Inter vlan routing help - one vlan not routing

[amike]

I have 5 vlans 10, 102,103, 104, 255. Am able to ping/connect between all vlans except from 10 to 255. From 10 vlan I am unable to ping to any devices on 255 but can hit the 255 gateway. From the 3750 configured with the SVIs, I can ping the 255 gateway and all 255 devices. From any other switch,on vlan 10, I can only hit the 255 gateway svi Devices on the 255 vlan on all switches can communicate to each other and the other vlans. Am scratching my head on this one. Any help would be appreciated. Attached config of 3750 SVI and one of the other 3750s not configured with svi. Did not include all port stuff. Trace route from switch to 255 goes to svi but no further.

The 192.168.255.240 is my connection to the enterprise network. Some 255 devices need to communicate outside, and this portion appears to be working properly.

Thanks in advance.


3750 - SVIs

switch 1 provision ws-c3750g-48ts
switch 2 provision ws-c3750-24fs
system mtu routing 1500
vtp mode transparent
ip subnet-zero
ip routing
no ip domain-lookup
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10

!
vlan 102
!
vlan 103

!
vlan 104

!
vlan 255
!

interface Vlan1
no ip address
!
interface Vlan10
ip address 10.1.10.1 255.255.255.0
!
interface Vlan102
ip address 192.168.102.1 255.255.255.0
!
interface Vlan103
ip address 192.168.103.1 255.255.255.0
!
interface Vlan104
ip address 192.168.104.1 255.255.255.0
!
interface Vlan255
ip address 192.168.255.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.255.240
ip http server


3750 and 2960s with no svi

switch 1 provision ws-c3750g-48ts
switch 2 provision ws-c3750-24fs
switch 3 provision ws-c3750-24fs
system mtu routing 1500
vtp mode transparent
ip subnet-zero
no ip domain-lookup
spanning-tree mode rapid-pvst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10
!
vlan 102
!
vlan 103
!
vlan 104
!
vlan 255

interface Vlan1
no ip address
!
interface Vlan10
ip address 10.1.10.15 255.0.0.0
!
ip default-gateway 10.1.10.1
ip classless
ip http server

 

[vipergg]

I noticed on your other switches for your management the mask does not match what you have on the routing 3750 , don't know if that makes any difference unless you are sourcing your pings from the switches themselves and not a device off the switch.

 

[vipergg]

I would check all your switches and make sure you have created all your layer 2 vlans and have allowed all the neccesary vlans across the trunks between your switches. Verify all vlans on all switches are created with the "show vlan" command .

 

[amike]

I wasn't sure if the subnet would be a problem, so I corrected that problem. Didn't have any affect. The strange thing is on the 10.1.10.1 switch (with the svi's) you can ping any .255 devices. Telnetting into any other switch you can't. But you can hit the 255.1 svi on 10.1.10.1. I am not sure if the default forwarding route on the 10.1 switch is messing things up. Only some 255 devices need to route out to 255.240, was going to add a static route to those servers, but the forwarding ip is working. All switches have the l2 vlans. Will check this more today.

Thanks

 

[xyCruiseryx]

Hi,

it sounds like a ProxyArp effect in Vlan 255. Do you have other Routers in this VLan? y have, check the ProxyArp and ICMPRedirect settings on it (best is disable of this. Maybe you should sniff the traffic wo see the behavior and waht happends with the ACK-Pakets from v255.


Hope it helps.