S4048T-ON VLAN routing

For some reason the post with the complete config is being removed, so I'm adding a shorter version of it:

interface Vlan 1
 no shutdown
!
interface Vlan 20
 description internet
 no ip address
 untagged TenGigabitEthernet 1/1
 no shutdown
!
interface Vlan 226
 ip address 192.168.26.253/24
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/2-1/3,1/6-1/19,1/21-1/38
 ip helper-address 192.168.26.1
 no shutdown
!
interface Vlan 227
 description renders
 ip address 192.168.27.253/24
 tagged TenGigabitEthernet 1/2
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/53/3
 ip helper-address 192.168.26.1
 no shutdown
!
interface Vlan 228
 description management
 ip address 192.168.28.253/24
 tagged TenGigabitEthernet 1/2
 tagged Port-channel 1-2
 untagged TenGigabitEthernet 1/4-1/5,1/20,1/39-1/48
 no shutdown
!
ip route 0.0.0.0/0 192.168.26.1 
!  
ip domain-name ****** 
!
ip ssh server enable
!
line console 0
line vty 0
line vty 1
line vty 2
line vty 3
line vty 4
line vty 5
line vty 6
line vty 7
line vty 8
line vty 9
!
http-server http
ip http source-interface Vlan 226
!
reload-type
 boot-type normal-reload
 config-scr-download enable
!
end

Hi friend
You can explain more the problem please, and what tshoot have you done

atte

Paulo Lopez V.

Hi there.

As you can see I got 3 VLANS:

- vlan 226 which im using as main for all the workstations, APs, printers

- vlan 227 which is supposed to be for nodes only

- vlan 228 for management, but I dont have problem with it

Vlan 226 works fine. Vlan 227 pings and resolves every host in vlan 226 and vlan 227, but has no internet connectivity and that's my problem. I've added snippet from the running config in my previous post. Let me know if anything else is needed.

I've tried checking the added routes:

show ip route
 *S 0.0.0.0/0 via 192.168.26.1, Vl 226

This one seems to be working for VLAN 226.

The configuration on the switch looks okay to me. And you know VLAN routing is working, because devices can communicate across VLANs. Just to confirm, is 192.168.26.1 your default gateway/firewall? Does 192.168.26.1 have routes directing traffic back to the internal subnets?

The route would look something like this

ip route 192.168.27.0 192.168.26.253

This tells the firewall that any traffic destined for VLAN 227 subnet should be forwarded to VLAN 226 interface. Once the switch has that packet, it can then route it to VLAN 227.

Does that VM have the IP address 192.168.26.1? If so, yes that is the device to check the routes on. Which router software is running on this VM?

Hi Daniel.
Thank you so much for taking time to help me.
Do you mean ip route conf of the router? It is a linux VM on XEN host. Or for the switch?

Hi Daniel.

You were right. It was routing issue. I had to make proper NAT configuration on the router (a debian vm). Now I have internet access, but still can't resolve hostname with the local DNS (separate centos VM) although the vm is responding to ping.

Glad to hear that routing is all cleared up. Are the clients properly populating a DNS address when they acquire an IP address? Have you tried testing the use of an external DNS?