Switching/Routing/Subinterfaces

j3rm1981

Hi all,

First visit to the forums and very green in the world of switching and routing, so be gentle!

I've got two switches, both 3750 series. I've got a router, an 1841.

I've got two laptops on separate VLANs (20 & 30), switch 2 & the router all connected to switch 1.

I can ping between the laptops (10.10.20.11/10.10.30.11), which tells me I've got routing working at least in some capacity.

I can both the switches (10.10.10.10, 10.10.20.10, 10.10.30.10, 10.10.10.20, 10.10.20.20, 10.10.30.20).

I can ping any of the subinterfaces (10.10.10.1, 10.10.20.1, 10.10.30.1) of the router.

I cannot ping the router itself (10.10.10.253) which I've used as my default gateway for all other routing. This confuses me as the router actually appears to be doing its job and I can seemingly communicate THROUGH just not TO it.

Can anyone please help?

Here's my configs so far:

Switch 1 (3750 Series - 24 port copper, 4 port fibre)

---

Current configuration : 3424 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 3750-1.test
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
switch 1 provision ws-c3750g-24ts
system mtu routing 1500
authentication mac-move permit
ip subnet-zero
ip routing
!
!
!
password encryption aes
lacp system-priority 65535
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
vlan dot1q tag native
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport access vlan 30
!
interface GigabitEthernet1/0/2
switchport access vlan 20
!
interface GigabitEthernet1/0/3
switchport access vlan 10
!
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
!
interface GigabitEthernet1/0/25
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/26
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/27
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/28
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
description MGMT
ip address 10.10.10.10 255.255.255.0
!
interface Vlan20
description RF Network
ip address 10.10.20.10 255.255.255.0
!
interface Vlan30
description JB Network
ip address 10.10.30.10 255.255.255.0
!
router rip
network 10.0.0.0
!
ip default-gateway 10.10.10.253
ip classless
ip route 10.10.10.0 255.255.255.0 10.10.10.253
ip route 10.10.20.0 255.255.255.0 10.10.10.253
ip route 10.10.30.0 255.255.255.0 10.10.10.253
ip route 10.10.30.0 255.255.255.0 10.10.30.1
ip http server
!
ip sla enable reaction-alerts
!
monitor session 1 source interface Gi1/0/3
monitor session 1 destination interface Gi1/0/13
end

Switch 2 (3750 Series - 12 port fibre)

---

Current configuration : 4668 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 3750-2.test
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
switch 1 provision ws-c3750g-12s
system mtu routing 1998
ip subnet-zero
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/3
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/5
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/6
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/7
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/8
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/9
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/10
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/11
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface GigabitEthernet1/0/12
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-group 1 mode active
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.10.20 255.255.255.0
!
interface Vlan20
ip address 10.10.20.20 255.255.255.0
!
interface Vlan30
ip address 10.10.30.20 255.255.255.0
!
ip default-gateway 10.10.10.253
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
end


Router (1841)

---

Current configuration : 2845 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cisco1841.test
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip routing
no ip cef
!
!
!
!
ip domain name rtp.configtest.com
!
bridge irb
!
!
!
interface FastEthernet0/0
description Cisco 3750 Switch gig 1/0/24
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.10.10.1 255.255.255.0
no ip route-cache
no snmp trap link-status
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.10.20.1 255.255.255.0
no ip route-cache
no snmp trap link-status
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.10.30.1 255.255.255.0
no ip route-cache
no snmp trap link-status
!
interface FastEthernet0/1
no ip address
no ip route-cache
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no ip route-cache
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
ip default-gateway 10.10.10.253
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
control-plane
!
banner motd
!
transport input none
!
end

joe48184

I may be mistaken, but I dont see 10.10.10.253 assigned to any of your routers sub-interfaces. With the ROS setup you have, the sub inerface ip's will be the default gateway ip's you'll use for the various Vlans.

interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.10.10.1 255.255.255.0
no ip route-cache
no snmp trap link-status
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.10.20.1 255.255.255.0
no ip route-cache
no snmp trap link-status
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.10.30.1 255.255.255.0
no ip route-cache
no snmp trap link-status

j3rm1981

joe48184 wrote: »

I may be mistaken, but I dont see 10.10.10.253 assigned to any of your routers sub-interfaces. With the ROS setup you have, the sub inerface ip's will be the default gateway ip's you'll use for the various Vlans.

