Inter-VLAN Routing

SysAdmin4066SysAdmin4066 Member Posts: 443
I'm having some problems with configuration for a router on a stick in my lab. At first I tried the BCMSN IVR lab setup of 2 switches connected by EtherChannel and 2 routers, one serving as ROAS, the other serving as an ISP router. This didnt work out well, as I wasnt able to ping anything, not the gateways, nothing. So I decided to simplify the config a little and went with one router, one switch. 1 2950, 1 3640, and two hosts connected to the 2950. My problem is, I can ping each hosts gateway, but no farther. In other words, I cant ping the other gateway from the switch. Setup is as follows;


2 VLANs, 10 is configured for port 11 and 20 is configured for port 12. The hosts are connected to these two ports, both ports are set as static access ports, no portfast (could be important to someone??). Router is attached at port 1 of the switch. 2 subinterfaces are configured, .10 and .20. .10's address corresponds to the vlan 10's subnet and .20's address for vlan 20. I've tripled checked the configs, no numbers were fat fingered, no issues with typos. The subinterfaces were given the command "encapsulation dot1q 10" and "encapsulation dot1q 20" respectively.

I cant for the life of me figure out what i'm dong wrong. I'm familiar with IVR, i've done it before in the real world, but on newer equipment. Is there some sort of gotcha in the works here? The router interface is an ethernet interface by the way (10Mps). Does that affect IVR?
In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

Next Up: CCIE R&S Lab

Comments

  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    The first thing I notice is that for the size of your post, there are more lines in you signature than there are in the actual post content.

    Looking at a couple threads that you have posted in, the majority lines of text in those threads is your signature. Having to page down 10-15 times in a thread for only 3 pages of real content is ridiculous.
    My problem is, I can ping each hosts gateway, but no farther.
    You can ping each hosts gateway from what? The host? Both hosts? The router? The switch?

    If the hosts can ping their own gateway, but not each other then it's usually the firewalls on the PCs.

    Can the router ping the hosts?
    In other words, I cant ping the other gateway from the switch. Setup is as follows;
    Other gateway? You haven't mentioned how you configured your administrative interface on the switch -- so I'm not sure which one is the "other gateway."
    Setup is as follows;
    Is VLAN 10 or VLAN 20 on the switch being used as the switch administrative interface? What did you configure as the default gateway on the switch?
    :mike: Cisco Certifications -- Collect the Entire Set!
  • tech-airmantech-airman Member Posts: 953
    SysAdmin4066,
    I'm having some problems with configuration for a router on a stick in my lab. At first I tried the BCMSN IVR lab setup of 2 switches connected by EtherChannel and 2 routers, one serving as ROAS, the other serving as an ISP router. This didnt work out well, as I wasnt able to ping anything, not the gateways, nothing. So I decided to simplify the config a little and went with one router, one switch. 1 2950, 1 3640, and two hosts connected to the 2950. My problem is, I can ping each hosts gateway, but no farther. In other words, I cant ping the other gateway from the switch. Setup is as follows;


    2 VLANs, 10 is configured for port 11 and 20 is configured for port 12. The hosts are connected to these two ports, both ports are set as static access ports, no portfast (could be important to someone??). Router is attached at port 1 of the switch. 2 subinterfaces are configured, .10 and .20. .10's address corresponds to the vlan 10's subnet and .20's address for vlan 20. I've tripled checked the configs, no numbers were fat fingered, no issues with typos. The subinterfaces were given the command "encapsulation dot1q 10" and "encapsulation dot1q 20" respectively.

    What is the switchport mode for switch port 1?
    I cant for the life of me figure out what i'm dong wrong. I'm familiar with IVR, i've done it before in the real world, but on newer equipment. Is there some sort of gotcha in the works here? The router interface is an ethernet interface by the way (10Mps). Does that affect IVR?
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    Switchport mode for switchport one is trunk. Could the fact that the Routers port is ethernet be the problem? I've read somewhere that the router port must be fastethernet ports. Is that a killer for the routing portion?

    No management info has been set up on the switch, didnt think it was necessary to route between two vlans. I did set up management in the first pass, but I decided it was uneccessary. So in the simpler pass, I left it out. Could that be the problem?

    Basically the router is setup with 2 subinterfaces, both with the commands encapsulation dot1q 10 and encapsulation dot1q 20 for each subinterface (the subs are named .10 and .20). The ports between the hosts and the switch are assigned to those vlans and are static access ports. The port between the switch and the router on both ends are static trunk ports. No IP address on the physical port of the router, only on the subs. The router is a 3640 and the switch is a 2950. The router has only a single ethernet port (10MB), but I manually configured the ports connecting it to the switch as full duplex. The same was done on the switch.

    Thanks for the article, i'll check that one out but i'm very familiar with the process of intervlan routing. I think its most likely an equipment issue. This equipment is all new to me, i've not seen a 10mb link in quite some time :)
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • Ryan82Ryan82 Member Posts: 428
    Yes, must be 100 mbps or higher for ROAS
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    No way around that? Why is that anyway? I've read it was because of the duplex of ethernet. But I set the duplex to full. Is Eth not able to truly operate in full duplex?
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • tech-airmantech-airman Member Posts: 953
    SysAdmin4066,
    Switchport mode for switchport one is trunk. Could the fact that the Routers port is ethernet be the problem? I've read somewhere that the router port must be fastethernet ports. Is that a killer for the routing portion?

    Have you configured that trunk switch port to allow VLAN 10 and VLAN 20?
    No management info has been set up on the switch, didnt think it was necessary to route between two vlans. I did set up management in the first pass, but I decided it was uneccessary. So in the simpler pass, I left it out. Could that be the problem?

