Cisco – SVI Inter-vlan routing

ciscopingroutingswitchvlan

I have 2 3560G switches and im trying to ping the other vlan on it but wont get the packets.

here is my config

switch #1 

Switch#sh run
Building configuration...

Current configuration : 1946 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface Port-channel1
 no switchport
 ip address 10.10.10.10 255.255.255.0
 standby 1 ip
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
 no ip address

!
interface Vlan10
 ip address 196.10.10.10 255.255.255.0
 standby 1 ip
!
interface Vlan20
 ip address 196.10.20.10 255.255.255.0
 standby 1 ip
!
interface Vlan30
 ip address 196.10.30.10 255.255.255.0
 standby 1 ip
!
interface Vlan40
 ip address 196.10.40.10 255.255.255.0
 standby 1 ip
!
ip classless
ip http server
!
!
!
control-plane
!
!
line con 0
line vty 5 15
!
end

switch 2

new#sh run
Building configuration...

Current configuration : 2826 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname new
!
enable secret 5 $1$xoou$YnuOXQYgUhhL3ouroeqlw1
enable password pokemon
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
!
 --More--
03:37:39: %SYS-5-CONFIG_I: Configured from console !        e
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface Port-channel1
 no switchport
 ip address 10.10.1.10 255.255.255.0
 standby 1 ip
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
!
interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
!
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface Vlan1
 no ip address
!
interface Vlan10
 ip address 200.200.1.2 255.255.255.0
 standby ip 172.30.40.10
 standby 1 ip
!
interface Vlan20
 ip address 200.200.2.2 255.255.255.0
 standby ip 172.30.50.10
 standby 1 ip
!
interface Vlan30
 ip address 200.200.3.2 255.255.255.0
 standby ip 172.30.70.10
 standby 1 ip
!
interface Vlan40
 ip address 200.200.4.2 255.255.255.0
 standby ip 172.30.80.10
 standby 1 ip
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
line vty 0 4
 password pokemon
 login
line vty 5 15
 password pokemon
 login
!
end

Edit:
e.g 

Switch#ping 200.200.1.2 source 196.10.10.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.1.2, timeout is 2 seconds:
Packet sent with a source address of 196.10.10.10
.....
Success rate is 0 percent (0/5)

Best Answer

You seem to have multiple problems:

  • You have port channels defined on each switch, but there are no interfaces which are members of the port channels.
  • You don't have any routed links connecting the two switches.
  • You don't have any static routes or routing protocol to share the routes on each switch with the other switch.
  • You are trying to use HSRP, but that doesn't work unless you have the same networks on both switches.
  • You seem to be trunking the VLANs between the switches, but each switch has its ow VLANs which are using networks different than the VLANs on the other switch.
  • You have not assigned any switch interfaces to a VLAN other than the default VLAN 1

Your question is unclear on what you are trying to do, but I have listed a couple of options for you.

You could try something like this to have two separate routers for the separate networks you have defined on the two switches (completely separate VLANs on the two switches, even though they use the same VLAN numbers):

Switch 1:

interface Port-channel1
 description Channel to Switch 2 Po1
 no switchport
 ip address 10.10.10.1 255.255.255.0
!
interface GigabitEthernet0/5
 description Link to Switch 2 G0/2
 no switchport
 channel-group 1 mode on
!
interface GigabitEthernet0/8
 description Link to Switch 2 G0/4
 no switchport
 channel-group 1 mode on
!
interface Vlan10
 ip address 196.10.10.10 255.255.255.0
!
interface Vlan20
 ip address 196.10.20.10 255.255.255.0
!
interface Vlan30
 ip address 196.10.30.10 255.255.255.0
!
interface Vlan40
 ip address 196.10.40.10 255.255.255.0
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0
!

Switch 2:

interface Port-channel1
 description Channel to Switch 1 Po1
 no switchport
 ip address 10.10.10.2 255.255.255.0
!
interface GigabitEthernet0/2
 description Link to Switch 1 G0/5
 no switchport
 channel-group 1 mode on
!
interface GigabitEthernet0/4
 description Link to Switch 1 G0/8
 no switchport
 channel-group 1 mode on
!
interface Vlan10
 ip address 200.200.1.2 255.255.255.0
!
interface Vlan20
 ip address 200.200.2.2 255.255.255.0
!
interface Vlan30
 ip address 200.200.3.2 255.255.255.0
!
interface Vlan40
 ip address 200.200.4.2 255.255.255.0
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0
!

You could try something like this to have two separate routers for the same networks on both switches (the VLANs on the two switches):

Switch 1:

interface Port-channel1
 description Channel to Switch 2 Po1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/5
 description Link to Switch 2 G0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk    
!
interface GigabitEthernet0/8
 description Link to Switch 2 G0/4
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface Vlan10
 ip address 196.10.10.10 255.255.255.0
 standby 1 ip 196.10.10.1
 standby 1 priority 110
 standby 1 preempt
!
interface Vlan20
 ip address 196.10.20.10 255.255.255.0
 standby 1 ip 196.10.20.1
 standby 1 priority 110
 standby 1 preempt
!
interface Vlan30
 ip address 196.10.30.10 255.255.255.0
 standby 1 ip 196.10.30.1
 standby 1 priority 110
 standby 1 preempt
!
interface Vlan40
 ip address 196.10.40.10 255.255.255.0
 standby 1 ip 196.10.40.1
 standby 1 priority 110
 standby 1 preempt
!

Switch 2:

interface Port-channel1
 description Channel to Switch 1 Po1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/2
 description Link to Switch 1 G0/5
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface GigabitEthernet0/4
 description Link to Switch 1 G0/8
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,30,40
 switchport mode trunk
!
interface Vlan10
 ip address 196.10.10.11 255.255.255.0
 standby 1 ip 196.10.10.1
 standby 1 priority 100
 standby 1 preempt
!
interface Vlan20
 ip address 196.10.20.11 255.255.255.0
 standby 1 ip 196.10.20.1
 standby 1 priority 100
 standby 1 preempt
!
interface Vlan30
 ip address 196.10.30.11 255.255.255.0
 standby 1 ip 196.10.30.1
 standby 1 priority 100
 standby 1 preempt
!
interface Vlan40
 ip address 196.10.40.11 255.255.255.0
 standby 1 ip 196.10.40.1
 standby 1 priority 100
 standby 1 preempt
!

Edit:

You are trying to ping from one network on one switch to a different network on the other switch. The problem is that the switch from which you are trying to ping doesn't know how to get tho the network on the other switch. You need to either put in static routes, or you need to run a routing protocol between the switches. Somehow, both switches need to know about the networks on the other switch, otherwise the traffic gets dropped.

Based on your edit, the first example I gave you should work. I really think you are confusing layer-2 and layer-3. By using trunks between the switches, the VLANs are the same on both switches, and you can get from on VLAN to the other switch via layer-2. What you are missing is that to route between the switches, you need a routed link, and some method for one switch to know to send traffic to the other switch for traffic destined to the network(s) on the other switch. This is a layer-3 problem, not a layer-2 problem.

Related Topic