getting routing to work?

clarsonclarson Member Posts: 903 ■■■■□□□□□□
I'm looking to save a switches configuration to my tftp server. But, I'm unable to ping the pc's ip address. So, i'm trying to figure out why I'm unable to do so.
I have two switches. one is network 192.168.1.0, the other is 192.168.2.0. then subnet mask is 255.255.255.0 for both. and the host address is x.x.x.200 on both svi for the single (default) vlan that each has. I have one router that is connected via it's ethernet ports to each switch. The router reports that each network is directly connected to it.
ok each switch has the router's ethernet address set to it's default gateway (192.168.1.6 and 192.168.2.12). each switch can ping the router's ip addresses, but can't ping each other. set up a trunk between the switches. Then the two svi's can ping each other and the pc's mac address shows up in the mac address table on the trunks interface.
but still cant ping the pc from the second switch. Seems like there isn't any routing happening. the router is set up to do rip and has both networks in it's configuration.
So, what i'm I missing? any suggestions?
thanks

Comments

  • fredrikjjfredrikjj Member Posts: 879
    You shouldn't need a routing protocol in this scenario.

    My guess is that you've not a configured a default gateway somewhere, or misconfigured it. What points to this is that when you added the trunk between the switches, they were able to communicate directly over this trunk despite being on different subnets. Someone sent an ARP for the other switch's SVI and it responded over the trunk. Cisco devices seem to ARP for everything when they don't have a default gw. When the trunk is not there, the traffic needs to go via the default gateway (the router), which fails. That's my guess anyway.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Part of troubleshooting is analyzing the config. Paste your running config.
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    S1#show running-config
    Building configuration...
    Current configuration : 4181 bytes
    !
    version 15.0
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname S1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    username router123 privilege 15 secret 5 $1$N2bZ$Yenpv4i1YSSJmQFVKsnyt/
    no aaa new-model
    system mtu routing 1500
    vtp mode transparent
    !
    !
    no ip domain-lookup
    ip domain-name mylab.org
    !
    !
    crypto pki trustpoint TP-self-signed-174700032
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-174700032
    revocation-check none
    rsakeypair TP-self-signed-174700032
    !
    !
    crypto pki certificate chain TP-self-signed-174700032
    certificate self-signed 01
    30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31373437 30303033 32301E17 0D393330 33303130 30303130
    325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
    532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3137 34373030
    30333230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
    B0AD91E0 3A4EFEA8 340B2CD2 06589F15 E4C7BFAA 4F9BBD25 79126A50 C5A2785B
    7B26DCD3 9C8C59AE 0646815D 3A50B41D 8DAA9FD0 9CAB4C74 0BFFC77D 71F709D6
    B1C82D66 9F8AA7C8 318911F2 618B34E9 F2D29C89 DA7D68AA B0AA57CE 63172244
    36B4C56C 92725275 3B36AB3D 5D1D86C2 2118B37F 5B928529 8D9EF6ED 0BF6E9A5
    02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
    23041830 168014EC 4B4A1EF8 DC552F1A E83D7079 9BD8E75A 1B096430 1D060355
    1D0E0416 0414EC4B 4A1EF8DC 552F1AE8 3D70799B D8E75A1B 0964300D 06092A86
    4886F70D 01010505 00038181 008368C2 FCC1D077 46A9B916 AE1B847E 345855E2
    0E31855C 11DB09D6 E06AB90F 0550A5E1 42739CC6 B443A92D 027E1D37 2CB002F4
    7E51874E 179141F3 CED0D747 2E7238B4 97098836 AB30B402 40E764C0 8651CA4F
    01969683 6FEB2052 ECE75377 8A491D4F ED3796BD A7DA5793 4FD9C974 7BC14432
    3F375F89 D7BB3A52 DC64B3CF B0
    quit
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    ip ssh version 2
    !
    !
    !
    !
    !
    interface FastEthernet0/1
    description connection to PC
    switchport mode dynamic desirable
    !
    interface FastEthernet0/2
    description connection to R1 ethernet port 0/0
    switchport mode dynamic desirable
    !
    interface FastEthernet0/3
    switchport mode dynamic desirable
    !
    interface FastEthernet0/4
    description connection to R2 ethernet port 0/0
    switchport mode dynamic desirable
    !
    interface FastEthernet0/5
    switchport mode dynamic desirable
    !
    interface FastEthernet0/6
    description connection to R3 ethernet port 0/0
    switchport mode dynamic desirable
    !
    interface FastEthernet0/7
    switchport mode dynamic desirable
    !
    interface FastEthernet0/8
    switchport mode dynamic desirable
    !
    interface GigabitEthernet0/1
    description crossover connection to S2
    switchport mode trunk
    !
    interface Vlan1
    ip address 192.168.1.200 255.255.255.0
    no ip route-cache
    !
    ip default-gateway 192.168.1.2
    no ip http server
    ip http secure-server
    !
    banner login ^C This is S1 ^C
    banner motd ^C

