Two quick VLAN routing questions

lets say I have a L3 switch routing 4 VLANs
VLAN 1 is 192.168.10.0/24, the switch's virtual interface is 192.168.10.254 inside this vlan
VLAN 2 is 192.168.20.0/24, the switch's virtual interface is 192.168.20.254 inside this vlan
VLAN 3 is 192.168.30.0/24, the switch's virtual interface is 192.168.30.254 inside this vlan
VLAN 4 is 192.168.40.0/24, the switch's virtual interface is 192.168.40.254 inside this vlan
there is only one router going out from this switch to the net, and lets say it is in VLAN 1 and it's address is 192.168.10.1
first question-- inside of the L3 switch I will need to add a default route of 0.0.0.0 0.0.0.0 192.168.10.1
so that all traffic not corresponding to a 192.168.x.x address knows where to get out to the net, correct?
secondly- when configuring that router, is there a difference if I use the following static route:
192.168.20.0 255.255.255.0 192.168.10.254
instead of
192.168.20.0 255.255.255.0 192.168.20.254
either way, the packet gets to the L3 switch, but in one case it gets there via the VLAN interface inside of VLAN 1, and in the other case, it gets there via the VLAN interface inside of the VLAN for which the traffic is destined anyway. what im trying to figure out is, will this make any difference at all? especially in terms of broadcast packets?
if it makes no difference, then is it safe to say that the following static route would be optimal?
192.168.0.0 255.255.0.0 192.168.10.254
Solved!
Go to Solution.

Re "firstly". Correct. The L3 switch will route traffic according to its routing table. By default it knows all IP subnets to which it is directly connected to, i.e. all the VLAN subnets. If you have to add a default route manually or not depends on the exact implementation. It may well be that the L3 switch will use the any default gateway for routing which you use for the IP settings of the switch itself (if there is an option in the web interface to set a default gateway). If you cannot define a default gateway on the L3 switch you probably have to add a static route manually. The easiest way should be to check the current routing table and see if there is a default gateway or not.
Re "secondly". A router can only forward packets to the next hop router. The next hop router must be connected to that router. The route "192.168.20.0 255.255.255.0 192.168.10.254" is correct for a router with IP address 192.168.10.1 and subnet mask 255.255.255.0 as 192.168.10.254 is connected to the router. "192.168.20.0 255.255.255.0 192.168.20.254" is not correct. The router cannot learn the path to a specific subnet 192.168.20.0/255.255.255.0 by using a gateway in that subnet. It is not correct to use that kind of a route and you should not use it even if it might even work (because the router does a plain ARP request to find the MAC address of 192.168.20.254 and your L3 switch will respond to the ARP request even if it is on the internet of 192.168.10.254). The very moment when there would be another router between the 10 and 20 subnets it would not work anymore...
Re your conclusion: I would recommend to keep four static routes for the existing subnets on the L3 switch instead of putting everything into a larger single subnet which includes a lot of addresses which are not connected there. Technically it works if you only use working IP addresses. But you will see some loops if you send something to 192.168.55.50 or similar. The gateway router will send it to the L3 switch which will send it back to the gateway. They should figure it's a loop but still I would not recommend this kind of setup... Add routes for each of the L3 switch subnet...

Similar Messages

  • Vlan routing questions on the 6509

       We have a 6509 VSS at our main site and one vlan (an IP class C size) is comprised of a large number of servers with single Gb interfaces. These are connected to the 6509 via various methods - blade centers with GB portchannels, some directly attached to the core, and some via 4948s with 10Gb trunk uplinks. My question is this...I know we have way too many servers in one subnet (this is not all of our servers) and I know that all broadcasts will hit every individual server but how does the 6509 ASICs handle the packets in and out of the vlan with multiple connections to that vlan on the 6509s?  Can packets get routed through that 6509 vlan router interface simultaneously from the multiple layer 2 connections on the 6509s? What I am asking is if the 6509 vlan routing interface throttles all the Gb interfaces into a single GB interface through the vlan routing interface? What about the few servers on the 10Gb interfaces - are they throttled to a single routing 10Gb interface or does each connection have it's own connection to the routing interface?  What I want to know is if the 6509 acts as though it was like a single separate (1G and 10Gb) router attached to the vlan  - like a bunch of switches connected together with a single separate router attached to one of the interfaces for routing out of the vlan. Thanks

