database", but got this error....

ieswitch#vlan database

% Warning: It is recommended to configure VLAN from config mode,

as VLAN database mode is being deprecated. Please consult user

documentation for configuring VTP/VLAN in config mode.

The bottomline is that while vlan 1 works OK and vlans 2-5 are serving IP address info correctly, I can not ping an outside the switch address or location. I am not sure what is wrong.

The switch config is attachment 2

glen.grant · ‎11-26-2008

You have one default static route pointing to 67.59.83.1 , I assume this is the other end . The device on the other end will need specific static routes pointing back to the 3550 for all the subnets you have defined otherwise it does not have a path back. Are the layer 3 switch virtual interfaces up/up ? You need at least one active interface in each of those vlans in order to have the layer 3 side up/up . My guess is that they are not up otherwise it would show as a connected route.

John Blakley · ‎11-26-2008

I agree with Glen. Check the vlan svis to see if they're up. Do a "sh ip int brie" and find the subnet that isn't showing up and see if it's administratively down.

Or you can always go into one of the interfaces that isn't showing in the routing table and do a "no shut".

HTH,

John

HTH, John *** Please rate all useful posts ***

support · ‎11-26-2008

I am going to conect one or two devices into vlans and we'll see what the effect is. Be back soon.

This is for a WISP and the hilltop where the equipment resides is not near the office.

support · ‎11-26-2008

John,

OK, I just got back....I connected a Macintosh to the vlan 1, interface 3. It's up and running and it is getting dhcp addressing OK. I still can't ping anything though.

Here is the result of the commend you suggested......

ieswitch#sh ip int brie

Interface IP-Address OK? Method Status Protocol

Vlan1 67.xx.xx.4 YES NVRAM up up

Vlan2 192.168.100.1 YES NVRAM up up

Vlan3 192.168.120.1 YES NVRAM up down

Vlan4 192.168.140.1 YES NVRAM up down

Vlan5 192.168.160.1 YES NVRAM up down

Vlan23 unassigned YES NVRAM down down

FastEthernet0/1 unassigned YES unset up up

FastEthernet0/2 unassigned YES unset down down

FastEthernet0/3 unassigned YES unset up up

FastEthernet0/4 unassigned YES unset down down

FastEthernet0/5 unassigned YES unset down down

FastEthernet0/6 unassigned YES unset down down

FastEthernet0/7 unassigned YES unset down down

FastEthernet0/8 unassigned YES unset down down

FastEthernet0/9 unassigned YES unset down down

FastEthernet0/10 unassigned YES unset down down

FastEthernet0/11 unassigned YES unset down down

FastEthernet0/12 unassigned YES unset down down

FastEthernet0/13 unassigned YES unset down down

FastEthernet0/14 unassigned YES unset down down

FastEthernet0/15 unassigned YES unset down down

FastEthernet0/16 unassigned YES unset down down

FastEthernet0/17 unassigned YES unset up up

FastEthernet0/18 unassigned YES unset down down

FastEthernet0/19 unassigned YES unset down down

FastEthernet0/20 unassigned YES unset down down

FastEthernet0/21 unassigned YES unset down down

FastEthernet0/22 unassigned YES unset down down

FastEthernet0/23 unassigned YES unset down down

FastEthernet0/24 unassigned YES unset up up

GigabitEthernet0/1 unassigned YES unset down down

GigabitEthernet0/2 unassigned YES unset down down

support · ‎11-26-2008

Ooops....I meant vlan 2 (not vlan 1), interface 3 was up.

I can't ping 192.168.100.1 or 67.xx.xx.4 or 67.xx.xx.1

support · ‎11-26-2008

Yes you are correct. 67.59.83.1 is the router above the 3550. It is statically routing 67.59.83.0/25.

There are only two devices connected right now in Interface 17 and 23. Those however are not in the vlan we need the routing on.

I will have to drive up to the hill top where the equipment is loccated and plug a device into one or two of the vlans I am concerned about.

I will get back to this discussion.

support · ‎11-26-2008

I am more suspicious of some issue with the VLAN database.

If I try to configure......I get.....

ieswitch#config t

Enter configuration commands, one per line. End with CNTL/Z.

ieswitch(config)#vlan database

Command rejected: Bad VLAN list - character #1 is a non-numeric

character ('d').

