Why isn't my network passing a certain vlan.

I have a network that appears not to be passing one vlan.  This is quite an odd situation.  I have a stack of switches that are made up of Cisco SGE 2000 24 and 48 port units.  My router and where all the vlans are being created is a Netgear FVS318N.

I have the standard vlan 1 plus 3,4,5, and 6.  All appear to work properly and communicate with each other as required except vlan 3.  For the simplicity of the installation and explaining it to other people - each vlan has it's own cable to the switch stack.  Obviously I have done something correctly as I'm able to ping IP addresses from one vlan to the other except for vlan 3.  Specifically vlan 3 is a 192.168.103.x subnet with a /32 subnet.  On the Cisco side I have the port coming in from the Netgear set as PVID 3 and only working with that vlan.  On the Netgear side I have it set the same.  On the Cisco side, devices on different ports that are set to vlan 3 are able to communicate with each other; same on the Netgear side.  Only issue seems to be when connecting the two.  Anyone have any idea of where to start?
huntsonAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

masnrockCommented:
Is there anything done differently with VLAN 3 versus the others?
0
huntsonAuthor Commented:
That would be my first thought although I can see nothing that sets vlan 3 apart in any way.  Settings and topology are the same.
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
> Specifically vlan 3 is a 192.168.103.x subnet with a /32 subnet.

Confirm /32 please.  My eyes say that is a particularly tiny subnet to the point of non-existance(?).
1
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

masnrockCommented:
Rich is right. /32 can be typed into SOME systems to represent a single IP address. However,it can't be done for subnetting purposes. Unless you meant /24, but you might want to check the settings :)
0
huntsonAuthor Commented:
I meant /24.  Here I was trying to be fancy and I messed it all up!!!
0
masnrockCommented:
Any way to see configurations of both switches, especially at the ports linking the two?
1
huntsonAuthor Commented:
Sure.  I have tried both port 2 and 3 on the Netgear.  They are connected to port 17 of the Cisco switch.  Note I did incorrectly post at the beginning about the subnet range completely.  It is 192.168.102.x /24
Screen-Shot-2017-04-11-at-11.14.26-A.png
Screen-Shot-2017-04-11-at-11.15.16-A.png
IMG_7417.JPG
0
masnrockCommented:
Why does the column for port 17 on the Cisco say Disable?
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Port g17 on the Cisco appears to be disabled...
0
masnrockCommented:
Looks like Rich and I are on the same wavelength! Enable port 17, and that should resolve your issue. Everything else appears to be configured right.
0
huntsonAuthor Commented:
Sorry about that.  Playing around with setting sto see if anything makes a difference.  It's normalized now and still no dice.  That was referring to Ingress filtering
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I assume there is no command line interface in the Cisco SGE 2000.  :-(  Can you get an equivalent screen shot on the Cisco side, like you did for the Netgear?  Confirm port status, speed/duplex, etc?
0
huntsonAuthor Commented:
There is a command line interface but I can't say I'm any good at it.
image1.JPG
0
masnrockCommented:
Would it be possible to see more detail on port 17, solely in the context of VLANs? You might have to go through the VLAN settings to be able to show us. (There is a chance that changing that port to either Access or Trunk mode may do the trick) What mode are the ports that are being used to connect to the other VLANs in?
1
huntsonAuthor Commented:
Currently it is in access mode.  All the vlans that are being connected to the switch and the router are configured exactly the asme way.  Port 16 is one of them and port 17 is another.
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Are there logs available on the switches and router?  I can't help wondering if something like spanning tree is preventing traffic from passing on the port you expect.  Seems like stp would be an unlikely cause, but I keep wondering if something else would be logging an error on one of the devices.

Any chance of seeing the filters applied on the ports?
0
huntsonAuthor Commented:
Very impressive Rich.  Turned off Spanning Tree on the Cisco stack and it magically worked.  Can you do your best and explain why you think that is please?
0
masnrockCommented:
One possibility would be that you may have inadvertently created a loop somewhere, and STP blocked port 17 to prevent further issues.
0
huntsonAuthor Commented:
I see.  I doubt that considering how simple my setup is.
0
huntsonAuthor Commented:
I just wouldn't want problems to come up in the future.
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I can't think of any reason it'd be STP except a loop which turns off the interfaces you expect to be using with filters/ACL on the ports which are selected to pass traffic.  Anything else I could think of would impact the other vlans too.  I'd want to turn on debug for STP on the cisco switch stack, then reenable STP -- to figure out what's happening.  (But I'm definitely the junior tech on this issue, I'd defer to Masnrock...)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
huntsonAuthor Commented:
Would STP actually shut the port down? I was seeing link lights the entire time.
0
masnrockCommented:
STP when it's enabled can block traffic flow for a port if it detects a loop. Ideally, it would at least show in some logs on your Cisco.

Check the configurations of the switches, along with the cables going between the two. If you wanted to simplify and reduce the potential issues, I'd actually advice that rather than having one cable per VLAN, to actually have a trunk that's passing all of the VLANs between the switches. (That should let you eliminate a few cables in the process)

Rich - Don't think of this as a junior/senior matter. And besides, you thought of the STP idea before anyone else, right?
0
huntsonAuthor Commented:
Good call again guys:  after using one cable to trunk all the Vlans I was able to reenable spanning tree with no problems.

THANKS!!!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Installation

From novice to tech pro — start learning today.