    Packet switching within the vlan is not what I am asking about. I want to understand the process the 6509s use when they route from a vlan (one subnet) to another vlan (subnet) - L3 routing out of the vlan.
    It's pretty much the same thing which is what Reza was explaining.
    It can be helpful sometimes in terms of design etc. to think of a L3 switch as you would if it was a physical router and L2 switches but in terms of forwarding thinking of it like that is misleading.
    In terms of forwarding L3 traffic the SVI does not correspond to the physical interface of the router. The actual interfaces used would, in the case of the 6500, be the physical port connections for the source and destination devices on their corresponding linecards.
    If the linecards did not have DFCs then a part of the packet is sent by the linecard to the PFC for a forwarding decision. If they do have DFCs then they can make the forwarding decision locally.
    Either way the forwarding decision is made by looking at the FIB (Forwarding Information Base) which is stored on the PFC and on each DFC if the linecards have them. The FIB should have entries for connected and remote networks (learnt via the IP routing table), the next hop IP and it's L2 mac address so all the information needed to forward the packet at L3 is there.
    So, as Reza says, the packet is then switched either locally on the linecard from one port to another or is sent from the ingress linecard to the linecard with the egress port via the switch fabric.
    Any bottlenecks within the chassis apply to both L2 and L3 forwarding eg oversubscription etc.
    The above is a very high level view of how it works. If you want to understand it in greater detail it would be worth having a read of the link Reza provided.
    Jon

  • Two SA520 VLAN Scenario Question

    I had a scenario based question and was wondering if it can be solved.
    - Two SA520's
    - Two Internet connections per SA520 (4 separate Internet connections total)
    - Two VLANs per SA520 (4 VLANs total)
    - Each VLAN is bound to a WAN port for Internet (keeps each VLAN on a different Internet connection)
    For this scenario let:
    VLAN A & B be on the first SA520.
    VLAN C & D be on the second SA520.
    VLAN A & B come in as a trunk to the first SA520.
    VLAN C & D come in as a trunk to the second SA520.
    Is it possible to route between all VLANs?
    Edited: 01/12/10 10:10
    Added VLAN Trunk Info.

    No, the VPN policies do not handle that.  They only will handle the traffic from one SA500 to the other SA500.  Internally, the VLAN's are routed to each just by adding the VLAN to the router.  If you have something else, that is not directly connected to the router, you could add a static route or use RIP to discover another subnet.

  • WRVS4400N 801.Q intra-vlan routing question

    Hi all,
    I have a question in regards to the 802.1Q intervlan feature on the WRVS4400N. My goal is to setup a test network with atleast 10 departmental VLAN(s). By reading the WRVS4400N's data sheet I know that it supports up to 4 VLAN(s). I decided to purchase a Linksys SRW224G4 since it can create more than 4 VLAN(s).
    With my previous Cisco experience I used to configure VLAN(s) on a Catalyst 2940 and trunk them to a Cisco 2501 series router by configuring trunk ports on the Catalyst and sub interfaces with 802.1q tagging on the routers.
    I was wondering if I could trunk 10 VLAN(s) from my SRW224G4 to my WRVS4400N?
    This is what I have tried to do so far
    On the SRW224G4 I configured 10 VLAN(s) and set port G1 as a trunk port to port 1 on my WRVS4400N.
    On my WRVS4400N I configured port 1 as a trunk port that accepts all frames.
    When I look at the LAN settings on my WRVS4400N it doesn't give me the option to configure gateways for my VLAN(s). Does this router only support 4 VLAN(s)? if it does is there another router I can look into that has the ability to support more than 4?
    I purchased the Linksys/Cisco small business series thinking that it can provide me with the basics to create a small network. I never thought the WRVS4400N would have a 4 VLAN limitation even when I trunk VLAN(s) from a switch.
    Thanks for the input guys
    Cheers

    Hello,
    i'm new here and planning to do something similar to what you suggest.
    I also have a slm2024 on which i plan to create more than 4 vlans. I'm looking for a gigabit router to route all my network and act as dhcp server. I will connect the switch to the router by a trunk.
    In my setup only 4 of my vlans will need a dhcp server. So if my understanding is correct, the integrated dhcp will be able to serve those 4 vlans if they are created on the router. Is it correct ? In this guide http://www.cisco.com/en/US/docs/routers/csbr/wrvs4400n/administration/guide/WVRS4400N_Admin_Guide_v2.pdf page 60, there is an illustration of dhcp configuration but i don't see anything allowing to select the vlan. How does it work in fact ?
    In my ideal setup, i would like to distribute a different subnet by vlan. Ex : 192.168.2.0 for vlan 2; 192.168.3.0 for vlan 3; etc...
    For the other vlans i would affect static IPs.
    Is this setup possible with this router ? If it's not, which other cisco router would you suggest me ?
    Thanks in advance for your answer.

