ExtremeSwitching (EXOS)

Expand all | Collapse all

X440 IPForwarding Not Working as Expected

  • 1.  X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:24
    I currently have and X440 at one of my sites that I am creating a new VLAN to add in some additional IP's. I successfully did this at another site and it worked like a charm, but this one seems to not be cooperating. I have both rip and ipforwarding enabled on the Default and the new VLAN. The Default VLAN can ping the IP of the new VLAN and the new VLAN can ping the IP of the Default VLAN, but the new VLAN can't ping any devices on the old VLAN and the old VLAN can't ping any devices on the new VLAN.

    I find it odd that the same config worked at another site, but doesn't on this one. The only difference from one site to another is the IP addresses used.


  • 2.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:33
    In case it is needed, here is a copy of my show config.

    #
    # Module vlan configuration.
    #
    configure vlan default delete ports all
    configure vr VR-Default delete ports 1-24
    configure vr VR-Default add ports 1-24
    configure vlan default delete ports 3
    create vlan "PHS_WIFI"
    configure vlan PHS_WIFI tag 10
    enable loopback-mode vlan PHS_WIFI
    configure ports 1 display-string PHS-Hall2
    configure ports 4 display-string PHS-Hall1
    configure ports 7 display-string PHS-Hall3
    configure ports 9 display-string PHS-Nurse1
    configure ports 14 display-string PHS-Office1
    configure ports 15 display-string PHS-OldK
    configure ports 21 display-string PHS-Core
    configure ports 22 display-string PHS_WLC
    configure ports 23 display-string PHS-Lib
    configure ports 24 display-string To_ASC
    configure ports 24 medium copper auto off speed 100 duplex full
    configure vlan Default add ports 1-2,4-24 untagged
    configure vlan PHS_WIFI add ports 3 untagged
    configure vlan Default ipaddress 10.0.22.210 255.255.252.0
    enable ipforwarding vlan Default
    configure vlan PHS_WIFI ipaddress 10.1.22.210 255.255.252.0
    enable ipforwarding vlan PHS_WIFI
    #
    # Module fdb configuration.
    #
    #
    # Module rtmgr configuration.
    #
    configure iproute add default 10.0.20.3
    disable iproute ipv4 compression
    disable iproute ipv6 compression
    #
    # Module mcmgr configuration.
    #
    #
    # Module aaa configuration.
    #
    #
    # Module acl configuration.
    #

    configure access-list zone SYSTEM application Snmp application-priority 14
    configure access-list zone SYSTEM application Telnet application-priority 15
    configure access-list zone SYSTEM application Http application-priority 16
    configure access-list zone SYSTEM application L2PT_PF application-priority 17
    #
    # Module bfd configuration.
    #
    #
    # Module ces configuration.
    #
    #
    # Module cfgmgr configuration.
    #
    #
    # Module dosprotect configuration.
    #
    #
    # Module dot1ag configuration.
    #
    #
    # Module eaps configuration.
    #
    #
    # Module edp configuration.
    #
    #
    # Module elrp configuration.
    #
    enable elrp-client
    configure elrp-client periodic Default ports 1-2,4-24 interval 15 log-and-trap disable-port ingress permanent
    configure elrp-client disable-port exclude 1
    configure elrp-client disable-port exclude 2
    configure elrp-client disable-port exclude 3
    configure elrp-client disable-port exclude 4
    configure elrp-client disable-port exclude 5
    configure elrp-client disable-port exclude 6
    configure elrp-client disable-port exclude 7
    configure elrp-client disable-port exclude 8
    configure elrp-client disable-port exclude 9
    configure elrp-client disable-port exclude 10
    configure elrp-client disable-port exclude 11
    configure elrp-client disable-port exclude 12
    configure elrp-client disable-port exclude 13
    configure elrp-client disable-port exclude 14
    configure elrp-client disable-port exclude 15
    configure elrp-client disable-port exclude 16
    configure elrp-client disable-port exclude 17
    configure elrp-client disable-port exclude 18
    configure elrp-client disable-port exclude 19
    configure elrp-client disable-port exclude 20
    configure elrp-client disable-port exclude 21
    configure elrp-client disable-port exclude 22
    configure elrp-client disable-port exclude 23
    configure elrp-client disable-port exclude 24
    #
    # Module ems configuration.
    #
    #
    # Module epm configuration.
    #
    #
    # Module erps configuration.
    #
    #
    # Module esrp configuration.
    #
    #
    # Module ethoam configuration.
    #
    #
    # Module etmon configuration.
    #
    #
    # Module hal configuration.
    #
    #
    # Module idMgr configuration.
    #
    #
    # Module ipSecurity configuration.
    #
    #
    # Module ipfix configuration.
    #
    #
    # Module lldp configuration.
    #
    disable lldp ports 1
    disable lldp ports 2
    disable lldp ports 3
    disable lldp ports 4
    disable lldp ports 5
    disable lldp ports 6
    disable lldp ports 7
    disable lldp ports 8
    disable lldp ports 9
    disable lldp ports 10
    disable lldp ports 11
    disable lldp ports 12
    disable lldp ports 13
    disable lldp ports 14
    disable lldp ports 15
    disable lldp ports 16
    disable lldp ports 17
    disable lldp ports 18
    disable lldp ports 19
    disable lldp ports 20
    disable lldp ports 21
    disable lldp ports 22
    disable lldp ports 23
    disable lldp ports 24
    #
    # Module mrp configuration.
    #
    #
    # Module msdp configuration.
    #
    #
    # Module netLogin configuration.
    #
    #
    # Module netTools configuration.
    #
    configure dns-client add name-server 10.0.4.4 vr VR-Default
    configure dns-client add name-server 10.0.4.194 vr VR-Default
    configure dns-client add domain-suffix ccs.local
    enable bootprelay ipv4 vlan Default
    enable bootprelay ipv4 vlan PHS_WIFI
    configure bootprelay vlan PHS_WIFI add 10.0.4.4
    #
    # Module ntp configuration.
    #
    #
    # Module poe configuration.
    #
    #
    # Module policy configuration.
    #
    #
    # Module rip configuration.
    #
    enable rip
    enable rip export direct cost 1
    configure rip add vlan Default
    configure rip add vlan PHS_WIFI
    #
    # Module r.png configuration.
    #
    #
    # Module snmpMaster configuration.
    #
    #
    # Module stp configuration.
    #
    #
    # Module synce configuration.
    #
    #
    # Module techSupport configuration.
    #
    #
    # Module telnetd configuration.
    #
    #
    # Module tftpd configuration.
    #
    #
    # Module thttpd configuration.
    #
    enable web http
    configure ssl certificate hash-algorithm sha512
    #
    # Module twamp configuration.
    #
    #
    # Module vmt configuration.
    #
    #
    # Module vsm configuration.
    #



