Hi Kim:
What happens if you try out this: modify the config on the C3 eliminating all
the vlans and routes and just put the default route 0.0.0.0 0.0.0.0 pointing to
the fw-ip-interface. Does it works!!! The thing is to figure out if the issue
is the default route per se or the combination of routes.
Francisco J Gar�����Álvarez
Administrador Redes
Direct��ía Inform��tica
Rama Judicial Puerto Rico
(939)389-3059
francisco.gar...@ramajudicial.pr
----- Original Message -----
From: Kim Pedersen <k...@cncsltd.com>
To: Enterasys Customer Mailing List <enterasys@listserv.unc.edu>
Sent: Mon Jun 08 08:04:52 2009
Subject: Re: [enterasys] Vlan configuration issue. & Default GW
Hi Fransisco,
Thanks for your suggestions - yes, I know the B3s don't do routing.
I am trying to get it routing working on the central C3 switch.
When I first worked on the problem, I was using a sniffer to monitor the
traffic, and plugging into various ports on the different VLANs.
On each VLAN I used the C3 switch as the default GW, and routing between VLANs
was working perfectly fine, but as soon as I started to include Internet
addresses the traffic stopped on the C3 switch (No arp requests were sent out,
or any routing/traffic to the default GW.
The immediate problem obviously had to be that there was no default route set.
This was a couple of months ago now, and someone has suggested I set the
default route on the router by using
"ip route 0.0.0.0 0.0.0.0 (gateway address)"
I think I've already tried this, but I will give it a go again now that it has
been suggested.
Kind regards,
Kim Pedersen
CNCS Ltd.
Francisco Garcia Alvarez wrote:
Hi Kim:
From the info you mention, I don't get clear if you are sure that the
default route isn't working for the B3's. I mean, have you tried to sniff
packets at the firewall internal segment to see if the data is getting there?
Have you checked the fw logs? Another thing that you can try to rule out any
issue w the fw is putting any switch or router on the same internal segment of
the fw and pointing the default route to that device and see if the packets go
the device. One good example, to check if the data goes the way it should is to
ping anything within the range of the default route; if the packets are routed
correctly, you should go to the arp table of that B3 switch and see the mac
address of the router/switch or fw that manages the route to get to that
destination.
If it works, then the conf is correct and maybe the issue is with
firewall.
Francisco J G�����������������Álvarez
Administrador Redes
Directo�������a Inf�����������tica
Rama Judicial Puerto Rico
(939)389-3059
francisco.gar...@ramajudicial.pr
----- Original Message -----
From: Kim Pedersen <k...@cncsltd.com> <mailto:k...@cncsltd.com>
To: Enterasys Customer Mailing List <enterasys@listserv.unc.edu>
<mailto:enterasys@listserv.unc.edu>
Sent: Sun Jun 07 23:50:42 2009
Subject: Re: [enterasys] Vlan configuration issue. & Default GW
Hi Michael,
With last resort I presume you mean default route/gw?
This is what I would like to accomplish, but I don't know the command
that will do it, and have either misunderstood the documentation or been unable
to find out which command to use.
I did try and specify a default route by defining a static route as
0.0.0.0/0.0.0.0, but it didn't work out. I did not spend too much time on the
whys as I felt I was on shaky ground trying a configuration that wasn't
directly mentioned in the product documentation.
I have included the router specific configuration below:
----------------------
C2(rw)->router(Config)#show running-config
!
interface vlan 90
no shutdown
ip address 192.168.90.250 255.255.255.0
interface vlan 91
no shutdown
ip address 192.168.91.254 255.255.255.0
interface vlan 92
no shutdown
ip address 192.168.92.250 255.255.255.0
interface vlan 93
no shutdown
ip address 192.168.93.254 255.255.255.0
interface vlan 94
no shutdown
ip address 192.168.94.250 255.255.255.0
interface vlan 95
no shutdown
ip address 192.168.95.254 255.255.255.0
interface vlan 96
no shutdown
ip address 192.168.96.250 255.255.255.0
interface vlan 99
no shutdown
ip address 192.168.99.250 255.255.255.0
interface vlan 100
no shutdown
ip address 192.168.100.250 255.255.255.0
!
router rip
----------------------
Regards,
Kim Pedersen
Pasetta, Michael wrote:
Have you tried to add a route of last resort in the switches
router configuration?
________________________________
From: Kim Pedersen
To: Enterasys Customer Mailing List
Sent: Sat Jun 06 21:23:38 2009
Subject: Re: [enterasys] Vlan configuration issue. & Default GW
I have a question to add into this interesting thread, which
adds a twist to Abhijit's scenario.
I have a very similar setup to the diagram below, with the
added difference that on my setup the IP addresses of the C3 switch on each of
the VLANs (10,20 and 30) is set as the default gateway for the clients
connected to the B3 switches.
Above C3 switch in the diagram below, I have a firewall /
internet router on VLAN 40, and I would like the C3 switch to route all
non-local traffic to this firewall.
I have been unable to get this to work, as the default route
command on the C3 switch seems only to work for the C3 switch itself, and not
for any routed networks.
