Inter-VLAN Routing not working correctly


Hello!

I just took over a System Administrator role for a company and trying to figure out what happened to one of their VLANs.
I am new to the Extreme Network devices. They currently have 3 stacked X450-e as their main switch stack/router.
The previous SA setup a new VLAN (VLAN11) to free up some IPs on the main subnet.
Some PCs started dropping from the network last week and we ended up figuring out that the VLAN had been removed from the switch configuration.
I readded it and tried to set everything up as it should be but its not working and I am starting to bang my head against the wall and need some other eyes on this to tell me where the issue might be.

I've gone through all the help guides on here and cannot get a PC to ping another PC on VLAN11 from VLAN1. I cannot even get VLAN11 to pass DHCP to the PC. Static set IP doesn't work either.
DHCP server IP is 192.168.0.17

Here is my current switch config:

51 replies

Userlevel 4
What's routing between VLAN's? I see all of your VLAN's, but I don't see anything routing between them. Do you have a firewall or some other device in place?
The switch that I uploaded should be the device doing routing.
Userlevel 4
IT-SA wrote:

The switch that I uploaded should be the device doing routing.

Sorry about that - misread the configs (those ipforwarding commands hide in the middle of a bunch of stuff). Let me re-read 🙂...
Userlevel 4
Stupid question - the devices are untagged in V11, correct? Here's the list of items you show there: 1:41, 2:21, 2:30, 3:7. Try dumping a "show port vlan" and make sure that the devices needing to be routed are untagged. At first glance, it looks okay. Issue a "show ipconfig" and "show iproute" and make sure nothing jumps out there. You can also dump the arp cache on a PC (set IP manually first) and make sure the MAC of the DFGW is actually the extreme. Same on the DHCP server.
Eric Burke wrote:

Stupid question - the devices are untagged in V11, correct? Here's the list of items you show there: 1:41, 2:21, 2:30, 3:7. Try dumping a "show port vlan" and make sure that the devices needing to be routed are untagged. At first glance, it looks okay. Issue a "show ipconfig" and "show iproute" and make sure nothing jumps out there. You can also dump the arp cache on a PC (set IP manually first) and make sure the MAC of the DFGW is actually the extreme. Same on the DHCP server.

Yeah, those are the ports I have been playing with trying to get it working.
The ports are untagged.
Eric Burke wrote:

Stupid question - the devices are untagged in V11, correct? Here's the list of items you show there: 1:41, 2:21, 2:30, 3:7. Try dumping a "show port vlan" and make sure that the devices needing to be routed are untagged. At first glance, it looks okay. Issue a "show ipconfig" and "show iproute" and make sure nothing jumps out there. You can also dump the arp cache on a PC (set IP manually first) and make sure the MAC of the DFGW is actually the extreme. Same on the DHCP server.

show iproute

Ori Destination Gateway Mtr Flags VLAN Duration
#s Default Route 192.168.0.2 1 UG---S-um--f- Default 5d:22h:16m:30s
d 10.90.0.0/29 10.90.0.1 1 -------um---- replication 5d:22h:16m:43s
#d 192.168.0.0/24 192.168.0.1 1 U------um--f- Default 5d:22h:16m:43s
#d 192.168.11.0/24 192.168.11.1 1 U------um--f- VLAN11 5d:6h:1m:47s
#d 192.168.100.0/24 192.168.100.1 1 U------um--f- VOICE 5d:22h:16m:43s
Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP
(ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext
(e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2
(is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp
(mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2
(oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM
(r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown
(*) Preferred unicast route (@) Preferred multicast route
(#) Preferred unicast and multicast route
Flags: (B) BlackHole, (b) BFD protection requested, (c) Compressed, (D) Dynamic
(f) Provided to FIB, (G) Gateway, (H) Host Route, (L) Matching LDP LSP
(l) Calculated LDP LSP, (3) L3VPN Route, (m) Multicast, (P) LPM-routing
(p) BFD protection active, (R) Modified, (S) Static, (s) Static LSP
(T) Matching RSVP-TE LSP, (t) Calculated RSVP-TE LSP, (u) Unicast, (U) Up
MPLS Label: (S) Bottom of Label Stack
Mask distribution:
1 default routes 3 routes at length 24
1 routes at length 29
Route Origin distribution:
4 routes from Direct 1 routes from Static
Total number of routes = 5
Total number of compressed routes = 0
Userlevel 2
Did you enable IP forwarding on the VLAN? Do a 'show VLAN vlan11' and check
Robert Cummins wrote:

