INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!

Talk With Other Members
Be Notified Of Responses
To Your Posts
Keyword Search
One-Click Access To Your
Favorite Forums
Automated Signatures
On Your Posts
Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Tek-Tips LinkedIn^® Group

Join our
LinkedIn^® Group!

Hook up with past and present colleagues and classmates quickly.

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site

(Download This Button Today!)

Feedback

"...I'm so glad I found this site... Now I can get some sleep, because my problem is solved..."

More...

Geography

Where in the world do Tek-Tips members come from?

Click Here To Find Out!

Tek-Tips Shirts!

Get your
Tek-Tips Forums
SWAG here!

Home > Forums > Communications Rack > Networking > Cisco: Switches Forum

Inter-Vlan Routing Question

Read More Threads Like This One

phillroc (IS/IT--Management)

30 Nov 11 11:43

Hi,

I am relatively new to managed switch configuration so please bear with me here as I try to explain my issue.

I have three Cisco 3560 switches with 3 VLAN's. The main networked vlan is 10.1.1.0, I have a VoIP vlan at 10.1.20.0 and a newly added VLAN at 10.1.2.0

I have a Cisco ASA 5510 as my perimeter firewall at 10.1.1.254, but use one of the switches as a gateway. My DHCP server has two NIC's, one on 10.1.1.x and one on 10.1.2.x,

-I can ping the VLAN gateway addresses on the 10.1.2.x subnet from 10.1.1.1
-If I setup a static ip on the 10.1.2.x subnet I can NOT ping anything on 10.1.1.0 or get out to the internet
-My PBX box, setup on 10.1.20.x with a gateway of 10.1.20.252 can get to anything on the other two VLAN's

Here is the config for the switch my dhcp server is connected to:

no aaa new-model
clock summer-time UTC recurring last Sun Mar 1:00 last Sun Oct 2:00
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-2,20 priority 24576
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1-21 (all the same)
description Data+Voice
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast

interface GigabitEthernet0/22 -- Second NIC on dhcp server to this interface
description Data+Voice
switchport access vlan 2
switchport trunk allowed vlan 1,2,20
spanning-tree portfast

--Rest of interfaces same as 0/1--

interface Vlan1
ip address 10.1.1.251 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan2
ip address 10.1.2.251 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan20
ip address 10.1.20.251 255.255.255.0
ip helper-address 10.1.1.4
!
ip default-gateway 10.1.1.254
no ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.254
ip http server
!

Here is the config for my 10.1.1.x network gateway:

!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-2,20 priority 24576
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description ASA Interface
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/2
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/3
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/4
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/5-52
description Data+Voice
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast

interface Vlan1
ip address 10.1.1.252 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan2
ip address 10.1.2.252 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan20
ip address 10.1.20.252 255.255.255.0
ip helper-address 10.1.1.4
!
ip default-gateway 10.1.1.254
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.254
ip http server
!
!
control-plane
!

I think that is just about everything...Any help that anyone could provide would be greatly appreciated.

vipergg (MIS)

30 Nov 11 17:34

When you set up the static on 10.1.2.X what did you use as the gateway on the nic ? Should be 10.1.2.252. You dont need the ip default gateway command on the switch if you are routing. I dont really understand what you have there with 2 switches routing the same ip space . If these 3560's are tied together only one should be doing any routing of the address space and the other 2 should be trunked off the one main router. Perhaps a drawing would help.

phillroc (IS/IT--Management)

30 Nov 11 18:00

Hi Viper, Thanks for the info

I did indeed try it with a gateway of 10.1.2.252 when setting it static to no avail. My intention with the second subnet was to just expand available IP addresses seamlessly. Everything should be able to see everything.

You'll have to forgive me as I am relatively new to managed switch configuring, I have a much stronger background in PIX/ASA's...That said, during the configuration I may have put 'ip routing' line in the others for troubleshooting steps without really knowing exactly what I was doing. Would that cause my issues, or is it more of a best practice?

Thanks again for replying, I will start by taking out the ip route on the 251/253 switches.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To Cisco: Switches