  • Basic Vlan routing question

    I am connecting a 4503 to a 2950.  I have native Vlan 1 between them on the trunk.  On that vlan 1 the subnet is 172.16.138.0.  The default gateway on the 2950 is 172.16.138.1.  There are devices attached to the 2950 that are all subnet 172.16.98.0.  I need to be able to get those devices to talk to the 4503. The only vlan I had on the 2950 is vlan 1.   I made another vlan on the 2950 but when I try to no sh it I get kicked out of the switch.     Any ideas?              

    The 2950 is a L2 switch and can only have a single vlan interface for management. When you're creating a new vlan, it's kicking you out because the 4500 doesn't have the vlan configured to support the new vlan that you're creating. That being said, you should be able to do the following to route your other subnet:
    If the 4500 vlan 1 subnet is 172.16.138.0/24, and you're wanting to create 172.16.98.0/24, you'll need to do it on the 4500.
    4500: (Assuming you want to create vlan 10)
    vlan 10
    int vlan 10
    ip address 172.16.98.1 255.255.255.0
    Then you'll need to trunk the port that leads to the 2950 - assume that's fa0/1
    int fa0/1
    switchport trunk encaps dot1q
    switchport mode trunk
    Then on the 2950, you'll need to keep your vlan 1 interface:
    int vlan 1
    ip address 172.16.138.2 255.255.255.0
    ip default-gateway 172.16.138.1 <-- this is to get to the management vlan interface above from another subnet
    Then create your vlan that matches on the 4500 (vlan 10)
    vlan 10
    Trunk the port that leads to the 4500 (assuming f0/1)
    int fa0/1
    switchport trunk encaps dot1q
    switchport mode trunk
    Then the ports that you want on vlan 10, you'll put in the vlan:
    int range fa1/2-48
    switchport mode access
    switchport access vlan 10
    Your hosts will use 172.16.98.1 as a default gateway, but that traffic will be routed at the 4500 series switch. The 2950 cannot do the routing for you, but it can carry the vlan information that you need.
    HTH,
    John
    *** Please rate all useful posts ***

  • Two quick email issue questions

    Hello:
    I am a novice when it comes to WiFi's and have a question which deals with it. I am able to send emails from my iPhone when using the Edge service, but when I am using my WiFi connection at home, I am not able to. Nothing happens at all. I can receive emails with no problem.
    Also, occasionally when I receive a picture in an email (ie. taken from my wife's iPhone) I can view the picture a few times, but later I will get the message "message not downloaded from server" (or something like that). Why can I not always view the image? Sometimes I can never view them.
    Thanks very much for the help,
    Scott

    Hey Jolly_mon,
    Most POP accounts provided by Internet Service Providers will only let you send emails when you are connecting to the Internet using their network connection. So, many people use the AT&T EDGE outgoing mail server cwmx.com. This server can only send when connecting to the Internet over the EDGE network.
    Are you using the cwmx.com outgoing mail server? Goto Settings> Mail> tap the account.
    This article provides general tips for send mail issues.
    http://support.apple.com/kb/HT1330
    As for the pictures disappearing from the emails, it sounds like you may have another email client checking the pop server and causing some type of conflict. It could be locking the POP account or removing the attachments from the emails.
    This article provides more information about POP email accounts http://docs.info.apple.com/article.html?path=Mail/2.0/en/ml943.html
    A way to avoid these POP email account issues, is setup a .Mac, Gmail, or Yahoo! account.
    Jason

  • Two quick AIR(AJAX) questions.