    ! WARNING !
    AUTHORIZED PERSONAL ONLY
    TRESSPASSING IS VIOLATION OF LAW AND WILL
    PROSECUTED TO THE HIGHEST
    EXTENT OF THE LAW
    ! WARNING !
    ^C
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line vty 0 4
    privilege level 15
    login local
    transport input telnet ssh
    line vty 5 15
    no login
    !
    end
    S1#
    S2#show running-config
    Building configuration...
    Current configuration : 4294 bytes
    !
    version 15.0
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname S2
    !
    boot-start-marker
    boot-end-marker
    !
    !
    username router123 privilege 15 secret 5 $1$N2bZ$Yenpv4i1YSSJmQFVKsnyt/
    no aaa new-model
    system mtu routing 1500
    vtp mode transparent
    !
    !
    no ip domain-lookup
    ip domain-name mylab.org
    !
    !
    crypto pki trustpoint TP-self-signed-3272919808
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-3272919808
    revocation-check none
    rsakeypair TP-self-signed-3272919808
    !
    !
    crypto pki certificate chain TP-self-signed-3272919808
    certificate self-signed 01
    3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 33323732 39313938 3038301E 170D3933 30333031 30303030
    35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32373239
    31393830 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100CB60 BC77C7BD F41FFBEC 1652385E 979BF650 36AAA1C2 4E118080 1ED96A37
    B2511C31 60DC2415 1498BC87 54725576 7D507B3E 2A2A09EC FB007EF4 6E653A1F
    71316B43 0144B9ED 8B4FB3FA 586804EB 8AAD4438 9E629D15 710B64F9 D1AA7357
    08218FA2 6E727BFC 03A3FD1A F9876EA0 8AD01F11 4417197B 17534702 53C07E05
    E5350203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
    551D2304 18301680 14AEF643 F169F81B 0889A168 781E4C20 7F7AD23E 7B301D06
    03551D0E 04160414 AEF643F1 69F81B08 89A16878 1E4C207F 7AD23E7B 300D0609
    2A864886 F70D0101 05050003 81810035 6C7B89E5 E9FC3898 AF7ED4DD F7612716
    3C2CE05E D7937A9C 9C250D90 60F787A9 5D5B7B32 EC19D799 57A6CE0E B60AD0F2
    AC968F32 A80FF956 77270EB0 5F10A449 D5FE44C2 26378832 0A0FEFB7 96054F62
    C82BDF9B 1D4C0EFE AA8D351D 2E14C234 EBB51322 1E55F64B B32C1BB2 6D54A8BF
    90614E91 137E0428 B4594293 4A9E60
    quit
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    ip ssh version 2
    !
    !
    !
    !
    !
    interface FastEthernet0/1
    !
    interface FastEthernet0/2
    !
    interface FastEthernet0/3
    !
    interface FastEthernet0/4
    !
    interface FastEthernet0/5
    !
    interface FastEthernet0/6
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    description connection to R1 0/1
    !
    interface FastEthernet0/9
    !
    interface FastEthernet0/10
    description connection to R3 0/1
    !
    interface FastEthernet0/11
    !
    interface FastEthernet0/12
    !
    interface FastEthernet0/13
    !
    interface FastEthernet0/14
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    !
    interface FastEthernet0/17
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    !
    interface FastEthernet0/22
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface GigabitEthernet0/1
    description connection to S1 0/1
    switchport mode trunk
    !
    interface GigabitEthernet0/2
    description connection to S1 0/2
    !
    interface Vlan1
    ip address 192.168.2.200 255.255.255.0
    no ip route-cache
    !
    no ip http server
    ip http secure-server
    !
    banner login ^C This is S2 ^C
    banner motd ^C

    ! WARNING !
    AUTHORIZED PERSONAL ONLY
    TRESSPASSING IS VIOLATION OF LAW AND WILL
    PROSECUTED TO THE HIGHEST
    EXTENT OF THE LAW
    ! WARNING !
    ^C
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line vty 0 4
    privilege level 15
    login local
    transport input telnet ssh
    line vty 5 15
    no login
    !
    end
    S2#
    R3#
    R3#
    R3#show running-config
    Building configuration...

