Route problem with PC6248

Question

Hi

I have a PC6248 running with 4 vlans. Routing is enabled globally on the switch and on the vlan interfaces. All ports are access ports.

vlan 2 ip 192.192.168.2.2 /24
vlan 3 ip 192.192.168.3.1 /24
vlan 4 ip 192.192.168.4.1 /24
vlan 5 ip 172.16.22.2 /24

I'm not using vlan 1. All vlans talk to each other. Vlan 2 is connected to the firewall (192.168.2.1) and vlan 3 and 4 routes to the firewall with the default route. Vlan 2,3 and 4 have internet connection. Vlan 5 is connected to a router (172.16.22.1 /24) that connects to a foreign network (172.16.33.0 /24).

computers belonging to vlan 5 have no problem accessing the foreign network since I added a static route to that network on the PC6248

ip route 172.16.33.0 255.255.255.0 172.16.22.1

The question is how do I get the other computers on the other three vlans to access the 172.16.33.0 network. I thought, since the clients on vlans 2,3,4 all have the PC6248 as their gateway and the PC6248 knows the way to the 172.16.33.0 network, they could access it but that is not the case. The PC6248 seems to only route for the clients residing in vlan 5. Why? :emotion-7:

FamousRuler · Accepted Answer

I found the problem. It was not lying on the switch. The PC6248 was indeed fowarding the destination address of 172.16.33.0 to it's default gateway which was the router, and the router was in turn forwarding the request to the right destination. The problem was that ping requests went all the way to the destination but they couldn't find their way back giving ping timeouts or host unreacheables.

So as soon I told me ISP to add static routes to the router, all other vlans started to talk with the 33.0 network

ip route 192.168.2.0 255.255.255.0 172.16.22.2

ip route 192.168.3.0 255.255.255.0 172.16.22.2

ip route 192.168.4.0 255.255.255.0 172.16.22.2

Thank you for your help!

FamousRuler · Answer

Thanks for the reply. My idea was to let the PC6248 handle the vlans because it routes between vlans faster than the firewall would (ASA 5520).

How do I add static routes to the 172.16.33.0 network on each vlan?

FamousRuler · Answer

Hi Daniel

I know how to enter a static route. I just didn't understand your statement and was hoping you could clarify it.

"In order to get all VLANs on the 6248 to traverse over the connection to the other devices, you will need to either continue adding static routes for each VLAN."

Does this mean I can enter specific routes to specific vlan interfaces? If so how do I do that?

Thanks

FamousRuler · Answer

Either you are not understanding my question or I am not understanding you..

The problem is that the switch only forward the traffic for the clients that resides on the vlan that is physically connected to the next hop router. In my case that is vlan 5

E.g. a client PC from vlan 4 trying to reach a host on 172.16.33.0 with ping command gets "destination host unreacheable" as an answer from the PC6248

So my conclusion is that the switch do NOT look in it's routing table when traffic coming from vlans other than vlan 5 which is physically connected to the router. It just drops the packets.

Or am I wrong here?

FamousRuler · Answer

Thanks for your clear answer. Could you enlight me on how to enter static routes for each of the VLANs? Thank you

FamousRuler · Answer

I added the static routes and it didn't make any difference. Funny thing is that when entering show ip route command doesn't show those static routes. When issuing show running-config though it shows the static routes but nether less it doesn't make any difference.

#sh ip route

S 0.0.0.0/0 [1/0] via 192.168.2.1, vlan 2

S 172.16.33.0/24 [1/0] via 172.16.22.1, vlan 5

C 172.16.22.0/24 [0/1] directly connected, vlan 5

C 192.168.3.0/24 [0/1] directly connected, vlan 3

C 192.168.4.0/24 [0/1] directly connected, vlan 4

C 192.168.2.0/24 [0/1] directly connected, vlan 2

#sh ru

ip route 0.0.0.0 0.0.0.0 192.168.2.1

ip route 172.16.33.0 255.255.255.0 172.16.22.1

ip route 192.168.2.0 255.255.255.0 172.16.22.1

ip route 192.168.3.0 255.255.255.0 172.16.22.1

ip route 192.168.4.0 255.255.255.0 172.16.22.1

FamousRuler · Answer

Just to clarify for others, I marked DELL-Daniel Co's post as an answer because his question "On the router with the 172 network, does it have the VLANs in it's database?" woke me up realizing the router also needed a route back to the vlans even though he was referring to vlan databases.

Thanks again

Networking General

Route problem with PC6248

Was this post helpful?