    I've been working on developing an AIR interface for a web
    app that I've also been developing. It is necessary for my AIR app
    to minimize to the system tray (on Windows) so it's out of the way.
    I already have that functionality in place, however, I am
    having trouble finding a solution to capture the windows chrome
    minimize event, suppress it, and run my own minimize function.
    I am also wanting a single (or double, doesn't matter) click
    on the tray icon to restore the window. Again, I have the
    functionality in place, but am having trouble capturing the click
    event on the tray icon.
    I'm sure I'm just missing something about how AIR uses
    events, so if y'all would be so kind as to point me in the correct
    direction, I would appreciate it! Thanks!
    -Beau

    For the window minimize event:
    window.nativeWindow.addEventListener(air.NativeWindow.MINIMIZING,
    yourMinimizeFunction);
    function yourMinimizeFunction(event){
    event.preventDefault();
    For the Icon click:
    if(air.NativeApplication.supportsSystemTrayIcon){
    air.NativeApplication.nativeApplication.icon.addEventListener("click",
    clickHandler);
    } else if(air.NativeApplication.supportsDockIcon){
    air.NativeApplication.nativeApplication.addEventListener("invoke",
    clickHandler);
    Note that the events aren't symmetrical between Windows and
    Mac. Windows gives you mouse events, the Mac gives you an invoke
    event. Also, this code has not been checked, there may be typos,
    etc.

  • RV180 Router: Cannot get Inter-VLAN Routing to work.

    I have been banging at this now for two days and just cannot get Inter-VLAN routing working to work on this router.
    Here is the est-up:.
    Upgraded to latest Cisco firmware (1.0.1.9).
    Starting with factory default settings, I added 2 VLANS as follows:
        vlan default(id=1): dhcpmode=server IP=192.168.1.1/24 port 1
        vlan vlan2  (id=2): dhcpmode=server IP=192.168.2.1/24 port 2
        vlan vlan3  (id=3): dhcpmode=server IP=192.168.3.1/24 port 3
                                       (unconnected)
                                         WAN port
                                            |         
                                        Routing/NAT
                                            |
    vlan ip                   192.168.1.1   192.168.2.1   192.168.3.1
    vlan name                   default        vlan2        vlan3
    vlan id                       ID=1          ID=2         ID=3
    Inter-VLAN Routing             No           Yes          Yes
    Port 1                     Untagged       Excluded     Excluded
    Port 2                     Excluded       Untagged     Excluded
    Port 3                     Excluded       Excluded     Untagged
    Port 4(not of interest)    Untagged       Excluded     Excluded
                                Port 1         Port 2       Port 3
                                  |              |            |
                               AdminPC          PC2          PC3
                                           192.168.2.191   192.168.3.181
    PC2 gets assigned an IP Address of 192.168.2.191 (DGW=192.168.2.1) - OK
    PC3 gets assigned an IP Address of 192.168.3.181 (DGW=192.168.3.1) - OK
    PC2 with (IP 192.168.2.191) can ping 192.168.2.1 and 192.168.3.1 - OK
    PC3 with (IP 192.168.3.181) can ping 192.168.3.1 and 192.168.2.1 - OK
    BUT....
    PC2 cannot ping PC3  - NOT WORKING
    PC3 cannot ping PC2  - NOT WORKING
    (does not work in both Gateway Mode and Router Mode)
    ANYONE CAN HELP ME FIGURE OUT WHY ??????
    Your help is much appreciated.
    I bought this device specifically because it supported inter-VLAN routing!.
    Venu
    Supporting Information:
    Screen captures:
    VLAN Membership:
      VLAN ID  Description  Inter VLAN  Device   Port 1    Port 2    Port 3    Port 4  
                            Routing     Mgment
           1   Default      Disabled    Enabled  Untagged  Excluded  Excluded  Untagged  
           2   VLAN2        Enabled     Enabled  Excluded  Untagged  Excluded  Excluded  
           3   VLAN3        Enabled     Enabled  Excluded  Excluded  Untagged  Excluded 
    Multiple VLAN Subnets:
       VLAN ID IP Address   Subnet Mask    DHCP Mode    DNS Proxy Status  
            1  192.168.1.1  255.255.255.0  DHCP Server  Enabled  
            2  192.168.2.1  255.255.255.0  DHCP Server  Enabled  
            3  192.168.3.1  255.255.255.0  DHCP Server  Enabled
    Routing Table (Gateway Mode)
    Destination     Gateway   Genmask         Metric  Ref   Use   Interface   Type     Flags
    127.0.0.1     127.0.0.1   255.255.255.255 1       0     0     lo          Static   UP,Gateway,Host
    192.168.3.0     0.0.0.0   255.255.255.0   0       0     0     bdg3        Dynamic   UP
    192.168.2.0     0.0.0.0   255.255.255.0   0       0     0     bdg2        Dynamic   UP
    192.168.1.0     0.0.0.0   255.255.255.0   0       0     0     bdg1        Static   UP
    192.168.1.0 192.168.1.1   255.255.255.0   1       0     0     bdg1        Static   UP,Gateway
    127.0.0.0       0.0.0.0   255.0.0.0       0       0     0     lo          Dynamic
    Routing Table (Router Mode)
    (Same)

