IP Routing Question on 3560 Switches

Discussion in 'Cisco' started by Rich, Apr 11, 2007.

  1. Rich

    Rich Guest

    Hi,

    I have a network with two Cisco Catalyst 3560 switches ( standard image )
    and am trying to setup routing between VLANs.

    The two switches are connected via fibre and the fibre port is set as a
    dot1Q trunk ( all VLANs ).

    There are a number of VLANs:

    VLAN3 192.168.3.0/24
    VLAN4 192.168.4.0/24
    VLAN5 192.168.5.0/24
    etc...

    None of these are on the management VLAN.

    VTP is up and running across the fibre link so the VLANs are replicating
    between switches.

    When I enable IP routing I can get some semblence of routing going on
    between VLANs, but not others. For example, a client on VLAN3 can ping
    another client on VLAN4, but cannot ping a client on VLAN5. VLAN5 can be
    pinged via the diagnostics utility in the switch though. Another strange
    one is that an APC UPS connected to one switch can be pinged by IP address
    from the other switch, but tyring to access the web control panel using the
    same IP address fails.

    When two 3560 switches are configured as above, does IP routing have to be
    enabled on both switches? If so, what IP addresses should be used for the
    VLANs?

    I have tried using, say, 192.168.3.1 as the IP address for VLAN3 ( on both
    switches ) but this doesn't seem to make sense.


    --
    Rich
     
    Rich, Apr 11, 2007
    #1
    1. Advertising

  2. Rich

    Kyle Evans Guest

    Rich,

    You only need ip routing on one switch, and that switch should have a
    vlan interface with an ip address configured for each vlan. The gateway
    address on the client PCs should be the ip address on the vlan interface
    for their vlan. The second switch only needs to have all the vlans (no
    vlan interfaces required).


    Kyle

    Rich wrote:
    > Hi,
    >
    > I have a network with two Cisco Catalyst 3560 switches ( standard image
    > ) and am trying to setup routing between VLANs.
    >
    > The two switches are connected via fibre and the fibre port is set as a
    > dot1Q trunk ( all VLANs ).
    >
    > There are a number of VLANs:
    >
    > VLAN3 192.168.3.0/24
    > VLAN4 192.168.4.0/24
    > VLAN5 192.168.5.0/24
    > etc...
    >
    > None of these are on the management VLAN.
    >
    > VTP is up and running across the fibre link so the VLANs are replicating
    > between switches.
    >
    > When I enable IP routing I can get some semblence of routing going on
    > between VLANs, but not others. For example, a client on VLAN3 can ping
    > another client on VLAN4, but cannot ping a client on VLAN5. VLAN5 can
    > be pinged via the diagnostics utility in the switch though. Another
    > strange one is that an APC UPS connected to one switch can be pinged by
    > IP address from the other switch, but tyring to access the web control
    > panel using the same IP address fails.
    >
    > When two 3560 switches are configured as above, does IP routing have to
    > be enabled on both switches? If so, what IP addresses should be used
    > for the VLANs?
    >
    > I have tried using, say, 192.168.3.1 as the IP address for VLAN3 ( on
    > both switches ) but this doesn't seem to make sense.
    >
    >
     
    Kyle Evans, Apr 11, 2007
    #2
    1. Advertising

  3. Rich

    Rich Guest

    Kyle,

    Thanks for that, you nailed it in one!

    I scrubbed the routing config from the second switch, adjusted a few client
    gateway settings and "badda-boom" - working fine.

    --
    Rich


    "Kyle Evans" <> wrote in message
    news:evj42f$c20$-state.edu...
    > Rich,
    >
    > You only need ip routing on one switch, and that switch should have a
    > vlan interface with an ip address configured for each vlan. The gateway
    > address on the client PCs should be the ip address on the vlan interface
    > for their vlan. The second switch only needs to have all the vlans (no
    > vlan interfaces required).
    >
    >
    > Kyle
    >
    > Rich wrote:
    >> Hi,
    >>
    >> I have a network with two Cisco Catalyst 3560 switches ( standard image
    >> ) and am trying to setup routing between VLANs.
    >>
    >> The two switches are connected via fibre and the fibre port is set as a
    >> dot1Q trunk ( all VLANs ).
    >>
    >> There are a number of VLANs:
    >>
    >> VLAN3 192.168.3.0/24
    >> VLAN4 192.168.4.0/24
    >> VLAN5 192.168.5.0/24
    >> etc...
    >>
    >> None of these are on the management VLAN.
    >>
    >> VTP is up and running across the fibre link so the VLANs are replicating
    >> between switches.
    >>
    >> When I enable IP routing I can get some semblence of routing going on
    >> between VLANs, but not others. For example, a client on VLAN3 can ping
    >> another client on VLAN4, but cannot ping a client on VLAN5. VLAN5 can
    >> be pinged via the diagnostics utility in the switch though. Another
    >> strange one is that an APC UPS connected to one switch can be pinged by
    >> IP address from the other switch, but tyring to access the web control
    >> panel using the same IP address fails.
    >>
    >> When two 3560 switches are configured as above, does IP routing have to
    >> be enabled on both switches? If so, what IP addresses should be used
    >> for the VLANs?
    >>
    >> I have tried using, say, 192.168.3.1 as the IP address for VLAN3 ( on
    >> both switches ) but this doesn't seem to make sense.
    >>
    >>
     
