Solved

ping between vlan interfaces

Posted on 2011-09-03
12
435 Views
Last Modified: 2012-05-12
I would like to know how to ping between all vlan interfaces.

for now I can ping , interfcace vlan 22 on both switches even though they have 2 different is ,from both switches

thanks
from Switch1 , I can ping interface vlan 22 on switch 1 and 2, that's all.


Switch1#sh run
Building configuration...

Current configuration : 4465 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch1
!
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
 
 
!
interface Port-channel1
 switchport access vlan 22
 switchport mode access
!
interface FastEthernet0/1
 switchport mode dynamic desirable
!
interface FastEthernet0/2
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/3
 no switchport
 no ip address
 shutdown
!
interface FastEthernet0/4
 switchport access vlan 4
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 22
 switchport mode access
 
!
interface FastEthernet0/11
 switchport access vlan 22
 switchport mode access
 channel-group 1 mode on
!
interface FastEthernet0/12
 switchport access vlan 22
 switchport mode access
 channel-group 1 mode on
 
 
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 10.100.120.22 255.255.255.0
!
interface Vlan3
 ip address 10.100.130.33 255.255.255.0
!
interface Vlan4
 ip address 10.100.140.44 255.255.255.0
!
interface Vlan22
 ip address 192.168.2.66 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 no login
line vty 5 15
 login
!
end
=============================================

Switch2#sh run
Building configuration...

Current configuration : 4491 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch2
!
!
no aaa new-model
ip subnet-zero
!

!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
 
!
interface Port-channel1
 switchport access vlan 22
 switchport mode dynamic desirable
!
interface FastEthernet0/1
 switchport mode dynamic desirable
!
interface FastEthernet0/2
 switchport access vlan 22
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 33
 switchport mode access
!
interface FastEthernet0/4
 switchport mode access
!
 
!
interface FastEthernet0/11
 switchport access vlan 22
 switchport mode dynamic desirable
 channel-group 1 mode on
!
interface FastEthernet0/12
 switchport access vlan 22
 switchport mode dynamic desirable
 channel-group 1 mode on
!
interface FastEthernet0/13
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 switchport mode dynamic desirable
!
interface FastEthernet0/21
 switchport mode dynamic desirable
!
interface FastEthernet0/22
 switchport mode dynamic desirable
!
interface FastEthernet0/23
 switchport mode dynamic desirable
!
interface FastEthernet0/24
 switchport mode dynamic desirable
!
interface GigabitEthernet0/1
 switchport mode dynamic desirable
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan2
 no ip address
 no ip route-cache
!
interface Vlan3
 no ip address
 no ip route-cache
!
interface Vlan4
 no ip address
 no ip route-cache
!
interface Vlan22
 ip address 192.168.2.22 255.255.255.0
 no ip route-cache
!
interface Vlan33
 ip address 192.168.3.33 255.255.255.0
 no ip route-cache
!
interface Vlan44
 ip address 192.168.4.44 255.255.255.0
 no ip route-cache
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.66
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

Open in new window

0
Comment
Question by:jskfan
  • 5
  • 4
  • 3
12 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 36480059
Ok, not sure if I get your question completely, but...

You can only usually have one active management IP address on a switch, unless it is a layer3 switch.

Also, it looks like you only have devices on active ports in VLAN 22, so the other VLANs probably show as DOWN.

Can you post the output from...

show ip interface brief

show vlan brief

...on each switch?
0
 

Author Comment

by:jskfan
ID: 36480096
I am not in the lab now,

both switches have vlan 22
on one switch there is interface vlan 22 with ip 192.168.2.66 and another switch there is interface vlan 22 with ip 192.168.2.22
both switches are connected via fastethernet 11 and 12 as an etherchannel, and they are configured as access ports.

I still cannot understand why they are not configured as trunk ports (I took the config from an EE expert ), However it still work as a trunk, since from either switch I can ping the vlan interface of other switch [as long as vlan interface belongs to vlan 22 which is common vlan for both switches ].
What I was asking, is what do I need to add to the existing config so that I can ping other vlan interfaces from both switches?
Also if yoou can explain , how come fastethernet 11 and 12 are not configured as trunk
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 36480129
Ok I see now.

You are correct, these ports should be configured as trunks.  If they aren't trunks you won't be able to see the other VLANs between the switches.

Try this...

conf t
interface Port-channel1
 switchport access vlan 22
 switchport mode access
exit
interface FastEthernet0/11
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
exit
interface FastEthernet0/12
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
end
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 36480131
Oops!  Ignore the config in my previous post (got a bit too eager with the Post button)!

Try this...

conf t
interface FastEthernet0/11
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
exit
interface FastEthernet0/12
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
exit
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
end
0
 

Author Comment

by:jskfan
ID: 36482825
The config below worked fine ---Excellent---
I didn't have to use No Switchport in order to ping between hosts in different Vlans, I had to configure "IP ROUTING"
Switch1#sh run
Building configuration...

Current configuration : 4533 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch1
!
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
 
!
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/1
 switchport mode dynamic desirable
!
interface FastEthernet0/2
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/3
 no switchport
 no ip address
 shutdown
!
interface FastEthernet0/4
 switchport access vlan 4
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 22
 switchport mode access
!
 !
interface FastEthernet0/11
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
interface FastEthernet0/12
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
 
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 10.100.120.22 255.255.255.0
!
interface Vlan3
 ip address 10.100.130.33 255.255.255.0
!
interface Vlan4
 ip address 10.100.140.44 255.255.255.0
!
interface Vlan22
 ip address 192.168.2.66 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.22
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 no login
line vty 5 15
 login
!
end



==========================================================

Switch2#sh run
Building configuration...

Current configuration : 4366 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch2
!
!
no aaa new-model
ip subnet-zero
ip routing
!
 
!
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/1
 switchport mode dynamic desirable
!
interface FastEthernet0/2
 switchport access vlan 22
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 33
 switchport mode access
!
interface FastEthernet0/4
 switchport mode access
!
 !
interface FastEthernet0/11
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
interface FastEthernet0/12
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
!
 !
interface Vlan22
 ip address 192.168.2.22 255.255.255.0
!
interface Vlan33
 ip address 192.168.3.33 255.255.255.0
!
interface Vlan44
 ip address 192.168.4.44 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.2.66
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 login
line vty 5 15
 login
!
end

Open in new window

0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 500 total points
ID: 36483445
You already had ip routing, as per your Config in the original question!
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:jskfan
ID: 36483588
you are right.
I stressed the IP ROUTING, just to make it clear that No Switchport [that converts the port to L3 ] has not been used.

If I understand now the No Switchport is used only if you connect L3 switch to a router. correct?
0
 
LVL 3

Expert Comment

by:shbasm
ID: 36484970
post the
model number of switches
and i will follow  with you step by step to get your intervlan routing set up
0
 

Author Comment

by:jskfan
ID: 36485543
I will post it in a different question.

craigbeck  has answered this question, with an excellent etherchannel config that worked fine.
0
 

Author Closing Comment

by:jskfan
ID: 36485554
excellent!  I posted the complete config that worked for me.
0
 
LVL 3

Expert Comment

by:shbasm
ID: 36485588
i am pleased for your  problem being resoved .
regarding your question (No Switchport is used only if you connect L3 switch to a router. correct? )
this command is used to alter a layer 3 switch port to Routed Physical Interface you can connect a router or a switch according to your network topology
0
 
LVL 3

Expert Comment

by:shbasm
ID: 36485656
Dera Sir
if your layer3 switch is 4500 or 6500 using routed logical interfaces will give you better performance
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now