hosts can only ping other hosts after router has pinged them?

Hi all, has anyone else ever see this:

client with ip 10.6.201.20/16 and gateway of 10.6.1.1 can only ping a host with an ip address of

10.1.1.8/16 after the router has successfully pinged 10.1.1.8/16?

The destination host has 2 ip addresses assigned to an ethernet interface:

69.66.x.x/21 10.1.1.8/16 default gateway of 69.66.x.1/21

The router has

69.66.x.1 on gig 0/0 10.1.1.1/16 on gig0/1 as primary and 10.6.1.1/16 as secondary

thanks!

Reply to
spec
Loading thread data ...

I have a feeling this might be related to whether or not you have "ip route-cache same-interface" configured on gig0/1.

Reply to
Barry Margolin

yes, ip route-cache same interface is enabled on gig 0/1

Reply to
spec

I'm a little confused as to why you have this setup this way but it seems to me that you are running into an arp problem.

How does the router Know how to reach Host 10.1.1.8 if you only have

69.66.x.1 configured on the inteface facing Host 10.1.1.8. Is there a static route or something?

When you attaempt to ping 10.1.1.8 from host 10.6.201.20, the router receives the packet and now realizes that network 10.1.0.0/16 is directly connected on g0/1 - which is also the same interface that the packet was just received.

So the router is going to send out an Arp request on G0/1 to find the Mac address of the destination. The ARP reply will never come back because 10.1.1.8 is actually located outside of interface g0/0.

I'm not even sure how the ping from the router is working. Please provide some more details.

Thanks

spec wrote:

Reply to
ciscortp

I'm a little confused as to why you have this setup this way but it seems to me that you are running into an arp problem.

How does the router Know how to reach Host 10.1.1.8 if you only have

69.66.x.1 configured on the inteface facing Host 10.1.1.8. Is there a static route or something?

When you attaempt to ping 10.1.1.8 from host 10.6.201.20, the router receives the packet and now realizes that network 10.1.0.0/16 is directly connected on g0/1 - which is also the same interface that the packet was just received.

So the router is going to send out an Arp request on G0/1 to find the Mac address of the destination. The ARP reply will never come back because 10.1.1.8 is actually located outside of interface g0/0.

I'm not even sure how the ping from the router is working. Please provide some more details.

Thanks

spec wrote:

Reply to
ciscortp

So if it fails with this set, what happens if you unset it?

Reply to
Barry Margolin

the issue appears to be that the interface was bound to a BVI interface (not sure why a BVI was used here)

placing the config on the physical interface solved the issue

Barry Margol> >

Reply to
spec

Greetings,

It is not obvious to most people that on Cisco Routers the Ethernet interfaces can be configured to operate in at least Layer 2 or Layer 3 modes (and possibly more). The "default" mode for an Etherswitch is as a Layer 2 port, while for a Router the "default" mode is as a Layer 3 port, because we most often need to route over that interface. While this works fine, you will then find that you cannot apply a MAC ACL to that interface, because its NOT in "Layer 2" mode. To enable the use of MAC ACL's on that Ethernet interface, AND be able to Route over it,, you need to - 1. Create a BRIDGE GROUP, 2. Bond the Ethernet Interface to that Bridge Group (force it into Layer 2 mode), 3. Create a BVI also in that same Bridge Group (IE Bridge Group 7 can have BVI 7 as its routed interface), 4. Apply all Layer 3 attributes (EG the IP address) to the BVI. 5. Now apply the Layer 2 MAC ACL to the Ethernet.

So a BVI is usually used to add Layer 3 capability to an Ethernet interface that also needs to use Layer 2 properties.

Cheers...........pk.

Reply to
Peter

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.