    cadet alain, you hit the nail on the head.    The router was doing Iner-VLAN routing, but the PCs were blocking the pings because they came from another subnet.  Thank you for your help in resolving this.
    I have a follow-up question if I may - I need to add a default route but can't seem to find a way to do that.  Tried adding a static route with IP=0.0.0.0 Mask=0.0.0.0 but it will not allow it.  My current routing table looks like this:
    Destination   Gateway     Genmask           Metric  Ref   Use  Interface  Type    Flags
    127.0.0.1     127.0.0.1   255.255.255.255   1       0     0    lo         Static  UP,Gateway,Host
    192.168.2.0   0.0.0.0     255.255.255.0     0       0     0    bdg2       Dynamic UP
    192.168.1.0   0.0.0.0     255.255.255.0     0       0     0    bdg1       Static  UP
    127.0.0.0     0.0.0.0     255.0.0.0         0       0     0    lo         Dynamic UP
    It routes all packets to VLAN2 and VLAN3 correctly; but if a packet arrives to any other network address, I would like to get it to forward to another gateway on VLAN2 (at address 192.168.2.254).  Can't seem to find a way to add a default route.

  • Cisco Sg500X inter vlan routing - Cisco can you please help - holding up a project

    Hey guys
    I am simply trying to get inter vlan routing working on an SG500X operating in standalone mode.
    I have setup a couple of vlan interfaces on the switch which I assume are routed automatically when ip routing is enabled.
    I can ping these vlan interfaces from a pc on the appropriate VLAN  (ie - I can ping what should be the default gateway and the gateway and IP are setup correctly on the pc's in question but no traffic will pass from pc to pc.
    Have probably missed something obvious - any help would be greatly appreciated, config below:
    skelta-dist#sh run
    config-file-header
    skelta-dist
    v1.3.0.62 / R750_NIK_1_3_647_260
    CLI v1.0
    set system queues-mode 4
    file SSD indicator encrypted
    ssd-control-start
    ssd config
    ssd file passphrase control unrestricted
    no ssd file integrity control
    ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
    vlan database
    vlan 2000,3000,4092-4093
    exit
    voice vlan oui-table add 0001e3 Siemens_AG_phone________
    voice vlan oui-table add 00036b Cisco_phone_____________
    voice vlan oui-table add 00096e Avaya___________________
    voice vlan oui-table add 000fe2 H3C_Aolynk______________
    voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
    voice vlan oui-table add 00d01e Pingtel_phone___________
    voice vlan oui-table add 00e075 Polycom/Veritel_phone___
    voice vlan oui-table add 00e0bb 3Com_phone______________
    bonjour interface range vlan 1
    hostname skelta-dist
    line console
    exec-timeout 0
    exit
    line ssh
    exec-timeout 0
    exit
    line telnet
    exec-timeout 0
    exit
    logging console debugging
    username admin password encrypted 54f0197510fc8f980214826ad98ecc0291956ebc privilege 15
    username cisco password encrypted 007253f1436da456a0880a66bbcc7c1b4a3af284 privilege 15
    username readonly password encrypted 9a27718297218c3757c365d357d13f49d0fa3065
    snmp-server location "Skelta comms room"
    snmp-server contact [email protected]
    ip http timeout-policy 0
    interface vlan 1
     ip address 1.1.1.1 255.255.255.0
     no ip address dhcp
    interface vlan 2000
     name backup
     ip address 192.168.50.241 255.255.255.0
    interface vlan 3000
     name user
     ip address 10.129.53.241 255.255.254.0
    interface vlan 4092
     name server
     ip address 10.129.38.241 255.255.255.0
    interface vlan 4093
     ip address 10.129.100.241 255.255.255.0
    interface gigabitethernet1/1
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/2
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/3
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/4
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/5
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/6
     switchport mode access
     switchport access vlan 3000
    interface gigabitethernet1/7
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/8
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/9
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/10
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/11
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/12
     switchport mode access
     switchport access vlan 4092
    interface gigabitethernet1/13
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/14
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/15
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/16
