Cisco 3550 VLAN-Internet routing problem

Discussion in 'Cisco' started by Zaid, Mar 25, 2006.

  1. Zaid

    Zaid Guest

    dear friends,i'm facing a network problem and i just can't find the
    right solution.hope you can help me solving it.

    i have 9 VLANS(2-10)defined in the cisco 3550 multilayer switch with
    VLAN 10 as the management VLAN. i have also 8 2950 switches, each has a
    differnet VLAN ID from the other and are connected to the 3550 switch
    through trunk ports.the IP's for the VLANs defined in the 3550 switch
    are as follows:
    172.16.2.1/24
    172.16.3.1/24
    and so on until 172.16.10.1/24
    the 2950 switches can simply negotiate with each other through the 3550
    switch interVLAN communication after i enabled the ip routing
    command.the problem is when i connected the 3550 fastethernet 0/10 port
    having a layer three IP(62.68.75.22/28) to a gigaethernet0/0 port
    having the ip (62.68.75.17/28)on a 2800 cisco router. the 3550 switch
    can ping the routers interface (62.68.75.17),the hosts in the 2950
    swiches can ping the fastethernet 0/10 port on the 3550
    (62.68.75.22),BUT the hosts in the 2950 switches CAN NOT ping the
    gigaethernet0/0 (62.68.75.17) on the routers interface thus can not get
    access to Internet. sorry for the long message but i tried to give as
    much information as possible to help clarify the situation.thank you
    very much and hope to hear from you.
    best wishes, Zaid.
     
    Zaid, Mar 25, 2006
    #1
    1. Advertising

  2. Zaid

    Merv Guest

    Does the 2800 router know about all of routes on 2950?

    Are you running a dynamic routing protocol between the 3350 and the
    2800 ?

    Post the output of show ip route from both the 3550 and the 2800
     
    Merv, Mar 25, 2006
    #2
    1. Advertising

  3. Zaid

    Merv Guest

    ! define routes on 2800 for 3350 directly connected routes for testing

    ip route 172.16.2.0 255.255.255.0 62.68.75.22
    ip route 172.16.3.0 255.255.255.0 62.68.75.22
    ip route 172.16.4.0 255.255.255.0 62.68.75.22
    ip route 172.16.5.0 255.255.255.0 62.68.75.22
    ip route 172.16.6.0 255.255.255.0 62.68.75.22
    ip route 172.16.7.0 255.255.255.0 62.68.75.22
    ip route 172.16.8.0 255.255.255.0 62.68.75.22
    ip route 172.16.9.0 255.255.255.0 62.68.75.22
    ip route 172.16.10.0 255.255.255.0 62.68.75.22
     
    Merv, Mar 25, 2006
    #3
  4. Zaid

    Guest

    Hello,

    what happens when you configure a default static route on the 3550 like
    this:

    ip route 0.0.0.0 0.0.0.0 FastEthernet0/10

    Regards,

    H
     
    , Mar 25, 2006
    #4
  5. Zaid

    Merv Guest

    default needs to point to Internet
     
    Merv, Mar 25, 2006
    #5
  6. Zaid

    Merv Guest

    default needs to point to Internet
     
    Merv, Mar 25, 2006
    #6
  7. Zaid

    Merv Guest

    default needs to point to Internet
     
    Merv, Mar 25, 2006
    #7
  8. Zaid

    Merv Guest

    default needs to point to Internet
     
    Merv, Mar 25, 2006
    #8
  9. Zaid

    Zaid Guest

    thank you very much Merv, after i added the above routes everything
    worked great.here are the configurations for the 3550 and 2800.there's
    no dynamic routing protocol between the 3550 and the 2800. now,does
    this mean that 3550 made a Natting process between the private
    networks(172.16.0.0) and the real address of the router??
    3550 sh ip route:
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
    level-2
    ia - IS-IS inter area, * - candidate default, U - per-user
    static route
    o - ODR, P - periodic downloaded static route

    Gateway of last resort is 62.68.75.17 to network 0.0.0.0

    172.16.0.0/24 is subnetted, 5 subnets
    C 172.16.10.0 is directly connected, Vlan10
    C 172.16.4.0 is directly connected, Vlan4
    C 172.16.5.0 is directly connected, Vlan5
    C 172.16.2.0 is directly connected, Vlan2
    C 172.16.3.0 is directly connected, Vlan3
    62.0.0.0/28 is subnetted, 1 subnets
    C 62.68.75.16 is directly connected, FastEthernet0/10
    S* 0.0.0.0/0 [1/0] via 62.68.75.17

    the sh run for 3550:

    Current configuration : 3213 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Distribution
    !
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    interface FastEthernet0/1
    switchport mode dynamic desirable
    !
    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/5
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface FastEthernet0/6
    switchport mode dynamic desirable
    !
    interface FastEthernet0/7
    switchport mode dynamic desirable
    !
    interface FastEthernet0/8
    switchport mode dynamic desirable
    !
    interface FastEthernet0/9
    switchport mode dynamic desirable
    !
    interface FastEthernet0/10
    no switchport
    ip address 62.68.75.22 255.255.255.240
    mls qos trust dscp
    macro description cisco-router
    auto qos voip trust
    !
    interface FastEthernet0/11
    switchport mode dynamic desirable
    !
    interface FastEthernet0/12
    switchport mode dynamic desirable
    !
    interface FastEthernet0/13
    switchport mode dynamic desirable
    !
    interface FastEthernet0/14
    switchport mode dynamic desirable
    !
    interface FastEthernet0/15
    switchport mode dynamic desirable
    !
    interface FastEthernet0/16
    switchport mode dynamic desirable
    !
    interface FastEthernet0/17
    switchport mode dynamic desirable
    !
    interface FastEthernet0/18
    switchport mode dynamic desirable
    !
    interface FastEthernet0/19
    switchport mode dynamic desirable
    !
    interface FastEthernet0/20
    switchport mode dynamic desirable
    !
    interface FastEthernet0/21
    switchport mode dynamic desirable
    !
    interface FastEthernet0/22
    switchport mode dynamic desirable
    !
    interface FastEthernet0/23
    switchport mode dynamic desirable
    !
    interface FastEthernet0/24
    switchport access vlan 10
    switchport mode access
    switchport port-security
    switchport port-security aging time 2
    switchport port-security violation restrict
    switchport port-security aging type inactivity
    macro description cisco-desktop
    spanning-tree portfast
    spanning-tree bpduguard enable
    !
    interface GigabitEthernet0/1
    switchport mode dynamic desirable
    !
    interface GigabitEthernet0/2
    switchport mode dynamic desirable
    !
    interface Vlan1
    no ip address
    shutdown
    !
    interface Vlan2
    description Floor2_VLAN
    ip address 172.16.2.1 255.255.255.0

    !
    interface Vlan3
    description Floor3_VLAN
    ip address 172.16.3.1 255.255.255.0
    !
    interface Vlan4
    description Floor4_VLAN
    ip address 172.16.4.1 255.255.255.0
    !
    interface Vlan5
    description Floor5_VLAN
    ip address 172.16.5.1 255.255.255.0
    !
    interface Vlan10
    description Management_VLAN
    ip address 172.16.10.1 255.255.255.0
    !
    router rip
    network 172.16.0.0
    !
    ip default-gateway 62.68.75.17
    ip classless
    no ip route static inter-vrf
    ip route profile
    ip route 0.0.0.0 0.0.0.0 62.68.75.17
    ip http server
    !
    !
    control-plane
    !
    !
    !
    end

    the 2800 sh ip route:
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2
    i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
    level-2
    ia - IS-IS inter area, * - candidate default, U - per-user
    static route
    o - ODR, P - periodic downloaded static route

    Gateway of last resort is not set

    172.16.0.0/24 is subnetted, 5 subnets
    S 172.16.10.0 [1/0] via 62.68.75.22
    S 172.16.4.0 [1/0] via 62.68.75.22
    S 172.16.5.0 [1/0] via 62.68.75.22
    S 172.16.2.0 [1/0] via 62.68.75.22
    S 172.16.3.0 [1/0] via 62.68.75.22
    62.0.0.0/28 is subnetted, 1 subnets
    C 62.68.75.16 is directly connected, GigabitEthernet0/0

    and the 2800 sh run:
    Router#sho run
    Building configuration...

    Current configuration : 969 bytes
    !
    version 12.4
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Router
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    !
    resource policy
    !
    ip subnet-zero
    !
    !
    ip cef
    !
    !
    !
    interface GigabitEthernet0/0
    ip address 62.68.75.17 255.255.255.240
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 172.16.101.1
    ip route 172.16.2.0 255.255.255.0 62.68.75.22
    ip route 172.16.3.0 255.255.255.0 62.68.75.22
    ip route 172.16.4.0 255.255.255.0 62.68.75.22
    ip route 172.16.5.0 255.255.255.0 62.68.75.22
    ip route 172.16.10.0 255.255.255.0 62.68.75.22
    !
    !
    no ip http server
    no ip http secure-server
    !
    !

    !
    !
    control-plane
    !
    !
    !
    line con 0
    line aux 0
    line vty 0 4
    login
    !
    no scheduler allocate
    !
    end
     
    Zaid, Mar 25, 2006
    #9
  10. Zaid

    Merv Guest

    1st thing to do now is to enable a dynamic routing protocol

    so that you do not loss connectivity whil converting and testing fload
    the static routes as follows:

    no ip route 172.16.2.0 255.255.255.0 62.68.75.22
    no ip route 172.16.3.0 255.255.255.0 62.68.75.22
    no ip route 172.16.4.0 255.255.255.0 62.68.75.22
    no ip route 172.16.5.0 255.255.255.0 62.68.75.22
    no ip route 172.16.10.0 255.255.255.0 62.68.75.22

    ip route 172.16.2.0 255.255.255.0 62.68.75.22 250
    ip route 172.16.3.0 255.255.255.0 62.68.75.22 250
    ip route 172.16.4.0 255.255.255.0 62.68.75.22 250
    ip route 172.16.5.0 255.255.255.0 62.68.75.22 250
    ip route 172.16.10.0 255.255.255.0 62.68.75.22 250

    The floating static routes will be installed in the routing table if a
    route from a dynamci routing protocl is not available. These static
    rotues should be removed once a dynamic routing protocl is up and
    working as desired.

    To find out what dyanmic routing protocol are availabel on each
    platform

    conf t
    router ?

    Post output of support routing protocls for both platforms
     
    Merv, Mar 25, 2006
    #10
  11. Zaid

    Merv Guest

    Please detail all of the network equipment and their connection from
    the 3550 to your Internet connection

    2990s <--> 3550 <--> ??

    Why are you not using a 172.16.x.x address on the link between the 3550
    and the 2800 ?
     
    Merv, Mar 25, 2006
    #11
  12. Zaid

    Merv Guest

    post the complete output of "show version" from the 2800
     
    Merv, Mar 25, 2006
    #12
  13. Zaid

    Zaid Guest

    the configuration above was just a small test model we used. the
    original model consists of (from bottom to top) 27 units 2950 switches,
    5 units 3550 switches, 1 unit 4500 core switch, 1 unit pix firewall,
    and 1 router 2800 unit.each 8 2950 switches is connected to one 3550
    distribution switch. the 3550 switches will all be connected to the
    4500 core switch, then the core switch will connect to the PIX and
    finally from the PIX to the router. it'll take us several days to start
    connecting all the above together. meanwhile we'll start configuring
    them step by step.while we begin doing so, i'll update you with all
    that you required above if you are interested.
     
    Zaid, Mar 26, 2006
    #13
  14. Zaid

    Zaid Guest

    the configuration above was just a small test model we used. the
    original model consists of (from bottom to top) 27 units 2950 switches,
    5 units 3550 switches, 1 unit 4500 core switch, 1 unit pix firewall,
    and 1 router 2800 unit.each 8 2950 switches is connected to one 3550
    distribution switch. the 3550 switches will all be connected to the
    4500 core switch, then the core switch will connect to the PIX and
    finally from the PIX to the router. it'll take us several days to start
    connecting all the above together. meanwhile we'll start configuring
    them step by step.while we begin doing so, i'll update you with all
    that you required above if you are interested.
     
    Zaid, Mar 26, 2006
    #14
  15. Zaid

    Merv Guest

    1. You DEFINITELY will want to use a dynamic routing protocol between
    the 4500 core switch and the 3550 distribution switches. Configure
    default route on 4500 and distribute to other switches via route
    redistribution.

    2. It looks like you plan to have one VLAN and one IP subnet per 2950
    access switch which is a good idea. You will not have to use
    spanning-tree in this type of setup.

    What software iamges are you planning to use for each switch tyep 4500,
    3350 and 2950 ?
     
    Merv, Mar 26, 2006
    #15
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. desdronox
    Replies:
    1
    Views:
    2,912
    Terry Baranski
    Jul 10, 2003
  2. SmilerNet

    Inter-VLAN Routing Cisco 3550 SMI

    SmilerNet, Sep 26, 2004, in forum: Cisco
    Replies:
    7
    Views:
    3,479
    Sam Wilson
    Oct 1, 2004
  3. joeblow
    Replies:
    3
    Views:
    1,249
    Philip D'Ath
    Mar 14, 2005
  4. RJH
    Replies:
    0
    Views:
    6,564
  5. Replies:
    3
    Views:
    620
    Walter Roberson
    Nov 8, 2006
Loading...

Share This Page