  • 3.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:38
    Hello Justin,

    Based on the configuration it looks like you are adding a PC to port 3 in the wifi VLAN and trying to ping from that device to other devices in the default VLAN?

    If this is true is the device receiving a DHCP address from a server? if so, what is the default gateway. In this setup the default gateway would need to be the ip address of the switch it is connected to (10.1.22.210) in order to reach outside the network. Can the device ping this IP?


  • 4.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:39
    Please make sure the X440 is not the L2 only model that cannot do routing.


  • 5.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:39
    It's an x440-24x, where the one that I have configured exactly the same is an x440-48p. I am fairly certain that it wasn't on the list of ones that wouldn't do routing.


  • 6.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:39
    If it was it wouldn't let you enable ipforwarding due to the license.


  • 7.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:39
    It allowed me to enable forwarding, so it should be fine then.


  • 8.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:43
    I am currently only attempting to ping from the switch itself to a device on the Default VLAN (10.0.20.0/22), port 3 was just added so it would be ready for when it was working. I am actually using "ping 10.0.20.211 from 10.1.22.210" to attempt to ping a device that I know is on, but does not respond from the WIFI VLAN. If I just ping the device normally "ping 10.0.20.211" it responds.


  • 9.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 13:46
    Does the device you are pinging have a route back to the WIFI VLAN? From what I can see the WIFI VLAN is completely segregated from the other switches. It is possible that the pings are making it but not making it back.


  • 10.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 14:04
    With how all of our sites are set up, we have a Cisco router that our ISP manages. That router is connected to an Extreme switch, the Extreme switch then connects to all of the other Extreme switches at the site. On the first switch, I have the Default VLAN and this new WIFI VLAN on, with ipforwarding and rip enabled. It will be the only switch that will have this new VLAN as port 3 will eventually be a trunk to a Cisco WLAN controller.
    I am still uncertain why it would work with this configuration at one site, but not another.... unless my ISP didn't put in the route to the new VLAN properly?

    I would be using this first switch as the gateway for anything on the new VLAN.


  • 11.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 18:25
    Hello Justin,

    As you confirmed, if you execute the ping without specific the from option it's working, and if you specify the source ipaddress(10.1.22.210) the ping was unsuccessful. from this, it shows the peer device doesn't have any information about the network 10.1.22.210.

    Here you have configured the RIP protocol to advertised this networks, but did you check the rip neighbors status? if not please use the following command and check the neighbors status.
    if there is an issue in the RIP neighborship, probably the peer device doesn't have the information about 10.1.22.210 and it's led to the unreachable issue.

    show rip interface VLAN


  • 12.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-01-2017 20:32
    I think the problem may lie with the router configs from my provider. After speaking with them a few minutes, I discovered they had placed the static route on their router to go to this first switch... but they also have an interface on their Cisco router that matches the subnet of my new VLAN and some extra routes.I have asked that they remove it since it was unnecessary.

    I used GNS3 with a model of my site to confirm that if there is a router configured the way they have it, the packets won't make it back to where they need to go. As soon as I disabled that interface on the router, it let everything work normally.

    I will confirm that this was the problem after they disable that extra interface and update this once they make their changes.


  • 13.  RE: X440 IPForwarding Not Working as Expected

    Posted 03-02-2017 13:43
    The problem was indeed, that my provider had put in a route to the wrong address on my switch (they used the IP of the new VLAN instead of the Default VLAN) and had incorrectly created a new interface on their router causing the traffic to not make it back.

    Thanks to all of you who helped, you guys are the best!


  • 14.  RE: X440 IPForwarding Not Working as Expected