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/17
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/18
     switchport mode access
     switchport access vlan 4093
    interface gigabitethernet1/19
     switchport mode access
     switchport access vlan 2000
    interface gigabitethernet1/20
     switchport mode access
     switchport access vlan 2000
    interface gigabitethernet1/21
     switchport mode access
     switchport access vlan 2000
    interface gigabitethernet1/22
     switchport mode access
     switchport access vlan 2000
    interface gigabitethernet1/23
     switchport mode access
     switchport access vlan 2000
    interface gigabitethernet1/24
     switchport mode access
     switchport access vlan 2000
    interface tengigabitethernet1/1
     channel-group 1 mode on
    interface tengigabitethernet1/2
     channel-group 1 mode on
    exit
    macro auto disabled
    macro auto processing type host enabled
    macro auto processing type ip_phone disabled
    macro auto processing type ip_phone_desktop disabled
    macro auto processing type router enabled
    macro auto processing type ap disabled
    ip helper-address all 0.0.0.0 7
    skelta-dist#sh ip route
    Maximum Parallel Paths: 1 (1 after reset)
    IP Forwarding: enabled
    Codes: > - best, C - connected, S - static,
           R - RIP
    C   1.1.1.0/24 is directly connected, vlan 1
    C   10.129.38.0/24 is directly connected, vlan 4092
    C   10.129.52.0/23 is directly connected, vlan 3000
    skelta-dist#sh arp
    Total number of entries: 3
      VLAN    Interface     IP address        HW address          status
    vlan 3000  gi1/4      10.129.53.1     a4:5d:36:18:12:d6   dynamic
    vlan 4092  gi1/12     10.129.38.1     04:7d:7b:5b:f1:1f   dynamic
    vlan 4092             10.129.38.2     a4:5d:36:18:12:d6   dynamic
    These are the two VLANs and above are the two ARP entries for the pc's.
    and these are the default gateways:
    skelta-dist#sh ip interface
        IP Address         I/F       Type     Directed   Precedence   Status
                                              Broadcast
    1.1.1.1/24          vlan 1    Static      disable    No         Valid
    10.129.38.241/24    vlan 4092 Static      disable    No         Valid
    10.129.53.241/23    vlan 3000 Static      disable    No         Valid
    10.129.100.241/24   vlan 4093 Static      disable    No         Valid
    192.168.50.241/24   vlan 2000 Static      disable    No         Valid

    Hi Rajeevsh
    Ip routing is turned on, the correct connected routes are in the route table, I can see the arp entries for the two pc's but the two pc's cant ping each other (windows firewall is turned off).
    I CAN ping the vlan interfaces from both pc's but the pc's cant talk to each other.
    The ports are in untagged (switchport access) and obviously in the correct vlans
    skelta-dist#sh ip route address 10.129.38.1
    Maximum Parallel Paths: 1 (1 after reset)
    IP Forwarding: enabled
    Codes: > - best, C - connected, S - static,
           R - RIP
    C   10.129.38.0/23 is directly connected, vlan 4092
    skelta-dist#sh ip route address 10.129.53.1
    Maximum Parallel Paths: 1 (1 after reset)
    IP Forwarding: enabled
    Codes: > - best, C - connected, S - static,
           R - RIP
    C   10.129.53.0/24 is directly connected, vlan 1
    skelta-dist#sh arp
    Total number of entries: 2
      VLAN    Interface     IP address        HW address          status
    vlan 1     gi1/4      10.129.53.1     a4:5d:36:18:12:d6   dynamic
    vlan 4092  gi1/12     10.129.38.1     04:7d:7b:5b:f1:1f   dynamic
    skelta-dist#sh ip interface
        IP Address         I/F      I/F Status      Type     Directed   Precedence   Status
                                    admin/oper               Broadcast
    10.129.38.241/23    vlan 4092  UP/UP         Static      disable    No         Valid
    10.129.53.241/24    vlan 1     UP/UP         Static      disable    No         Valid

  • Vlan routing with Linksys sge2000

    hi I have a Linksys sge2000 with two vlans, one has interface 192.168.50.10 /18 and the second has 192.168.30.10 /24, I need to get communication between these networks, because few computers must access to other network,  so that’s why I ask you for some help, because  until now I couldn’t  find if its possible in this switch thank you in advanceDaniel

    it is not possible for those 2 vlans to communicate with each other unless you hook up a router to those 2 vlans. the device is not capable for inter vlan routing alone so you will need to use layer 3 device.