    Rich, Apr 11, 2007
    #3
  4. Rich

    Trendkill Guest

    On Apr 11, 2:38 pm, "Rich" <> wrote:
    > Kyle,
    >
    > Thanks for that, you nailed it in one!
    >
    > I scrubbed the routing config from the second switch, adjusted a few client
    > gateway settings and "badda-boom" - working fine.
    >
    > --
    > Rich
    >
    > "Kyle Evans" <> wrote in message
    >
    > news:evj42f$c20$-state.edu...
    >
    > > Rich,

    >
    > > You only need ip routing on one switch, and that switch should have a
    > > vlan interface with an ip address configured for each vlan. The gateway
    > > address on the client PCs should be the ip address on the vlan interface
    > > for their vlan. The second switch only needs to have all the vlans (no
    > > vlan interfaces required).

    >
    > > Kyle

    >
    > > Rich wrote:
    > >> Hi,

    >
    > >> I have a network with two Cisco Catalyst 3560 switches ( standard image
    > >> ) and am trying to setup routing between VLANs.

    >
    > >> The two switches are connected via fibre and the fibre port is set as a
    > >> dot1Q trunk ( all VLANs ).

    >
    > >> There are a number of VLANs:

    >
    > >> VLAN3 192.168.3.0/24
    > >> VLAN4 192.168.4.0/24
    > >> VLAN5 192.168.5.0/24
    > >> etc...

    >
    > >> None of these are on the management VLAN.

    >
    > >> VTP is up and running across the fibre link so the VLANs are replicating
    > >> between switches.

    >
    > >> When I enable IP routing I can get some semblence of routing going on
    > >> between VLANs, but not others. For example, a client on VLAN3 can ping
    > >> another client on VLAN4, but cannot ping a client on VLAN5. VLAN5 can
    > >> be pinged via the diagnostics utility in the switch though. Another
    > >> strange one is that an APC UPS connected to one switch can be pinged by
    > >> IP address from the other switch, but tyring to access the web control
    > >> panel using the same IP address fails.

    >
    > >> When two 3560 switches are configured as above, does IP routing have to
    > >> be enabled on both switches? If so, what IP addresses should be used
    > >> for the VLANs?

    >
    > >> I have tried using, say, 192.168.3.1 as the IP address for VLAN3 ( on
    > >> both switches ) but this doesn't seem to make sense.


    Truthfully, and if these are failover, you should turn up an IP
    address on each and run HSRP which will be the gateway. Might as well
    have layer 2 and 3 redundancy, particularly if any boxes have a
    connection to each switch. Would hate for you to lose the switch that
    controls layer 3, and have the other switch be a sitting duck.
     
    Trendkill, Apr 11, 2007
    #4
  5. Rich

    Rich Guest

    "Trendkill" <> wrote in message
    news:...

    >
    > Truthfully, and if these are failover, you should turn up an IP
    > address on each and run HSRP which will be the gateway. Might as well
    > have layer 2 and 3 redundancy, particularly if any boxes have a
    > connection to each switch. Would hate for you to lose the switch that
    > controls layer 3, and have the other switch be a sitting duck.
    >



    Thanks for the tip Trendkill, I wasn't aware of HSRP. Looks good.

    --
    Rich
     
    Rich, Apr 12, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Alex g
    Replies:
    0
    Views:
    482
    Alex g
    Feb 21, 2006
  2. Replies:
    1
    Views:
    3,017
  3. Replies:
    7
    Views:
    6,313
  4. Replies:
    3
    Views:
    535
  5. Trendkill
    Replies:
    7
    Views:
    1,373
Loading...

Share This Page