We help IT Professionals succeed at work.
Get Started
Need help with basic layer 3 switch configuration
Hi everyone, I could use some assistance doing what should be a pretty basic layer 3 switch configuration.
I've got a site with three existing VLANs and subnets. Currently the physical router device is routing inter-VLAN traffic. They are as follows:
VLAN 1 (default): 192.168.31.0/24
Gateway: 192.168.31.1
VLAN 2 (mgmt.): 192.168.131.0/24
Gateway: 192.168.131.1
VLAN 3 (guest): 192.168.231.0/24
Gateway: 192.168.231.1
Another group will be joining the existing network, that group will have their own subnet 192.168.103.0/24 which I will be placing on VLAN 4 at the main site. I have a layer 3 switch (Netgear GSM7328FS) that I will be using to route VLAN 4 to VLAN 1 as I should get better performance routing with this device than the physical router. This group will also be sharing VLANs 2 and 3. Switch port connecting to this office will be configured as a trunk (Cisco language), so it will be an untagged member of VLAN 4 and tagged member of VLANs 2 and 3.
The switch management interface is 192.168.31.25 on VLAN 2.
I've assigned IP addresses to the VLAN interfaces as follows:
VLAN1: 192.168.31.254
VLAN4: 192.168.103.1
Routing is enabled on the device and the interfaces. I've got a route statement in my physical router for 192.168.103.0 next hop 192.168.31.254.
Now for the question, why I'm not able to reach 192.168.103.1 (VLAN 4) from the other side?
If I attempt to ping from 192.168.31.0 I get:
Reply from 192.168.31.254: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
If I attempt tracert, I get:
Tracing route to 192.168.103.1 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.31.254
2 1 ms 1 ms <1 ms 192.168.131.1
3 145 ms 2 ms 2 ms 192.168.31.254
4 1 ms 1 ms 2 ms 192.168.131.1
5 2 ms 2 ms 2 ms 192.168.31.254
6 2 ms 2 ms 2 ms ...
I have no idea why the x.x.131.0 subnet is even involved. Hopefully this behaviour will throw up a flag for someone, and you can point me in the right direction. Thanks in advance
*** Edit ***
After sitting for a while, now the pings just time out, as does tracert. I've also thrown up a quick screen shot of the routes as configured in the device. I feel like the problem lies in something that's there (or not there).
![Routes]()
I've got a site with three existing VLANs and subnets. Currently the physical router device is routing inter-VLAN traffic. They are as follows:
VLAN 1 (default): 192.168.31.0/24
Gateway: 192.168.31.1
VLAN 2 (mgmt.): 192.168.131.0/24
Gateway: 192.168.131.1
VLAN 3 (guest): 192.168.231.0/24
Gateway: 192.168.231.1
Another group will be joining the existing network, that group will have their own subnet 192.168.103.0/24 which I will be placing on VLAN 4 at the main site. I have a layer 3 switch (Netgear GSM7328FS) that I will be using to route VLAN 4 to VLAN 1 as I should get better performance routing with this device than the physical router. This group will also be sharing VLANs 2 and 3. Switch port connecting to this office will be configured as a trunk (Cisco language), so it will be an untagged member of VLAN 4 and tagged member of VLANs 2 and 3.
The switch management interface is 192.168.31.25 on VLAN 2.
I've assigned IP addresses to the VLAN interfaces as follows:
VLAN1: 192.168.31.254
VLAN4: 192.168.103.1
Routing is enabled on the device and the interfaces. I've got a route statement in my physical router for 192.168.103.0 next hop 192.168.31.254.
Now for the question, why I'm not able to reach 192.168.103.1 (VLAN 4) from the other side?
If I attempt to ping from 192.168.31.0 I get:
Reply from 192.168.31.254: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
Reply from 192.168.131.1: TTL expired in transit.
If I attempt tracert, I get:
Tracing route to 192.168.103.1 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.31.254
2 1 ms 1 ms <1 ms 192.168.131.1
3 145 ms 2 ms 2 ms 192.168.31.254
4 1 ms 1 ms 2 ms 192.168.131.1
5 2 ms 2 ms 2 ms 192.168.31.254
6 2 ms 2 ms 2 ms ...
I have no idea why the x.x.131.0 subnet is even involved. Hopefully this behaviour will throw up a flag for someone, and you can point me in the right direction. Thanks in advance
*** Edit ***
After sitting for a while, now the pings just time out, as does tracert. I've also thrown up a quick screen shot of the routes as configured in the device. I feel like the problem lies in something that's there (or not there).
Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE