computer gets IP address but no network connectivity

  • 0
  • 3
  • Problem
  • Updated 11 months ago
  • Solved
Hi,

I am having an issue where new computers obtain the correct IP information on our wired network. IP address, mask, Gateway, DNS, etc. The problem is that I cannot ping the gateway. Only other devices that are on the same subnet.

I have been able to work around it but that is not consistent. On the problem devices I have cleared the arp table, purged and reload the remote cache table, flushed dns, and removed the ethernet adapter via the device manager then re-added it. Sometimes these methods work and other times they do not

We have a back up Comcast network and the computers work normally when connected there. Even prior to using the methods listed above. So my thought is that there is some sort of incompatibility between the computers and our Extreme switches.

The computers are Dell Latitude 5480 and 5580s and some Mac devices.
We use Extreme X460-G2 switches running firmware version 22.2.1.5.

Any thoughts on this would be greatly appreciated.

Thanks!
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb

Posted 11 months ago

  • 0
  • 3
Photo of David Coglianese

David Coglianese, Embassador

  • 7,388 Points 5k badge 2x thumb
The gateway would also be on the same subnet...
How many switches are involved in this chain?
Are you sure the VLAN is pipped through all the uplinks?

Can the switch the devices are connected to ping the gateway?
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 51,328 Points 50k badge 2x thumb
Could you provide a network diagram - is the default gateway the XOS switch ?

Please provide a screenshot of "show vlan" and tell us which VLAN/IP we are talking about.

-Ron
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
Right, the gateway is on the same subnet but the computer still cannot ping that or anything else outside the subnet. Here is the chain: Computer > X460-G2 > S-Series core router. I am positive that the VLANs are correctly configured. The switch and other devices that connect to the switch can ping the gateway and have network connectivity. It is just these new computers.
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
Ron - Here I am working on the 130 VLAN. The default gateway for this subnet is 10.130.0.1. The switch IP is configured on VLAN 7 with a gateway 172.17.0.1. VLAN 7 is a management network.


 

Photo of David Coglianese

David Coglianese, Embassador

  • 7,388 Points 5k badge 2x thumb
Chris,

So the computers are on VLAN 130 and connected to the edge switch shown above?

Try
<ping 10.130.0.1 from 10.130.0.254> from the switch pictured above. Does that work?

I noticed this is a /21 and everything else is a /16. Is that the correct configuration? Is that consistent all the way through?
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
Yes, the problem computers connect to VLAN 130. The 10.130.0.254 address was configured on VLAN 130 so that I could use the iparp command to see other devices within the 10.130.x.x subnet. It has been configured that way for quite awhile now.

All other devices can ping 10.130.0.1. 
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
I discovered that this issue also happens when connected to a different X460 and a different VLAN.
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
Hi Bill,

Switch problem computer is connected (Summit X-460 G2):





Core Router (S-Series):
show lacp lag.0.3



show port lacp port ge.2.19 status detail


show port lacp port ge.6.19 status detail


When we initially deployed the X-460 switches (about two years ago) we tried to use LACP and could not get it to cooperate with our core router. Support told us that it was unnecessary and we could just use this command to set up the LAG:
 enable sharing <port> grouping <ports>


We haven't had any issues using this configuration.
Photo of Bill Handler

Bill Handler

  • 1,414 Points 1k badge 2x thumb

Chris,

If you run a show neighbor on the S, what remote ports are shown connected to ge.2.19;ge.6.19?

We have been successful in setting up LACP LAGs between EOS and XOS.

If you disconnect either of the ports in the LAG, does traffic start to flow?

However, we have seen weirdness with relation to VLANs and LAGs sometimes.  We've had to reapply the VLAN setting to the LAG ports on XOS.

Assuming you're tagging the VLANs across the LAG, on XOS if you run a 'show port 51 info detail' do you see the correct VLANs tagged?

On the S, if you run a 'show vlan portinfo port lag.0.3;ge.2.19;ge.6.19' does it show that the correct VLANs tagged there too?

Thanks,

Bill

Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
The show neighbors shows the uplink ports on the x460 which is correct.

Disconnecting one of the links on the LAG does not change anything.

VLANs are tagged correctly on the x460 and S-series.

I have also seen some weirdness on a LAG. I had to tag and untag our management VLAN several times to get a stack to appear on the network. When it reboots we have to do the same thing until it is seen on the network. Not exactly ideal...
Photo of Bill Handler

Bill Handler

  • 1,414 Points 1k badge 2x thumb

We've seen the LAG weirdness with VLANs, but once it works, we have not had to re-tag/un-tag the VLANs again.

I seem to recall that FW 22 had some issues... Are you able to upgrade to 22.3.1.4-patch1-4?  We've had pretty good results with that version.

Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
I am planning on upgrading. Currently we are on 22.1 and 22.2 which seems to be causing some stack syncing problems.
Photo of Chris Carroll

Chris Carroll

  • 200 Points 100 badge 2x thumb
I would like to thank everyone who offered their advice on this issue.

I ended up contacting GTAC to help resolve this issue. We have been implementing the Extreme NAC system and enabling authentication at the edge which is working great. Previously, we were doing authentication at the core. We had to disable mac authentication on the ports at the core to allow these new devices onto the network.

Thanks again everyone I really appreciate your help!

Chris