Does anyone have experience with this?
Regards,
Kim Pedersen
CNCS Ltd.
Pal, Abhijit IN CCU SISL wrote:
Hello,
I am describing the scenario.
Five B3 switches will be connected with one C3 switch.
Each B3 SW will be used as L2 SW and they will be in separate Vlan. One server
which will be in separate vlan, will be directly connected to C3 switch. Now in
C3 SW Vlan routing will happen. Attaching the worst Diagram came out of my best
effort.
What should I do?
Best Regards,
Abhijit Pal
SIEMENS Information systems Limited.
GO/ GTAS(Global Technology Application Services)
13th Floor, Tower-2,Millenium City Bldg,
DN-62,Sector-5,SaltLake, Kolkata-700091.
DID: +91 33 2339 9396
Board:+91 33 2339 9000
Fax: +91 33 2339 9001
* --To unsubscribe from enterasys, send email to
lists...@unc.edu with the body: unsubscribe enterasys mpase...@enterasys.com
* --To unsubscribe from enterasys, send email to
lists...@unc.edu with the body: unsubscribe enterasys k...@cncsltd.com
* --To unsubscribe from enterasys, send email to lists...@unc.edu
with the body: unsubscribe enterasys francisco.gar...@ramajudicial.pr
* --To unsubscribe from enterasys, send email to lists...@unc.edu
with the body: unsubscribe enterasys k...@cncsltd.com
________________________________
Aviso de confidencialidad: Este correo elec��ónico y cualquier
documento adjunto contiene informaci��n propietaria, confidencial o
privilegiada que pertenece a la Rama Judicial. Se advierte que cualquier
divulgaci��n, distribuci��n, copia o ac��ón relacionada al contenido de esta
comunicac���n, sin la autoriza��ón del remitente e��á totalmente prohibida. Si
usted no es el destinatario, debe destruir este mensaje y notificar al
remitente o a la Oficina de Seguridad de los Sistemas al (787) 641-6363, Ext.
2775. La Rama Judicial ha tomado las precauciones necesarias para asegurar el
e��ío del correo elec��ónico, libre de virus o contenido malicioso. No
obstante, no podemos asegurar que as�� sea, por lo cual no nos hacemos
responsables de cualquier da��o atribuible al caso.
* --To unsubscribe from enterasys, send email to lists...@unc.edu
with the body: unsubscribe enterasys k...@cncsltd.com
________________________________
Confidentiality Note: This e-mail and any other document attached
contain proprietary, confidential or privileged information that appertains to
the Judicial Branch. You are to become aware that any dissemination or
disclosure, distribution, copying or the taking of any action in reliance on
the contents of this communication is strictly forbidden without the consent of
the sender. If you are not the intended recipient, you should destroy this
message and should notify the sender or the Systems Security Office at (787)
641-6363 Ext. 2775. The Judicial Branch has taken the necessary precautions to
ensure the remittance of e-mail communications free of virus or any other
malicious contents. However, we cannot assure that this could be the case, for
which we disclaim any responsibility of any damage attributable thereto.
* --To unsubscribe from enterasys, send email to lists...@unc.edu
with the body: unsubscribe enterasys k...@cncsltd.com
* --To unsubscribe from enterasys, send email to lists...@unc.edu with
the body: unsubscribe enterasys francisco.gar...@ramajudicial.pr
-----------------------------------------
Aviso de confidencialidad:
Este correo elec��ónico y cualquier documento adjunto contiene
informac���n propietaria, confidencial o privilegiada que pertenece
a la Rama Judicial. Se advierte que cualquier divulgaci��n,
distribuc���n, copia o acci��n relacionada al contenido de esta
comunicaci��n, sin la autorizac���n del remitente es��� totalmente
prohibida. Si usted no es el destinatario, debe destruir este
mensaje y notificar al remitente o a la Oficina de Seguridad de los
Sistemas al (787) 641-6363, Ext. 2775. La Rama Judicial ha tomado
las precauciones necesarias para asegurar el env��o del correo
elect���nico, libre de virus o contenido malicioso. No obstante, no
podemos asegurar que a��� sea, por lo cual no nos hacemos
responsables de cualquier ��ño atribuible al caso.
-----------------------------------------
Confidentiality Note:
This e-mail and any other document attached contain proprietary,
confidential or privileged information that appertains to the
Judicial Branch. You are to become aware that any dissemination or
disclosure, distribution, copying or the taking of any action in
reliance on the contents of this communication is strictly
forbidden without the consent of the sender. If you are not the
intended recipient, you should destroy this message and should
notify the sender or the Systems Security Office at (787) 641-6363
Ext. 2775. The Judicial Branch has taken the necessary precautions
to ensure the remittance of e-mail communications free of virus or
any other malicious contents. However, we cannot assure that this
could be the case, for which we disclaim any responsibility of any
damage attributable thereto.
---
To unsubscribe from enterasys, send email to lists...@unc.edu with the body:
unsubscribe enterasys arch...@mail-archive.com