    Current configuration : 2693 bytes
    !
    ! Last configuration change at 00:57:42 UTC Tue Nov 25 2014 by router123
    version 15.1
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R3
    !
    boot-start-marker
    boot system flash:c2800nm-adventerprisek9-mz.151-4.M8.bin
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    dot11 syslog
    ip source-route
    !
    !
    ip cef
    !
    !
    !
    no ip domain lookup
    ip domain name mylab.org
    no ipv6 cef
    !
    multilink bundle-name authenticated
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    voice-card 0
    !
    crypto pki token default removal timeout 0
    !
    !
    !
    !
    license udi pid CISCO2851 sn FTX1051A40Y
    archive
    log config
    hidekeys
    username router123 privilege 15 secret 5 $1$8hsc$YKsLAUEXC9rGsWGE/nw2v.
    !
    redundancy
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0
    description connection to S1 port 6
    ip address 192.168.1.6 255.255.255.0
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    description connection to S2 port 12
    ip address 192.168.2.12 255.255.255.0
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    description T1 serial connection to R1 port 0/1
    ip address 10.1.3.1 255.255.255.252
    encapsulation ppp
    service-module t1 clock source internal
    !
    interface Serial0/1/0
    description T1 serial connection to R2 port 0/0
    ip address 10.1.2.2 255.255.255.252
    encapsulation ppp
    !
    router rip
    version 2
    network 10.0.0.0
    network 192.168.1.0
    network 192.168.2.0
    no auto-summary
    !
    ip forward-protocol nd
    no ip http server
    no ip http secure-server
    !
    !
    !
    !
    !
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    mgcp profile default
    !
    !
    !
    !
    !
    banner login ^C
    This is the R3 Router
    ^C
    banner motd ^C

    ! WARNING !
    AUTHORIZED PERSONAL ONLY
    TRESSPASSING IS VIOLATION OF LAW AND WILL
    PROSECUTED TO THE HIGHEST
    EXTENT OF THE LAW
    ! WARNING !
    ^C
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line aux 0
    line vty 0 4
    privilege level 15
    login local
    transport input telnet ssh
    !
    scheduler allocate 20000 1000
    end
    R3#
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    hate to post a big long message like that, but there are the configs.
    the switches don't have any default gateway set. But, didn't work after I set them either.
    Thanks for all the help
  • fredrikjjfredrikjj Member Posts: 879
    I only see one default gateway configured and it's not the correct IP address.
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    Yes, you are right about the one default gateway. Restarted the equipment, so i'd be back to the startup configs. Not so much incorrect, as inappropriate for this setup. That is to another router in my lab that isn't turned on for this setup.
    Removed the default gateway, so it is now not there.
    S1#show ip default
    192.168.1.2
    S1#config t
    Enter configuration commands, one per line. End with CNTL/Z.
    S1(config)#no ip default
    S1(config)#no ip default-gateway
    S1(config)#end
    S1#
    00:07:24: %SYS-5-CONFIG_I: Configured from console by console
    S1#show ip default
    0.0.0.0
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    Does the PC allow you to ping it? I.e. firewall?

    Also.. BOTH switches need a default gateway if they are not participating in routing. All well and good getting traffic from S1->R->S2 but S2 needs a default gateway so it knows how to send the packets back to S1.

    The routers two ethernet interfaces should be one each in each network, but you knew that.
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    Yes, I would have thought both switches would need a default gateway set. But, for whatever reason with defaults set last night it wasn't working.
    And, after being shut down over night and restarted with no defaults set. things are now working. go figure.
    S2#ping 192.168.1.200
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 192.168.1.200, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/9 ms
    S2#ping 192.168.1.10
    Type escape sequence to abort.
    Sending 5, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:
    !!!!!
    Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/9 ms
  • fredrikjjfredrikjj Member Posts: 879
    clarson wrote: »
    [...]
    no defaults set. things are now working. go figure.
    [...]