  • RV130W Inter-VLAN Routing occurs even when disabled

    On my RV130W I have two VLANs set up:
    VLAN1:
    VLAN100:
    Inter-VLAN Routing is NOT enabled:
    Why then am I able to ping hosts in a different VLAN?
    Does this require a bug fix?

    I put my theory to the test and it worked as I thought
    which is that vlan 101 could get to vlan 102 and vice versa
    but vlan 1 could get to either and vice versa
    I take it that this is probably due to how the router os is setup and hardware options on it
    based on that there is probably only a couple of real interfaces
    and that the vlan 1 is assigned to the one of them or to the switch interface
    and the other vlans are just attached to it, 
    vlan 1 has to be able to cross communicate due to my guess that there aren't enough real interfaces
    in that vlan is the end gateway and the other vlans are just virtual gateways if you will
    This is what I did with the ports
    In my lab I actually don't assign vlan 1 to any ports at all, nothing is on it except that actual router
    but I left it on a port for you to see, as it might be handy to connect to in worst case scenarios
    which works because of routing
    as to whether its a feature or a bug or a limitation is hard to say without more info from cisco

  • ACE design with inter-Vlan routing

    Hello all.
    I'm working on a design for a customer where the ACE will perform inter vlan routing.
    A few questions about that :
    - is routed traffic enforced in hardware with some kind of CEF-like mechanism ? (I suppose yes because there is a FIB ? per
    https://supportforums.cisco.com/docs/DOC-19253 ) we expect a certain load and routing is software will not be acceptable
    - if I put my VIPs within the VLANs hosting the application, is there any restriction on accesses made to this VIP (if the VIP is reached after the routing process is performed) ?
    example :
    VLAN2 (client) ----- ACE ----- VLAN3 (servers)192.168.2.0/24                 192.168.3.0/24
    If I try to access the VIP (192.168.3.20) from a PC in the VLAN2 (192.168.2.15) does it work ?
    I assume yes because the VIP appears as a connected /32 in the routing table, I just want to be sure to not fall into some tricky part of code because the access to the VIP is done after the routing process. I just want to be sure there is no drawback / restriction about that.
    Thanks in advance.

    Hello Surya!
    Yes this is possible. You can reach the VIP from one VLAN to another (The VIP is not really inside of the VLAN). Important is to check your ACLs and you need to have the service-policy either globally or local on both VLAN-interfaces.
    And I guess there is nothing like CEF implemented in the ACE, because it is not needed there.
    Cheers,
    Marko

  • I have what is hopefully a quick and easy question. I kno...

    I have what is hopefully a quick and easy question. I know almost nothing about this stuff so go easy on me . All I need to do is find out if my DHCP is enabled. I'm having problems with my Xbox 360 and one of the possible problems is this DHCP thing. However I have no idea how to find the settings for my router on my computer. If it helps I have a Wirless model BEFW11S4. Thanks in advance for any help.

    You need to access your router to check if the DHCP is on.  To access the router open your browser and type in http://192.168.1.1 into the address field and hit enter.  That should open the routers log on screen and by default the user is left blank (some routers it is admin) and the password is abmin.  If you changed your routers password as you should for security reasons then use that password.  That will bring you to your routers user interface and on the main set up page should be your DHCP.
    Richard Aichner (Ikester)

  • Using two Incoming VLANs

    Hi All,
    having trouble to configure the Cisco SRP527w where we have two incoming VLAN's.
    1. vlan1 is for internet (20mbps)
    2. vlan2 is for a specific application (Specific IP Address - 10mbps)
    Somehow we are unable to configure the router to enable PC's connected to the router to access both vlan based to the application specific vlan. Its always routing it through the internet.
    Any help would be appreciated.
    thanks
    arjun

