Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Inter-Vlan Routing Question

Status
Not open for further replies.
phillroc

phillroc

IS-IT--Management
Nov 30, 2011
2
US
Hi,

I am relatively new to managed switch configuration so please bear with me here as I try to explain my issue.

I have three Cisco 3560 switches with 3 VLAN's. The main networked vlan is 10.1.1.0, I have a VoIP vlan at 10.1.20.0 and a newly added VLAN at 10.1.2.0

I have a Cisco ASA 5510 as my perimeter firewall at 10.1.1.254, but use one of the switches as a gateway. My DHCP server has two NIC's, one on 10.1.1.x and one on 10.1.2.x,

-I can ping the VLAN gateway addresses on the 10.1.2.x subnet from 10.1.1.1
-If I setup a static ip on the 10.1.2.x subnet I can NOT ping anything on 10.1.1.0 or get out to the internet
-My PBX box, setup on 10.1.20.x with a gateway of 10.1.20.252 can get to anything on the other two VLAN's

Here is the config for the switch my dhcp server is connected to:

no aaa new-model
clock summer-time UTC recurring last Sun Mar 1:00 last Sun Oct 2:00
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-2,20 priority 24576
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1-21 (all the same)
description Data+Voice
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast

interface GigabitEthernet0/22 -- Second NIC on dhcp server to this interface
description Data+Voice
switchport access vlan 2
switchport trunk allowed vlan 1,2,20
spanning-tree portfast

--Rest of interfaces same as 0/1--



interface Vlan1
ip address 10.1.1.251 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan2
ip address 10.1.2.251 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan20
ip address 10.1.20.251 255.255.255.0
ip helper-address 10.1.1.4
!
ip default-gateway 10.1.1.254
no ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.254
ip http server
!

Here is the config for my 10.1.1.x network gateway:

!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 1-2,20 priority 24576
!
vlan internal allocation policy ascending
!
interface GigabitEthernet0/1
description ASA Interface
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast
!
interface GigabitEthernet0/2
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/3
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/4
description ShoreTel System
switchport access vlan 20
switchport trunk allowed vlan 1,2,20
spanning-tree portfast
!
interface GigabitEthernet0/5-52
description Data+Voice
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,2,20
switchport mode trunk
spanning-tree portfast

interface Vlan1
ip address 10.1.1.252 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan2
ip address 10.1.2.252 255.255.255.0
ip helper-address 10.1.1.4
!
interface Vlan20
ip address 10.1.20.252 255.255.255.0
ip helper-address 10.1.1.4
!
ip default-gateway 10.1.1.254
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.254
ip http server
!
!
control-plane
!


I think that is just about everything...Any help that anyone could provide would be greatly appreciated.






 
Sort by date Sort by votes
When you set up the static on 10.1.2.X what did you use as the gateway on the nic ? Should be 10.1.2.252. You dont need the ip default gateway command on the switch if you are routing. I dont really understand what you have there with 2 switches routing the same ip space . If these 3560's are tied together only one should be doing any routing of the address space and the other 2 should be trunked off the one main router. Perhaps a drawing would help.
 
Upvote 0 Downvote
Hi Viper, Thanks for the info

I did indeed try it with a gateway of 10.1.2.252 when setting it static to no avail. My intention with the second subnet was to just expand available IP addresses seamlessly. Everything should be able to see everything.

You'll have to forgive me as I am relatively new to managed switch configuring, I have a much stronger background in PIX/ASA's...That said, during the configuration I may have put 'ip routing' line in the others for troubleshooting steps without really knowing exactly what I was doing. Would that cause my issues, or is it more of a best practice?

Thanks again for replying, I will start by taking out the ip route on the 251/253 switches.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Pankaj88
  • Locked
  • Question
BGP Routing Clarification
Replies
0
Views
353
Pankaj88
Pankaj88
Zero6
  • Locked
  • Question
question about cisco cbs 350-12xs 12 port 10g sfp+
Replies
0
Views
341
Zero6
Zero6
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
493
nt8d09
nt8d09
cheikhdtn
  • Locked
  • Question
VLAN
Replies
3
Views
270
iggsterman
iggsterman
mikey789
  • Locked
  • Question
Can 4000-M Routing VLANs ?
Replies
0
Views
206
mikey789
mikey789

Part and Inventory Search

Sponsor

Back
Top