ytechie
asked on
Cannot ping to router subinterface from switch 3500 XL
I have a switch (3500 XL) connected to two routers with one router configured as a router on a stick.
router 1 (model 2800)
router 2 (model 2600).
Problem:
- I can ping to router 2 from the switch (model 3500 XL) and can ping back from router 2 to the switch. From the switch, I cannot ping to the router 1 configured as a ROAS.
- I can ping to router 1 from router 2 when I configure the physical port on the router. Note for the router on the stick configuration the physical port on the router does not have an IP address
- Debug ip packet output on the switch reports "encapsulation failed"
- show arp output on the switch reports "incomplete ARP"
My questions are does the 3500 XL model support intervlan routing or more than one vlan on the same interface? I suspect that this model router does not support a ROAS configuration.
Switch configuration
Switch_Voice# sh run
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch_Voice
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
interface FastEthernet0/1
description IP Phone 7960
switchport access vlan 50
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport mode trunk
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/2
description IP Phone IP Phone 7940
switchport access vlan 50
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 1,10,50,1002-1005
switchport mode trunk
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/3
description Connected to CME router
switchport access vlan 50
switchport mode trunk
!
interface FastEthernet0/4
description Connected to DHCP router
switchport access vlan 50
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
!
interface VLAN1
ip address 172.16.2.6 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
end
Switch_Voice#show int fa0/3 - port connected to router 1
FastEthernet0/3 is up, line protocol is up
Hardware is Fast Ethernet, address is 0009.7c63.cb03 (bia 0009.7c63.cb03)
Description: Connected to CME router
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 222/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Auto-duplex (Full), Auto Speed (100), 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:17:19, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
show vlan
VLAN Name Status Ports
---- --------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8,
Fa0/9, Fa0/10, Fa0/11, Fa0/12,
Fa0/13, Fa0/14, Fa0/15, Fa0/16,
Fa0/17, Fa0/18, Fa0/19, Fa0/20,
Fa0/21, Fa0/22, Fa0/23, Fa0/24,
Gi0/1, Gi0/2
10 VOICE active
50 DATA active
1002 fddi-default active
Router1 configuration
interface FastEthernet0/1
description Connected to Switch_Voice Fa0/3
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.10
description Router Interface for Voice Vlan
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip helper-address 172.16.2.5
!
interface FastEthernet0/1.50
description Router Interface for Data Vlan
encapsulation dot1Q 50
ip address 172.16.2.1 255.255.255.0
!
router rip
version 2
network 172.16.0.0
network 192.168.1.0
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I removed the "switcport access vlan 50" from the Fa0/3 port connecting to the router. When I ping from the switch to the router, I get an unroutable message on the output from the "debug ip packet" on the switch.
- On the switch, on the output of "show cdp neigbhors detail" I expect to see the ip addess and the subinterface port on the router. Instead I see the physical port Fa0/1 and the IP address of Fa0/0 which is on a different subnet 192.168.1.0
- The default gateway and the ip address of VLan50 is configured. Vlan 50 is the native vlan
Should I expect to see the subinterface port and ip address in the show cdp... output?
pinging from the switch to the router
Switch_Voice#
03:38:56: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:38:59: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:39:02: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:39:05: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
"show cdp neigbhors detail" output from switch"
Device ID: CME_VOICE
Entry address(es):
IP address: 192.168.1.105
Platform: Cisco 2801, Capabilities: Router Switch IGMP
Interface: FastEthernet0/3, Port ID (outgoing port): FastEthernet0/1
Holdtime : 144 sec
show run
Switch_Voice#show run
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch_Voice
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
interface FastEthernet0/1
description IP Phone 7960
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 1,10,50,1002-1005
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/2
description IP Phone IP Phone 7940
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 1,10,50,1002-1005
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/3
description Connected to CME router
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/4
description Connected to DHCP router
duplex full
switchport access vlan 50
spanning-tree portfast
!
i
!
interface GigabitEthernet0/2
!
interface VLAN1
no ip address
no ip directed-broadcast
no ip route-cache
!
interface VLAN50
ip address 172.16.2.6 255.255.255.0
no ip directed-broadcast
no ip route-cache
shutdown
!
ip default-gateway 172.16.2.1 - subinterface of router
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
end
- On the switch, on the output of "show cdp neigbhors detail" I expect to see the ip addess and the subinterface port on the router. Instead I see the physical port Fa0/1 and the IP address of Fa0/0 which is on a different subnet 192.168.1.0
- The default gateway and the ip address of VLan50 is configured. Vlan 50 is the native vlan
Should I expect to see the subinterface port and ip address in the show cdp... output?
pinging from the switch to the router
Switch_Voice#
03:38:56: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:38:59: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:39:02: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
03:39:05: IP: s=172.16.2.6 (local), d=172.16.2.1, len 100, unroutable
"show cdp neigbhors detail" output from switch"
Device ID: CME_VOICE
Entry address(es):
IP address: 192.168.1.105
Platform: Cisco 2801, Capabilities: Router Switch IGMP
Interface: FastEthernet0/3, Port ID (outgoing port): FastEthernet0/1
Holdtime : 144 sec
show run
Switch_Voice#show run
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch_Voice
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
interface FastEthernet0/1
description IP Phone 7960
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 1,10,50,1002-1005
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/2
description IP Phone IP Phone 7940
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport trunk allowed vlan 1,10,50,1002-1005
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/3
description Connected to CME router
switchport trunk encapsulation dot1q
switchport trunk native vlan 50
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/4
description Connected to DHCP router
duplex full
switchport access vlan 50
spanning-tree portfast
!