    Basically the router is setup with 2 subinterfaces, both with the commands encapsulation dot1q 10 and encapsulation dot1q 20 for each subinterface (the subs are named .10 and .20). The ports between the hosts and the switch are assigned to those vlans and are static access ports. The port between the switch and the router on both ends are static trunk ports. No IP address on the physical port of the router, only on the subs. The router is a 3640 and the switch is a 2950. The router has only a single ethernet port (10MB), but I manually configured the ports connecting it to the switch as full duplex. The same was done on the switch.

    Thanks for the article, i'll check that one out but i'm very familiar with the process of intervlan routing. I think its most likely an equipment issue. This equipment is all new to me, i've not seen a 10mb link in quite some time :)
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    It should allow all vlans by default. I didnt exclude them. I have just recieved my 2620XM one of few I am waiting on so I will try it out with its FE port tomorrow morning. I'm pretty sure now at this point that that's the problem. What modules either WIC or NM should I get for FE ports for the other routers I have. I have a few 2610s, all with Ethernet ports.
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • tech-airmantech-airman Member Posts: 953
    It should allow all vlans by default. I didnt exclude them. I have just recieved my 2620XM one of few I am waiting on so I will try it out with its FE port tomorrow morning. I'm pretty sure now at this point that that's the problem. What modules either WIC or NM should I get for FE ports for the other routers I have. I have a few 2610s, all with Ethernet ports.

    SysAdmin4066,

    Did you configure switch port 1 to run at 10 Mbps speed?
  • bighornsheepbighornsheep Member Posts: 1,506
    Ryan82 wrote: »
    Yes, must be 100 mbps or higher for ROAS

    No, not necessarily.
    No way around that? Why is that anyway? I've read it was because of the duplex of ethernet. But I set the duplex to full. Is Eth not able to truly operate in full duplex?

    Yes, if you are running the correct version of IOS on the 261x with 10BaseT ports, you can do dot1q trunking.

    802.1Q Encapsulation Support on Cisco 2600/3600 Series Routers [Cisco 2600 Series Multiservice Platforms] - Cisco Systems
    Jack of all trades, master of none
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    Well I was able to get it to work with a 2620XM with FE port. It worked fine, brilliantly. I did set the speed to 10 on the switch port for the original attempts. I am going to keep messing with it, but i've seen other places that you cant do the inter-vlan routing on a eth port. 802.1Q trunking is not necessarily router on a stick configuration. You may be able to pass trunking information across a port, but it wouldnt route the information. I could have done something wrong but man, I beat that thing up and just couldnt get it to work. Chris Bryant says it has to be 100 MB FE. Who am I to argue with him lol. Seriously though, I was not aware of this caveat because in the real world, I havent worked with 10 mb links in a long time. Has anyone done inter-vlan routing with a 2610, the native built in eth port and a 2950 switch? If it has been done by someone else, it can be done again right?

    Read the article you posted. It did allow the encapsulation, but when it came to routing the connection it wouldnt. I'm gonna mess with it some more tonight. Fun stuff!
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • kryollakryolla Member Posts: 785
    it has to be full duplex in order for it to work and there is some 10m full duplex ports out there. Also just because you can manually set it to full duplex doesnt mean it is operating in full duplex
    Studying for CCIE and drinking Home Brew
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    kryolla wrote: »
    it has to be full duplex in order for it to work and there is some 10m full duplex ports out there. Also just because you can manually set it to full duplex doesnt mean it is operating in full duplex

    Thanks, that's more so what I was asking. It seems that even though you can set it to be full dup, it isnt actually full. Weird.
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • tech-airmantech-airman Member Posts: 953
    Well I was able to get it to work with a 2620XM with FE port. It worked fine, brilliantly. I did set the speed to 10 on the switch port for the original attempts. I am going to keep messing with it, but i've seen other places that you cant do the inter-vlan routing on a eth port. 802.1Q trunking is not necessarily router on a stick configuration. You may be able to pass trunking information across a port, but it wouldnt route the information. I could have done something wrong but man, I beat that thing up and just couldnt get it to work. Chris Bryant says it has to be 100 MB FE. Who am I to argue with him lol. Seriously though, I was not aware of this caveat because in the real world, I havent worked with 10 mb links in a long time. Has anyone done inter-vlan routing with a 2610, the native built in eth port and a 2950 switch? If it has been done by someone else, it can be done again right?

    Read the article you posted. It did allow the encapsulation, but when it came to routing the connection it wouldnt. I'm gonna mess with it some more tonight. Fun stuff!

    SysAdmin4066,

    Did you configure a routing protocol on the router?
  • kryollakryolla Member Posts: 785
    SysAdmin4066,

    Did you configure a routing protocol on the router?

    Dude you need to re-take your CCNA, the questions you ask is fundamental. All routes the router has is directly connected for ROAS, his issue is 10m is half duplex and you need full duplex for ROAS
    Studying for CCIE and drinking Home Brew
  • 72u7h72u7h Member Posts: 2 ■□□□□□□□□□
    Lesson to the wise, always start at layer 1 :) Long ago I had issues with this and I can see the frustration. We want to handle the more advanced stuff, but in reality it's the simple stuff that trips me up. I was once working with BGP route reflectors, and was like why doesn't it work - only to find out I had an interface shut down somewhere.

    In all things practical ROAS is definitely not what I want to use. For doing IVR Have you considered getting a 3550? They run about 200 on ebay (bought one 3 weeks ago for 199 shipped free) and you can have one less thing to worry about......of course the 3550 doesn't have all the advance QOS features like the 3560.....but I am digressing now.

    Oh and hey all, I have been lurking around for a while so my first post :)
Sign In or Register to comment.