Ahhh. Okay. Thanks very much!

As I said, I'm still very green in all this routing and switching business but trying to learn all I can as quickly as I can.

So that makes sense I guess that the sub-interfaces' IPs will act as the default gateways for the various networks. I have my laptop on 10.10.30.11/24 with a default gateway of 10.10.30.1 and can now ping 10.10.30.1 as well as x.x.20.1 and x.x.10.1. However, I can no longer ping another laptop I have currently sitting on 10.10.20.11/24 with a default gateway of 10.10.20.1.

This makes sense to me...they're effectively using two different networks and two different default gateways. Is there away for me to allow communication between the two laptops whilst keeping them on their networks properly (i.e., not changing the default gateways)?

joe48184

j3rm1981 wrote: »

Ahhh. Okay. Thanks very much!

As I said, I'm still very green in all this routing and switching business but trying to learn all I can as quickly as I can.

So that makes sense I guess that the sub-interfaces' IPs will act as the default gateways for the various networks. I have my laptop on 10.10.30.11/24 with a default gateway of 10.10.30.1 and can now ping 10.10.30.1 as well as x.x.20.1 and x.x.10.1. However, I can no longer ping another laptop I have currently sitting on 10.10.20.11/24 with a default gateway of 10.10.20.1.

This makes sense to me...they're effectively using two different networks and two different default gateways. Is there away for me to allow communication between the two laptops whilst keeping them on their networks properly (i.e., not changing the default gateways)?

Is the laptop with the 10.10.20.11/24 ip sitting on a port thats in the 20 vlan and is that port an access port, also.. is the interface open?

j3rm1981

joe48184 wrote: »

Is the laptop with the 10.10.20.11/24 ip sitting on a port thats in the 20 vlan and is that port an access port, also.. is the interface open?

Yes and yes. The 20 laptop is in port 2 of switch 1, which is currently switchport access vlan 20.

joe48184

j3rm1981 wrote: »

Yes and yes. The 20 laptop is in port 2 of switch 1, which is currently switchport access vlan 20.

and the laptops gateway ip is 10.10.20.1 ?

j3rm1981

joe48184 wrote: »

and the laptops gateway ip is 10.10.20.1 ?

Yes.

I've had Switch 1 on a default gateway of 10.10.10.253 (back when I thought I needed this on the router). But do I need a 'blanket default gateway' (for lack of a better term springing to mind) for the router so that the switch knows it needs to send traffic to the router for switching to other networks?

I.E., send all network 20 traffic to 192.168.1.1 (for example) which will be the router, and from there the router can separate it out into the different networks via the other default gateways (10.10.x.1)?

chX

Forgive me if I'm wrong, I'm extremely tired.

The 3750 switches are Layer 3 switches (you have static routes implemented on the switches) and you're also doing a router on a stick setup with them?

I'd probably start trying to simplify the setup, or realise I'm completely wrong and fall asleep.

j3rm1981

chX wrote: »

Forgive me if I'm wrong, I'm extremely tired.

The 3750 switches are Layer 3 switches (you have static routes implemented on the switches) and you're also doing a router on a stick setup with them?

I'd probably start trying to simplify the setup, or realise I'm completely wrong and fall asleep.

Ha!

Cheers for the help, but it looks like my colleague has sorted it. It appears we hadn't enabled RIP!

joe48184

j3rm1981 wrote: »

Ha!

Cheers for the help, but it looks like my colleague has sorted it. It appears we hadn't enabled RIP!

I guess its has something to do with the line in the config that says "no ip routing"

j3rm1981

joe48184 wrote: »

I guess its has something to do with the line in the config that says "no ip routing"

Live and learn!