So, I've done some more testing.<div><br></div><div>I've added an additional switch connected to switch 1. And I've also added the vlan and from switch 1 to switch 3 it works fine. I can ping just fine.</div><div>
<br></div><div>I've connected switch 3 to switch 2 and tagged the vlan across it and I can ping just fine from switch 2 to switch 3. </div><div><br></div><div>I can now ping from switch 2 to switch 1 but only if switch 3 is in the mix. I can also ping to the router. I've been over the configs and checked the fdb and it's almost like the switch 1 is blocking switch 2 from talking to it.</div>
<div><br></div><div>Not sure what the issue is. I've got learning on.</div><div><br></div><div>From switch 1 showing a fdb of the port switch 2 is connected to.</div><div><br></div><div>I see</div><div><br></div><div>
<div>FF:FF:FF:FF:FF:FF servers(0004) 0000000 0000 s m CPU, 2:25(router), 6:3(switch 2), 8:4(switch 3)</div></div><div><br></div><div><br></div><div>From switch 2 showing a fdb of the prot switch 1 is connected to.</div>
<div><br></div><div>08010-206 FF:FF:FF:FF:FF:FF servers(0004) 0000000 0000 s m CPU, 9, 25</div><div><br></div><div>port 25 is to switch 3</div><div>port 9 is to switch 2</div><div><br></div><div><br></div><div>Any help is appreciated.</div>
<div>Thanks</div><div><br><div class="gmail_quote">On Thu, Mar 21, 2013 at 6:39 AM, root net <span dir="ltr"><<a href="mailto:rootnet08@gmail.com" target="_blank">rootnet08@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello All,<br><br>I am faced with a issue.<br><br>I have for this scenario, one router, two switches and one server.<br><br>router on a stick <-tagged-> switch 1 <-tagged-> switch 2 -> (untagged) server (dual nic/port)<br>
<br>Vlans<br>2 = staff<br>3 = mgmt<br>4 = servers<br><br>switch 1 = bd6808 7.8e.4-1 MSM64ix2<br>switch 2 = summit 400-48T 7.8e.4-1<br><br>switch 1 and switch 2 are connected over copper.<br>router and switch 2 are connected over copper.<br>
<br>If I plug the server directly into switch 1 the server can ping gateway on router and switch 1 but not any device in same vlan on switch 2, just switch 1 and router.<br>If I plug the server into switch 2 the server cannot ping anything but other servers on that vlan only on switch 2.<br>
<br>Not sure what's wrong haven't had much sleep so it could be something simple I'm missing.<br><br>I can see the mac address of switch 2 if I try to ping but can't get a successful ping. I can also see the other switch if I enable edp on the port.<br>
<br>sh iparp on switch 2 when try to ping 192.168.100.2<br><br>192.168.100.2 (incomplete) 0 NO servers[0004]<br><br><br>BD6808:9 # sh iparp (switch 1)<br>Destination Mac Age Static VLAN [VID] Port<br>
192.168.100.1 00:0F:34:57:A7:00 5 NO servers[0004] 2:25 (to router)<br>192.168.100.3 00:04:96:18:49:C0 1 NO servers[0004] 6:3 (to switch 2)<br><br><br>router <br><br>interface fa0/0<br>no ip add<br>!<br>
!<br>!<br>interface fa0/0.4<br>encap dot1q 4<br>ip add 192.168.100.1 255.255.255.0<br><br><br>switch 1<br><br>IGMP snooping is enabled for all vlans BTW<br><br># Config information for VLAN servers.<br>configure vlan "servers" tag 4 # VLAN-ID=0xc Global Tag 28<br>
configure vlan "servers" protocol "ANY"<br>configure vlan "servers" qosprofile "QP1" <br>configure vlan "servers" qosprofile ingress none<br>configure vlan "servers" ipaddress 192.168.100.2 255.255.255.0 <br>
configure vlan "servers" add port 2:25 tagged (port to router)<br>configure vlan "servers" add port 6:3 tagged (port to switch 2)<br><br># -- IP Interface[1] = "servers"<br>enable icmp unreachable vlan "servers"<br>
enable icmp redirects vlan "servers"<br>enable icmp port-unreachables vlan "servers"<br>enable icmp time-exceeded vlan "servers"<br>enable icmp parameter-problem vlan "servers"<br>
disable icmp timestamp vlan "servers"<br>
disable icmp address-mask vlan "servers"<br>enable subvlan-proxy-arp "servers"<br>configure ip-mtu 1500 vlan "servers"<br><br># IP ARP Configuration<br><br>configure iparp timeout 20<br>configure iparp max-entries 4096<br>
configure iparp max-pending-entries 256<br>enable iparp checking<br>enable iparp refresh<br>#<br><br>switch 2<br><br>IGMP snooping is enabled for all vlans<br><br># Config information for VLAN servers.<br>configure vlan "servers" tag 4 # VLAN-ID=0xc Global Tag 7<br>
configure vlan "servers" protocol "ANY"<br>configure vlan "servers" qosprofile "QP1" <br>configure vlan "servers" ipaddress 192.168.100.3 255.255.255.0 (only configured to see if could ping)<br>
configure vlan "servers" add port 15 untagged (to server)<br>configure vlan "servers" add port 31 untagged (to server)<br>configure vlan "servers" add port 9 tagged (going to switch 1)<br>
<br>
# -- IP Interface[4] = "servers"<br>enable icmp unreachable vlan "servers"<br>enable icmp redirects vlan "servers"<br>enable icmp port-unreachables vlan "servers"<br>enable icmp time-exceeded vlan "servers"<br>
enable icmp parameter-problem vlan "servers"<br>disable icmp timestamp vlan "servers"<br>disable icmp address-mask vlan "servers"<br>configure ip-mtu 1500 vlan "servers"<br><br># IP ARP Configuration<br>
<br>configure iparp timeout 20<br>configure iparp max-entries 4096<br>configure iparp max-pending-entries 256<br>enable iparp checking<br>enable iparp refresh<br>#<br><br><br><br>Any help is much appreciated!<br>
</blockquote></div><br></div>