    Yitz, I have labbed your topology.
    I have a SG300 switch acting as a router with 2 vlan interfaces.
    I also have 2 SG200 switches.
    Port 1 from SG300 to port 1 of SG200 = vlan 1 access ports
    Port 48 from SG300 to port 48 of SG200 = vlan 200 access ports
    SG200#1 has LAG #1 port 2,3
    SG200#1 has LAG #2 port 4,5
    SG200#2 has LAG #1 port 2,3
    SG200#2 has LAG #2 port 4,5
    LAG #1 = vlan 1
    LAG #2 = vlan 2
    Oddly enough, spanning tree put my connections in vlan 200 in to discarding state, for both the lag and individual connection.  This is very odd behavior for me as it is pretty common practice to separate networks in this manner especially if you have 2 gateways, but it is also not rare to have a single router with 2 distinct interfaces. Additionally, on the spanning-tree pages, the status will record "N/A" for the LAG ports.

  • Inter VLAN Routing for IEC 61850

    Hello,
    Hoping someone can help me with this query.  I'm in the process of configuring two CGS2520 switches located in two electrical substations.  Each of these switches have Protection Relays and Remote Terminal Units (RTUs) connected to them.  These devices communicate with each other as follows:
    IEC 61850 GOOSE: http://en.wikipedia.org/wiki/Generic_Substation_Events
    IEC 61850 MMS: http://en.wikipedia.org/wiki/IEC_61850
    - Protection Relay to Protection Relay communication within either substation (Using IEC 61850 GOOSE - VLAN 11 and VLAN 21)
    - Protection Relay to Protection Relay communication between substations (Using IEC 61850 GOOSE - VLAN 50)
    - RTU to Protection Relay (Using IEC 61850 MMS - VLAN 10 and VLAN 20)
    I've attached an image (hope that clears things out).  Basically GOOSE traffic is VLAN tagged and and the MMS traffic is untagged.
    I need to be able to route between VLAN 10 and VLAN 20 between the substations and I want to allow VLAN 50 between the substations.  How do I go about configuring this?
    So far I've configured the interfaces as follows:
    Switch A2:
    Fa0/5 and Fa0/7 (Protection Relay Ports)
    port type nni
    switchport trunk native vlan 10
    switchport trunk allowed vlan 11, 50
    switchport mode trunk
    Fa0/3 (RTU Port)
    port type nni
    switchport access vlan 10
    Switch B1
    Fa0/4 and Fa0/5 (Protection Relay Ports)
    port type nni
    switchport trunk native vlan 20
    switchport mode allowed vlan 21, 50
    switchport mode trunk
    Fa0/3 (RTU Port)
    port type nni
    switchport access vlan 20
    Locally at each substation this seems to work (I can ping the Protection Relays from the RTU port and the Protection Relays send each other GOOSE messages).  However I don't know how to configure the inter vlan routing (I want to be able to ping a Protection Relay Substation B from the RTU Port at Substation A) at  and how to configure the switch interfaces that connect to each other?
    Any help is much appreciated.
    Thanks
    Darsh

    Hello DarshanaD,
    Could you fix this? Im asking because I have the same problem right now.
    I'll appreciated if you can tell me how did you configure the inter VLAN routing.
    Thanks
    Ali

Maybe you are looking for

  • Why does my MacBook Pro shut off when I close it?

    When I am done using my MacBook Pro I would usually just shut the lid and the MacBook would then go into sleep mode. In other words later when I pick it up and open it the MacBook screen will light and I can begin using it immediately. However, latel

  • Re creation of database index

    suppose while updation of database, some of the index are not re created at the database level.. some bug in the backend(oracle) i guess.. can we diagnose this thrugh ABAP, i mean can we check if any index has not been recreated in database table upd

  • No Solaris Management Console server was available

    I just installed solaris 8/07 fully patched the OS using smpatch went to use smc and get No Solaris Management Console server was available error. # netstat -a | grep 898 localhost.898 *.* 0 0 49152 0 LISTEN fmri svc:/application/management/wbem:defa

  • Can I use Flash 5? Dreamweaver 4?

    Not sure where else to post this: I recently got an Intel-based iMac and I'm digging it. My G4 Quicksilver finally died. My question is this: I used Dreamweaver 4 and Flash 5 on my G4 to create web stuff. But now when I try to install them on the iMa

  • HT3669 HP Laserjet 1200 not working under OS X 10.8.2

    even though my printer is listed in the above list of supported printers, I still can't get my MBP (OS X 10.8) to install the correct driver for the printer. The error message is: "after installation no correct software was found." Anybody has an ide