    Working due to proxy ARP running on the router's two interfaces. It "works", but not really. You could read up on that feature and try to figure out why you should use default gateways instead.
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    ok take that back. it is only working with a second router (r2) is running. r2 has an ethernet connection to each switch also and a serial connection to r3. with r2 &r3 running it works. with just r3 running it doesn't. 192.168.2.10 is on r2

    S2#traceroute 192.168.1.200
    Type escape sequence to abort.
    Tracing the route to 192.168.1.200
    VRF info: (vrf in name/id, vrf out name/id)
    1 192.168.2.10 0 msec 9 msec 0 msec
    2 192.168.1.200 0 msec * 0 msec
    S2#traceroute 192.168.1.200
    01:04:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
    01:04:20: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to down
    S2#traceroute 192.168.1.200
    Type escape sequence to abort.
    Tracing the route to 192.168.1.200
    VRF info: (vrf in name/id, vrf out name/id)
    1 * * *
    2 * * *
    3 * * *
    4 * *
    S2#
    01:05:26: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to up
    01:05:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
    S2#traceroute 192.168.1.200
    Type escape sequence to abort.
    Tracing the route to 192.168.1.200
    VRF info: (vrf in name/id, vrf out name/id)
    1
    01:06:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down *
    01:06:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up * *
    2 * * *
    3 * * *
    4 * *
    192.168.1.200 0 msec
    S2#traceroute 192.168.1.200
    Type escape sequence to abort.
    Tracing the route to 192.168.1.200
    VRF info: (vrf in name/id, vrf out name/id)
    1 *
    192.168.2.10 0 msec 0 msec
    2 192.168.1.200 9 msec * 0 msec
    S2#
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    I'm not sure what you mean by that comment...?
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    Well the comment was about those 3 post that seem the same. They had been blocked as possible spam. But, the moderator approved them. and now i do look like a spammer.
    anyway here is the running config of the router that seems to be working (r2).
    R2#show running
    Building configuration...

    Current configuration : 2620 bytes
    !
    version 15.1
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R2
    !
    boot-start-marker
    boot system flash:c2800nm-adventerprisek9-mz.151-4.M8.bin
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    dot11 syslog
    ip source-route
    !
    !
    ip cef
    !
    !
    !
    no ip domain lookup
    ip domain name mylab.org
    no ipv6 cef
    !
    multilink bundle-name authenticated
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    voice-card 0
    !
    crypto pki token default removal timeout 0
    !
    !
    !
    !
    license udi pid CISCO2851 sn FHK1202F4FX
    archive
    log config
    hidekeys
    username router123 privilege 15 secret 5 $1$8hsc$YKsLAUEXC9rGsWGE/nw2v.
    !
    redundancy
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface GigabitEthernet0/0
    description connection to S1 port 4
    ip address 192.168.1.4 255.255.255.0
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    description connection to S2 port 10
    ip address 192.168.2.10 255.255.255.0
    duplex auto
    speed auto
    !
    interface Serial0/0/0
    description T1 serial connection to R3 port 0/1
    ip address 10.1.2.1 255.255.255.252
    encapsulation ppp
    service-module t1 clock source internal
    !
    interface Serial0/1/0
    description T1 serial connection to R1 port 0/0
    ip address 10.1.1.2 255.255.255.252
    encapsulation ppp
    !
    router rip
    version 2
    network 10.0.0.0
    network 192.168.1.0
    network 192.168.2.0
    no auto-summary
    !
    ip forward-protocol nd
    no ip http server
    no ip http secure-server
    !
    !
    !
    !
    !
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    mgcp profile default
    !
    !
    !
    !
    !
    banner login ^C
    This is the R2 Router
    ^C
    banner motd ^C

    ! WARNING !
    AUTHORIZED PERSONAL ONLY
    TRESSPASSING IS VIOLATION OF LAW AND WILL
    PROSECUTED TO THE HIGHEST
    EXTENT OF THE LAW
    ! WARNING !
    ^C
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line aux 0
    line vty 0 4
    privilege level 15
    login local
    transport input telnet ssh
    !
    scheduler allocate 20000 1000
    end
    R2#
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    oh my now i have two of those messages too. Just having one of those days.
    Anyway, I don't see any real difference between r3 and r2's configurations. I'll have to take a close look at cables again.

    (hey you can delete messages on here. So, I deleted a few of the extra ones to keep from boring you)
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    Well. I removed the trunks so the switches can't communicate that way. Added a pc to each switch to have something to ping to and from.
    pc's can ping each other and both switches. switches can ping both pc's But, switches can't ping each other. Added a default gateway to the switches that is the same as for the pc's.
    Any thoughts on why they cant ping each other?
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    ok. I got it working. it seems you can set the default gateway and even save it. But, it doesn't actually get set until the ios is reloaded. So, the fix was to set the default gateway, save the configureation, and reload the ios. And then it all works.
Sign In or Register to comment.