Furthermore, there should be some acknowledgement of 4 vlans 192.0.0.0/24

If I show IP route, it now shows the 192.168.100.1 vlan up

ieswitch#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 67.59.83.1 to network 0.0.0.0

67.0.0.0/25 is subnetted, 1 subnets

C 67.xx.xx.0 is directly connected, Vlan1

C 192.168.100.0/24 is directly connected, Vlan2

S* 0.0.0.0/0 [1/0] via 67.xx.xx.1

There should be a line in the output like....

C 192.0.0.0/24 is subnetted, 4 subnets

John Blakley · ‎11-26-2008

Can you show the configuration of your vlan2 interface?

do a sh run int vlan2 and post the results. Also, is your dhcp server on the switch or external on a server? You should be able to ping the interface if you're getting an address now.

The vlan database command is deprecated on most switches. Under (config)# just type vlan 2 and enter. That will take you to the vlan that you need.

HTH,

John

HTH, John *** Please rate all useful posts ***

support · ‎11-26-2008

John,

ieswitch#sh run int vlan2

Building configuration...

Current configuration : 63 bytes

!

interface Vlan2

ip address 192.168.100.1 255.255.255.0

end

The DHCP server is on the switch. The odd thing is that I can ping 192.168.100.1 (vlan 2) from the switch, even though I can not from the computer connected through one of the vlan 2 interfaces.

I included the switch config as an attachment in the original post.

John Blakley · ‎11-26-2008

If you're getting the correct address from the switch, and the interfaces, both vlan and port that the switch is connected to, you should be able to ping it. I looked over your config again, and everything looks fine. Can you ping past the switch? If you do a show int fa0/3, does it show up/up or err-disabled? If you take bpduguard off that interface, will it work? Can you ping the workstation from the switches interface?

ping sour vlan2

(I'm not even sure if this would work on a switch. I've never tried it.)

The next thing I would do is make the port a member of vlan1 and see if you can do anything with the default vlan by pinging it, getting the proper address, etc.

HTH,

John

HTH, John *** Please rate all useful posts ***

support · ‎11-26-2008

John,

Now you know why I am having trouble...it looks right, but it doesn't work completely.

From any interface of vlan 1, I can ping fine. In fact, there are two devices working just fine on vlan 1. I have a laptop with vnc server connected to interface 24 (vlan 1) that connects to the console port on the switch. No problem there. I can telnet to the switch using interface 1's ip address.

However, it those 4 vlans with the dhcp server, that is the issue.

Again, if I "show IP route", it makes no mention of 192.0.0.0/24 is subnetted with 4 subnets.

I belive it should show this item.

I can ping the "up" interface's IP, but not the computer connected to it.

I'll try removing bpduguard and see what happens.

John Blakley · ‎11-26-2008

If that doesn't change it, try removing the vlan SVI and the vlan from the database and then recreate all of it. Leave everything at the defaults, and then see what happens. Maybe reloading the switch will help, if you can. Everything does look correct,.and believe me, I know how frustrating THAT can be. ;-)

John

HTH, John *** Please rate all useful posts ***

glen.grant · ‎11-26-2008

As the other poster said you no longer use the vlan database . Put the switch in vtp transparent mode and all your vlans should show up in the running config . The vlans look ok because they show up and active under your show vlan command. If you do a show ip int brief do all your layer 3 svi's show up/up . They will only show up in the routing table if they all show up/up and they can only show up/up with at least 1 port in each vlan in a connected state.

support · ‎11-26-2008

Glen,

I have put the switch in vtp transparent mode.

I did the "show ip int brief" and the one vlan (192.168.100.1) is up/up.....

ieswitch#show ip int brief

Interface IP-Address OK? Method Status Protocol

Vlan1 67.xx.xx.4 YES NVRAM up up

Vlan2 192.168.100.1 YES NVRAM up up

Vlan3 192.168.120.1 YES NVRAM up down

Vlan4 192.168.140.1 YES NVRAM up down

Vlan5 192.168.160.1 YES NVRAM up down

Vlan23 unassigned YES NVRAM down down

FastEthernet0/1 unassigned YES unset up up

FastEthernet0/2 unassigned YES unset down down

FastEthernet0/3 unassigned YES unset up up