i
!
interface GigabitEthernet0/2
!
interface VLAN1
no ip address
no ip directed-broadcast
no ip route-cache
!
interface VLAN50
ip address 172.16.2.6 255.255.255.0
no ip directed-broadcast
no ip route-cache
shutdown
!
ip default-gateway 172.16.2.1 - subinterface of router
!
line con 0
exec-timeout 0 0
logging synchronous
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
end
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes. It was down when I tested and I didn't notice that. I have opened it and tested again and here is the router config
CME_VOICE#show run
Building configuration...
Current configuration : 1518 bytes
!
! No configuration change since last restart
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CME_VOICE
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
no ip domain lookup
!
!
!
voice-card 0
!
!
!
interface FastEthernet0/0
description Connection to Default Gateway
ip address 192.168.1.105 255.255.255.0
duplex auto
speed auto
!
interface Service-Engine0/0
no ip address
shutdown
!
interface FastEthernet0/1
description Connected to Switch_Voice Fa0/3
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.10
description Router Interface for Voice Vlan 10
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip helper-address 172.16.2.5
!
interface FastEthernet0/1.50
description Router Interface for Data Vlan 50
encapsulation dot1Q 50
ip address 172.16.2.1 255.255.255.0
!
router rip
version 2
network 172.16.0.0
network 192.168.1.0
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/1/0
!
voice-port 0/1/1
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line 66
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
end
Configurations of the physical interface Fa0/1 and subinterfaces Fa0/1.10 - vlan10 and Fa0/1.50 0 - vlan 50
CME_VOICE(config)#exit
CME_VOICE#show int fa0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Connected to Switch_Voice Fa0/3
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:19, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
70 packets input, 22602 bytes
Received 70 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
88 packets output, 8912 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
CME_VOICE# show int fa0/1.10
FastEthernet0/1.10 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Router Interface for Voice Vlan
Internet address is 172.16.1.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 10.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
CME_VOICE# show int fa0/1.50
FastEthernet0/1.50 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Router Interface for Data Vlan
Internet address is 172.16.2.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 50.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
CME_VOICE#
CME_VOICE#show run
Building configuration...
Current configuration : 1518 bytes
!
! No configuration change since last restart
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CME_VOICE
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
no ip domain lookup
!
!
!
voice-card 0
!
!
!
interface FastEthernet0/0
description Connection to Default Gateway
ip address 192.168.1.105 255.255.255.0
duplex auto
speed auto
!
interface Service-Engine0/0
no ip address
shutdown
!
interface FastEthernet0/1
description Connected to Switch_Voice Fa0/3
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.10
description Router Interface for Voice Vlan 10
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip helper-address 172.16.2.5
!
interface FastEthernet0/1.50
description Router Interface for Data Vlan 50
encapsulation dot1Q 50
ip address 172.16.2.1 255.255.255.0
!
router rip
version 2
network 172.16.0.0
network 192.168.1.0
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/1/0
!
voice-port 0/1/1
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line 66
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
end
Configurations of the physical interface Fa0/1 and subinterfaces Fa0/1.10 - vlan10 and Fa0/1.50 0 - vlan 50
CME_VOICE(config)#exit
CME_VOICE#show int fa0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Connected to Switch_Voice Fa0/3
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:19, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
70 packets input, 22602 bytes
Received 70 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
88 packets output, 8912 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
CME_VOICE# show int fa0/1.10
FastEthernet0/1.10 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Router Interface for Voice Vlan
Internet address is 172.16.1.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 10.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
CME_VOICE# show int fa0/1.50
FastEthernet0/1.50 is up, line protocol is up
Hardware is Gt96k FE, address is 0016.46dc.3fdf (bia 0016.46dc.3fdf)
Description: Router Interface for Data Vlan
Internet address is 172.16.2.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 50.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
CME_VOICE#
ASKER
After running no shutdown on vlan50, I am able to ping to another router, but not the router configured as ROAS. The message on the switch from running debug has changed to "encapsulation failed" after opening vlan50
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Does the catalyst switch 3500 XL support intervlan routing? I read somewhere that you cannot configure ROAS with this model switch
Any switch that support ISL or DOT1Q can be part of a ROAS configuration. The router is what is performing the inter vlan routing.
ASKER
Soulja,
Removing the "switchport trunk native vlan 50" solved the problem. I am able to ping in both directions from switch to router. Thank you very much.
Removing the "switchport trunk native vlan 50" solved the problem. I am able to ping in both directions from switch to router. Thank you very much.
ASKER
The solutions that worked were to Remove the command
- " switchport access vlan 50 " on the F0/3 of the cisco 3500XL switch and
- remove "switchport trunk native vlan50
- apply no shutdown to vlan50 interface
- " switchport access vlan 50 " on the F0/3 of the cisco 3500XL switch and
- remove "switchport trunk native vlan50
- apply no shutdown to vlan50 interface
ASKER