VLAN help please

I've been experimenting with packet tracer and vlans and so far i think i'm in a bit of a muddle.

I setup a switch which has two virtual interfaces called:
VLAN1 192.168.0.5/24
VLAN2 172.16.0.1/16

I then attached 3 computers:
PC-A on 172.16.0.2
PC-B on 172.16.0.3
PC-C on 192.168.0.3

PC-A and PC-B are in VLAN2 default according to the show vlan br command and PC-C is in VLAN1.

I hope so far this sounds OK?

When I go into the command prompt of each computer I discovered that I can only ping a computer which is on the same network. Is this right so far? i also found that I can only ping the virtual vlan interface from the PC that it is attached to. for example PC-A can only ping 172.16.0.1(vlan2) and 172.16.0.3 (pc-b) from command prompt. Does anyone know why this is? i figured its cos they are on different VLANs?

I also discovered when I telnet from PC-A OR B to 172.16.0.1 (switch vlan1) i can ping any address including ones in vlan2.How the hell can that happen? i thought a router is needed for that

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

ehnde

If you want layer 3 routing outside of your vlan, you need to go through a router.

ccnaomkar

right

so host in one vlan cannot ping host in other vlan

u will require router for it or layer 3 switch

MrXpert

Sorry i added another part, what I said in the last para is that i can ping any host in any vlan from another vlan after i telnet to the switch. how is that possible? as i dont have a router

ehnde

MrXpert wrote: »

Sorry i added another part, what I said in the last para is that i can ping any host in any vlan from another vlan after i telnet to the switch. how is that possible? as i dont have a router

It's possible because the switch is connected to both vlans. If you had two network cards in one pc, and each NIC in the pc was connected to each vlan on your switch, you would be able to ping both vlans. Same concept

MrXpert

aha thanks verymuch!

so basically the switch has more flexiblity if I telnet to it or use console port so i'm likely to be able to ping both networks as it has two interfaces.

if i use the command prompt and just do a ping command from one pc to another then this is closer to how real communication is between them.As if one is on a different vlan and theres no routing then i wont be able to ping it.

i think I understand it now.

Dustin.cisco

Yup, Ping is a Layer 3 protocol so you need something that can route like a Router for pinging VLANS. This also called a Hub and Spoke where you have a Switch (with VLANS) connected to a Router. When you ping a VLAN, the ping actually goes through the switch and to the router to ask where the vlan is and the double's back hrough the switch.

The easiest way to do VLANS (although costly) is to use a Layer 3 Switch so all the routing for VLANS just takes place in one device

....I actually just bought one myself..cant wait for it to arrive =D