1. Home
  2. Ethernet LAN
  3. Routing between VLANs using a Layer 3 Switch

Routing between VLANs using a Layer 3 Switch

I am trying to figure out how to get an echo response when I ping a device on a different VLAN.

Just to test things and get them to work, currently, I have two Dell Powerconnect 6024 switches on my desk. I will call them S1 and S2. S1 is connected to our internal LAN. S2 is connected to S1 via a trunk port on each switch and nothing else. I have some ports set up to be on VLAN 10 and some to be on VLAN 20. I have IP Addresses assigned to both VLANs on each switch as follows:

S1: VLAN 10, 192.168.0.40 VLAN 20, 192.168.1.1

S2: VLAN 10, 192.168.0.32 VLAN 20, 192.168.1.2

On S1, Port 24 is set up as a Trunk port with VLAN 10 & 20 both added to it. It is connected by a cable to Port 1 on S2, also configured as a trunk port with both VLAN 10 & VLAN 20 added to it.

Initially, I was trying to set up static routes using an white paper on Dell's web site,

formatting link

However, I received a reply from a Dell tech/engineer indicating that this paper is misleading and that the Layer 3 switch (Powerconnect

6024) would automatically route between directly connected networks.

I am trying to test this by simply pinging the ip addresses of VLAN 20 from a computer connected to a port that is on VLAN 10. All I can get is "Request timed out".

For example, my computer is connected to port 15 on S1 & has the IP address, 192.168.0.103. I can ping 192.168.0.40, the IP address of VLAN 10 on S1 with replies and I can ping 192.168.0.32, the IP address of VLAN 10 on S2 and get replies. I cannot, however, get replies when I ping 192.168.1.1 or 192.168.1.2, which is VLAN 20 on S1 & S2, respectively.

If anyone is familar with configuring VLANs using Layer 3 & Layer 2 switches, please help.

Thanks,

Mike

Reply to
support
Loading thread data ...

Are your trunks tagged?

Reply to
T. Sean Weintz

What subnet masks are you using?

You would typically need to enable IP forwarding on the switch. See if they have a command such as "ip routing".

Anoop

Reply to
anoop

The subnet mask in all cases is 255.255.255.0.

VLANs are on the following Networks on both switches.

VLAN 10: 192.168.0.0 /24 VLAN 20: 192.168.1.0 /24

Below is more detailed information about my configuration.

********Configuration of S1*********

Using Telnet to connect to S1, the following shows that Port g24 is in Trunk mode and has VLAN 10 & 20 added to it.

console# show interface switchport ethernet g24 Port : g24 Port Mode: Trunk Gvrp Status: disabled Ingress Filtering: true Acceptable Frame Type: admitAll Ingress UnTagged VLAN ( NATIVE ): 1 Port is member in:

Vlan Name Egress rule Port Membership Type

---- -------------------------------- ----------- -------------------- 1 1 Untagged System 10 10 Tagged Static 20 20 Tagged Static

The following shows that 192.169.0.40 is binded to VLAN 10 and

192.168.1.1 is binded to VLAN 20 on S1.

console# show ip interface vlan 10 Proxy ARP is disabled

IP Address Type Directed Broadcast

----------------------- --------- ----------- 192.168.0.40/24 static disable

console# show ip interface vlan 20 Proxy ARP is disabled

IP Address Type Directed Broadcast

----------------------- --------- ----------- 192.168.1.1/24 static disable

The following shows that 192.168.0.0/24 & 192.168.1.0/24 are directly connected subnets on S1.

console# show ip route Maximum Parallel Paths: 4 (4 after reset) Codes: C - connected, S - static, R - RIP, O - OSPF, E - OSPF external C 192.168.0.0/24 is directly connected vlan 10 C 192.168.1.0/24 is directly connected vlan 20 C 192.168.10.0/24 is directly connected vlan 1

The following shows that Port g15, to which my workstation is connected, is a member of VLAN 10.

console# show interface switchport ethernet g15 Port : g15 Port Mode: Access Gvrp Status: disabled Ingress Filtering: true Acceptable Frame Type: admitAll Ingress UnTagged VLAN ( NATIVE ): 10 Port is member in:

Vlan Name Egress rule Port Membership Type

---- -------------------------------- ----------- -------------------- 10 10 Untagged Static

********Configuration of S2*********

Using HyperTerminal on a Serial cable connection between my worstation and S2, the following shows that Port g1 is in Trunk mode and has VLAN

10 & 20 added to it.

console# show interface switchport ethernet g1 Vlan Name Ingress UnTagged VLAN ( NATIVE ): 1 Port is member in:

Vlan Name Egress rule Port Membership Type

---- -------------------------------- ----------- -------------------- 1 1 Untagged System 10 10 Tagged Static 20 20 Tagged Static

The following shows that 192.169.0.32 is binded to VLAN 10 and

192.168.1.2 is binded to VLAN 20 on S2.

console# show ip interface vlan 10 Proxy ARP is disabled

IP Address Type Directed Broadcast

----------------------- --------- ----------- 192.168.0.32/24 static disable

console# show ip interface vlan 20 Proxy ARP is disabled

IP Address Type Directed Broadcast

----------------------- --------- ----------- 192.168.1.2/24 static disable

The following shows that 192.168.0.0/24 & 192.168.1.0/24 are directly connected subnets on S2.

console# show ip route Maximum Parallel Paths: 4 (4 after reset) Codes: C - connected, S - static, R - RIP, O - OSPF, E - OSPF external C 192.168.0.0/24 is directly connected vlan 10 C 192.168.1.0/24 is directly connected vlan 20 C 192.168.11.0/24 is directly connected vlan 1

********End of Configuration Information*********
Reply to
eriworld

Correction to last message:

In my last message, I wrote,

"...on S1, VLAN 10 is 192.168.040 & on VLAN 20, it is 192.168.0.32. VLAN 20, on S1, is 192.168.1.1 & on S2 it is 192.168.1.2."

This should read as follows,

"...on S1, VLAN 10 is 192.168.040 & on S2, it is 192.168.0.32. VLAN

20, on S1, is 192.168.1.1 & on S2 it is 192.168.1.2."
Reply to
eriworld

I am pinging from my computer. It is connected to Port 15 on S1, which is on VLAN 10. (192.168.0.0/24) It is configured as follows:

U:\>ipconfig Windows IP Configuration

Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : erinet.eriworld.com IP Address. . . . . . . . . . . . : 192.168.0.103 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.254 192.168.0.40

192.168.0.254 is the internal IP address of our firewall between our network and the internet. 192.168.0.40 is the IP address of VLAN10 on S1.

The configuation above corresponds to the way DHCP service is set up on our Win 2K server. Under Scope Options in the DHCP manager, the 003 Router is 192.168.0.254, 192.168.0.40. I changed it, with the order reversed, making it 192.168.0.40, 192.168.0.254. Then, I ran "IPCONFIG /RELEASE", followed by, "IPCONFIG /RENEW". I ran IPCONFIG and the Default Gateway order was reversed, with 192.168.0.40 first, as expected. Then, I tried to ping a URL on the internet, such as

formatting link
Instead of getting a replies from Google, I got replies, "192.168.0.40 Destination net unreachable" , as if it never even found the 192.168.0.254 gateway. I tried pinging 192.168.1.1 &

192.168.1.2 got replies from both.

Why does the second gateway in the list never seem to be used and why does Windows allow for more than one gateway if only the first one is ever used?

Perhaps I do need to set up a static route, after all.

Reply to
eriworld

"IPCONFIG

Windows can only use one default gateway for an interface. If you have 2 configured, it will only use the second if the first one goes down, and only if it is running a protocol, such as IRDP, to detect that it has actually gone down.

You would either need a static route, or you could add a default route in the 192.168.0.40 gateway that points to 192.168.0.254. (I'm assuming you didn't already have the latter since it looks like your packets didn't make it to the outside world.) If you do do the latter, the host will probably receive ICMP redirects for outside world traffic that will tell the host to use 192.168.0.254 directly. These should show up in the routing table on the host which you can view using 'netstat -rn'.

Anoop

Reply to
anoop

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.