Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
george_s
New Contributor
‎09-16-2013 11:01 AM

1638p standalone InterVLAN routing

Jump to solution

I have 2 1638P's at a single site. Both are on R10.9.0.HA OS. The switches are connected with fiber on xgigabit 1/1:

interface xgigabit-switchport 1/1

  description Tie to BLDG 2

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  qos trust cos

  speed auto

I have 2 VLANs:

interface vlan 1

  ip address  199.248.249.240  255.255.255.0 ( i know this is a public address, this is inherited and will eventually be changed)

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.10.1  255.255.255.0

  ip route-cache express

  no shutdown

!

I want devices on VLANs to be able to communicate with each other, using the 1638P for routing between the VLANs.


Right now if I have PC's on gi 0/2 with an IP address of 199.248.249.210/24 and gi 0/3 with an IP address of 192.168.10.100/24, I cannot ping between the 2. Can you tell me what I am missing?


Here are the port configs:

interface gigabit-switchport 0/1

  description Router/Firewall Port

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/2

  spanning-tree edgeport

  no shutdown

  qos trust cos

!

interface gigabit-switchport 0/3

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎09-17-2013 12:05 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for asking this question in the support community.  Based on the configuration example you provided, it appears that gigabit-switchport 0/2 and 0/3 are both in VLAN 1 (the native VLAN) for the PCs.  Therefore, since one computer is configured in the VLAN 1 subnet, and the other is in the VLAN 10 subnet, but both of the switchports are configured for VLAN 1, this will not work.  When you get a chance, could you configure switchport 0/3 to be in VLAN 10, as follows, and try the connectivity tests again:

# configure terminal

(config)# interface gigabit-switchport 0/3

(config-giga-swx 0/3)# switchport access vlan 10

Also, I recommend the firewalls are disabled on the PCs during your testing.  Is the NV1638 acting as a Layer 3 switch with the global command ip route-cache express?

Please, do not hesitate to reply to this post with any questions or additional information.  I will be happy to help in any way I can.

Levi

View solution in original post

0 Kudos
Reply
4 Replies
Anonymous
Not applicable
‎09-17-2013 12:05 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for asking this question in the support community.  Based on the configuration example you provided, it appears that gigabit-switchport 0/2 and 0/3 are both in VLAN 1 (the native VLAN) for the PCs.  Therefore, since one computer is configured in the VLAN 1 subnet, and the other is in the VLAN 10 subnet, but both of the switchports are configured for VLAN 1, this will not work.  When you get a chance, could you configure switchport 0/3 to be in VLAN 10, as follows, and try the connectivity tests again:

# configure terminal

(config)# interface gigabit-switchport 0/3

(config-giga-swx 0/3)# switchport access vlan 10

Also, I recommend the firewalls are disabled on the PCs during your testing.  Is the NV1638 acting as a Layer 3 switch with the global command ip route-cache express?

Please, do not hesitate to reply to this post with any questions or additional information.  I will be happy to help in any way I can.

Levi

0 Kudos
Reply
george_s
New Contributor
‎09-17-2013 12:52 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

Thanks for the reply Levi, I appreciate the assist!

Here is what I have done:

PC#1 Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :

     IPv4 Address. . . . . . . . . . . : 192.168.10.100

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.10.1

on switchport 3

PC#2

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :

     IPv4 Address. . . . . . . . . . . : 199.248.249.100

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 199.248.249.239

on switchport 2

I can ping the local gateways from each pc, but not the other pc

Here is the sho run with the changes:

BLDG_1#sho run

Building configuration...

!

!

! ADTRAN, Inc. OS version R10.9.0.HA

! Boot ROM version R10.3.0.SB

! Platform: NetVanta 1638P, part number 1700569F1

! Serial number LBADTN1330AC109

!

!

hostname "BLDG_1"

enable password encrypted 45417c969624fbb572faea17d3bf694b7d0b

!

clock timezone -6-Central-Time

clock no-auto-correct-DST

!

ip subnet-zero

ip classless

ip default-gateway 199.248.249.200

ip routing

domain-name "customer.com"

name-server 199.248.249.219 199.248.249.120

!

!

ip route-cache express

!

no auto-config

!

event-history on

no logging forwarding

no logging email

!

service password-encryption

!

username "admin" password encrypted "2921684f70c8e5f65910e17ad71b507967cd"

username "customer" password encrypted "3632860a05f03c30d946651decec5e91b7ef"

username "vendor" password encrypted "464e740d5eea99e0046f3e3b8fe320bf9b29"

!

banner motd 1

NO UNAUTHORIZED ACCESS!!! 1

!

!

!

no dot11ap access-point-control

no dos-protection

no desktop-auditing dhcp

no network-forensics ip dhcp

!

!

!

qos queue-type strict-priority

!

qos dscp-cos 46 to 5

! DSCP to CoS mapping only operates on ports that have 'qos trust cos' applied

!

!

!

vlan 1

  name "Default"

!

vlan 10

  name "Voice_VLAN"

!

interface eth 0/1

  no ip address

  shutdown

!

!

interface gigabit-switchport 0/1

  description To FIREWALL/ROUTER

  spanning-tree edgeport

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/2

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/3

  spanning-tree edgeport

  no shutdown

  switchport access vlan 10

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/4

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

!

interface gigabit-switchport 0/47

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

interface gigabit-switchport 0/48

  spanning-tree edgeport

  no shutdown

  switchport voice vlan 10

  qos trust cos

!

!

interface xgigabit-switchport 1/1

  description BLDG2 TRUNK

  no shutdown

  switchport mode trunk

  switchport trunk allowed vlan 1,10

  qos trust cos

  speed auto

!

interface xgigabit-switchport 1/2

  no shutdown

  switchport mode access

  speed auto

!

!

!

interface vlan 1

  ip address  199.248.249.239  255.255.255.0

  ip route-cache express

  no shutdown

!

interface vlan 10

  ip address  192.168.10.1  255.255.255.0

  ip route-cache express

  no shutdown

!

!

no tftp server

no tftp server overwrite

http server

http secure-server

no snmp agent

no ip ftp server

ip ftp server default-filesystem flash

no ip scp server

no ip sntp server

!

!

line con 0

  login local-userlist

  password encrypted 2622805029c6d744b272afd26cef4452f21a

!

line telnet 0 4

  login local-userlist

  password encrypted 32364d4c499a28f5792d01841d942bd166fe

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

!

!

end

BLDG_1#

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎09-17-2013 01:36 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

:

Thank you for replying with this information.  Is the firewall disabled on both PCs?  Can PC#1 (which is in VLAN 10) ping the VLAN 1 interface?  Can PC#2 (which is in VLAN 1) ping the VLAN 10 interface?  What happens on a tracert from PC1 to PC2 and vice-versa?

Levi

0 Kudos
Accept as Solution Reply
george_s
New Contributor
‎09-17-2013 03:36 PM

Re: 1638p standalone InterVLAN routing

Jump to solution

Hi Levi:

I had firewall issues on one of the machines, in that even with the service disabled it would not respond to pings. I swapped machines and all is good

  • From PC#1 VLAN10, I can ping 192.168.10.1, 199.248.249.239, and 199.248.249.100
  • From PC#1 tracert is good to the machine
  • From PC#2 VLAN1, I can ping 199.248.249.239, 192.168.10.1 and 192.168.10.100
  • From PC#2 tracert is goo to the machine
  • From the console port, I can ping both gateways, and machines

So your original diagnosis was good, and I am now able to route between VLANs. Thanks again for taking the time to help me out

0 Kudos
Accept as Solution Reply