[c-nsp] Routing problem on 4006 with extended VLANs

[Francois Corthésy]

Hi all,

I have a 4006 (Cat4232 running 12.0(25)W5), in which I had to configure 
an extended VLAN (>1025).
I've configured the switch part (running CatOS 7.6) using the "set 
spantree macreduction enable" command, and configured my ports 
accordingly with all the allow VLAN/native VLAN gooey bits.
I've configured the router part, running IOS,  with a new sub-interface 
and encapsulation, which looks like this :

interface GigabitEthernet4.3524
 encapsulation dot1Q 3524
 ip address xxx.xxx.6.225 255.255.255.252

When I connect to the 4006's port which I have configured for this VLAN, 
I can ping the 4006 without problem, I can even ping the 4006 loopback IP.
Here is my problem, I can't ping anything else behind the 4006, nor can 
I ping my device from the rest of the network, even though I can ping it 
from the 4006.
Now I know this sounds like I'm missing a default route on the device I 
connected to the 4006, but I triple checked and it's not the case, 
besides I can ping the Loopback interface on the 4006, which is on a 
different subnet.

It seems as though I have a routing problem on the 4006 but I can't put 
my finger on it.
Here is some diagnostic I did :
#sho ip route xxx.xxx.6.224
Routing entry for xxx.xxx.6.224/30
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Redistributing via eigrp 123
  Routing Descriptor Blocks:
  * directly connected, via GigabitEthernet4.3524
      Route metric is 0, traffic share count is 1

#sho ip cef gi4.3524
Prefix              Next Hop             Interface
xxx.xxx.6.224/30    attached             GigabitEthernet4.3524
xxx.xxx.6.226/32    xxx.xxx.6.226        GigabitEthernet4.3524

This switch is also running EIGRP and this subnet gets correctly 
advertised to its neighbors.

Lastly, for a quick sanity check, I moved the VLAN 3524 IP's to another 
VLAN interface, one that is sub 1004, and the routing works fine.

What am I missing here ?

Francois