[c-nsp] C3750G-24TS-E: Routing issue between procted switchports
Daniel Bradler
bradler at bk.de
Thu Aug 5 08:57:32 EDT 2010
Hi,
I have a routing issue on a C3750G-24TS-E (SW version 12.2(53)SE2) with
the switchport procted feature enabled.
In short, my configuration looks as follows:
interface GigabitEthernet1/0/13
switchport access vlan 910
switchport mode access
switchport protected
!
interface GigabitEthernet1/0/14
switchport access vlan 910
switchport mode access
switchport protected
!
interface Vlan910
ip address 80.83.127.1 255.255.255.248
!
ip route 80.83.122.0 255.255.255.0 Vlan910
ip route 80.83.123.0 255.255.255.0 Vlan910
There are two test servers connected to port 1/0/13 and 1/0/14. These
servers have IP adresses from 80.83.122.0/24 and 80.83.123.0/23 with
255.255.255.255 as subnet mask and use 80.83.127.1 as default gateway.
The intention of this configuration is to prevent a communication
between the servers on Layer 2 and have all data traffic forwarded
through the switch as a Layer 3 gateway.
The setup works well as long as the servers have IP adresses in
different /24 subnets. If both servers have IP adresses from the same /24
subnet, e.g. 80.83.122.2/32 and 80.83.122.3/32, the data traffic isn't
forwarded. If the "switchport procted" feature is disabled, traffic is
forwarded - hence the issue is obviously related to that feature. The
problem still exists, when the route for 80.83.122.0/32 on the switch is
replaced by host routes for 80.83.122.2/32 and 80.83.122.3/32. So there
seems to be an internal restriction for /24 subnets.
Is there any known possiblity to use protected ports and have the
traffic forwarded, even if IP adresses in the same /24 subnet are used?
Thanks in advance
Daniel Bradler
More information about the cisco-nsp
mailing list