[e-nsp] Layer 2/3 VLAN Issue between two switches

root net rootnet08 at gmail.com
Thu Mar 21 07:39:57 EDT 2013 

Hello All,

I am faced with a issue.

I have for this scenario, one router, two switches and one server.

router on a stick <-tagged-> switch 1 <-tagged-> switch 2 -> (untagged)
server (dual nic/port)

Vlans
2 = staff
3 = mgmt
4 = servers

switch 1 = bd6808 7.8e.4-1 MSM64ix2
switch 2 = summit 400-48T 7.8e.4-1

switch 1 and switch 2 are connected over copper.
router and switch 2 are connected over copper.

If I plug the server directly into switch 1 the server can ping gateway on
router and switch 1 but not any device in same vlan on switch 2, just
switch 1 and router.
If I plug the server into switch 2 the server cannot ping anything but
other servers on that vlan only on switch 2.

Not sure what's wrong haven't had much sleep so it could be something
simple I'm missing.

I can see the mac address of switch 2 if I try to ping but can't get a
successful ping. I can also see the other switch if I enable edp on the
port.

sh iparp on switch 2 when try to ping 192.168.100.2

192.168.100.2   (incomplete)         0   NO  servers[0004]


BD6808:9 # sh iparp (switch 1)
Destination     Mac                Age Static  VLAN    [VID]   Port
192.168.100.1   00:0F:34:57:A7:00    5   NO  servers[0004]  2:25 (to router)
192.168.100.3   00:04:96:18:49:C0    1   NO  servers[0004]  6:3 (to switch
2)


router

interface fa0/0
no ip add
!
!
!
interface fa0/0.4
encap dot1q 4
ip add 192.168.100.1 255.255.255.0


switch 1

IGMP snooping is enabled for all vlans BTW

# Config information for VLAN servers.
configure vlan "servers" tag 4     # VLAN-ID=0xc  Global Tag 28
configure vlan "servers" protocol "ANY"
configure vlan "servers" qosprofile "QP1"
configure vlan "servers" qosprofile ingress none
configure vlan "servers" ipaddress 192.168.100.2 255.255.255.0
configure vlan "servers" add port 2:25 tagged (port to router)
configure vlan "servers" add port 6:3 tagged (port to switch 2)

# -- IP Interface[1] = "servers"
enable icmp unreachable vlan "servers"
enable icmp redirects vlan "servers"
enable icmp port-unreachables vlan "servers"
enable icmp time-exceeded vlan "servers"
enable icmp parameter-problem vlan "servers"
disable icmp timestamp vlan "servers"
disable icmp address-mask vlan "servers"
enable subvlan-proxy-arp "servers"
configure ip-mtu 1500 vlan "servers"

# IP ARP Configuration

configure iparp timeout 20
configure iparp max-entries 4096
configure iparp max-pending-entries 256
enable iparp checking
enable iparp refresh
#

switch 2

IGMP snooping is enabled for all vlans

# Config information for VLAN servers.
configure vlan "servers" tag 4     # VLAN-ID=0xc  Global Tag 7
configure vlan "servers" protocol "ANY"
configure vlan "servers" qosprofile "QP1"
configure vlan "servers" ipaddress 192.168.100.3 255.255.255.0  (only
configured to see if could ping)
configure vlan "servers" add port 15 untagged (to server)
configure vlan "servers" add port 31 untagged (to server)
configure vlan "servers" add port 9 tagged   (going to switch 1)

# -- IP Interface[4] = "servers"
enable icmp unreachable vlan "servers"
enable icmp redirects vlan "servers"
enable icmp port-unreachables vlan "servers"
enable icmp time-exceeded vlan "servers"
enable icmp parameter-problem vlan "servers"
disable icmp timestamp vlan "servers"
disable icmp address-mask vlan "servers"
configure ip-mtu 1500 vlan "servers"

# IP ARP Configuration

configure iparp timeout 20
configure iparp max-entries 4096
configure iparp max-pending-entries 256
enable iparp checking
enable iparp refresh
#



Any help is much appreciated!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/extreme-nsp/attachments/20130321/c180595b/attachment.html>

More information about the extreme-nsp mailing list