Did you enable IP forwarding on the VLAN? Do a 'show VLAN vlan11' and check

VLAN Interface with name VLAN11 created by user
Admin State: Enabled Tagging: 802.1Q Tag 11
Description: None
Virtual router: VR-Default
IPv4 Forwarding: Enabled
Primary IP : 192.168.11.1/24
IPv6 Forwarding: Disabled
IPv6: None
STPD: None
Protocol: Match all unfiltered protocols
Loopback: Disabled
NetLogin: Disabled
QosProfile: None configured
Egress Rate Limit Designated Port: None configured
Flood Rate Limit QosProfile: None configured
Ports: 4. (Number of active ports=3)
Untag: *1:41, 2:21, *2:30, *3:7
Flags: (*) Active, (!) Disabled, (g) Load Sharing port
(b) Port blocked on the vlan, (m) Mac-Based port
(a) Egress traffic allowed for NetLogin
(u) Egress traffic unallowed for NetLogin
(t) Translate VLAN tag for Private-VLAN
(s) Private-VLAN System Port, (L) Loopback port
(e) Private-VLAN End Point Port
(x) VMAN Tag Translated port
(G) Multi-switch LAG Group port
Robert Cummins wrote:

Did you enable IP forwarding on the VLAN? Do a 'show VLAN vlan11' and check

show iproute

Ori Destination Gateway Mtr Flags VLAN Duration
#s Default Route 192.168.0.2 1 UG---S-um--f- Default 5d:22h:16m:30s
d 10.90.0.0/29 10.90.0.1 1 -------um---- replication 5d:22h:16m:43s
#d 192.168.0.0/24 192.168.0.1 1 U------um--f- Default 5d:22h:16m:43s
#d 192.168.11.0/24 192.168.11.1 1 U------um--f- VLAN11 5d:6h:1m:47s
#d 192.168.100.0/24 192.168.100.1 1 U------um--f- VOICE 5d:22h:16m:43s
Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP
(ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext
(e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2
(is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp
(mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2
(oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM
(r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown
(*) Preferred unicast route (@) Preferred multicast route
(#) Preferred unicast and multicast route
Flags: (B) BlackHole, (b) BFD protection requested, (c) Compressed, (D) Dynamic
(f) Provided to FIB, (G) Gateway, (H) Host Route, (L) Matching LDP LSP
(l) Calculated LDP LSP, (3) L3VPN Route, (m) Multicast, (P) LPM-routing
(p) BFD protection active, (R) Modified, (S) Static, (s) Static LSP
(T) Matching RSVP-TE LSP, (t) Calculated RSVP-TE LSP, (u) Unicast, (U) Up
MPLS Label: (S) Bottom of Label Stack
Mask distribution:
1 default routes 3 routes at length 24
1 routes at length 29
Route Origin distribution:
4 routes from Direct 1 routes from Static
Total number of routes = 5
Total number of compressed routes = 0
I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

You can do a "show port info detail" and compare a working/non-working port. Also, since you have IP's on all the VLAN's, try a "sho iparp" and see if it's listing any errors on the right hand side, toward the bottom/middle.
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Port: 1:41
Virtual-router: VR-Default
Type: UTP
Random Early drop: Unsupported
Admin state: Enabled with auto-speed sensing auto-duplex
Link State: Active, 1Gbps, full-duplex
Link Ups: 24 Last: Tue Jul 17 19:02:11 2018
Link Downs: 23 Last: Tue Jul 17 19:02:07 2018
VLAN cfg:
Name: VOICE, 802.1Q Tag = 10, MAC-limit = No-limit, Virtual router: VR-Default
Name: VLAN11, Internal Tag = 11, MAC-limit = No-limit, Virtual router: VR-Default
STP cfg:
Protocol:
Name: VLAN11 Protocol: ANY Match all protocols.
Trunking: Load sharing is not enabled.
EDP: Enabled
ELSM: Disabled
Ethernet OAM: Disabled
Learning: Enabled
Unicast Flooding: Enabled
Multicast Flooding: Enabled
Broadcast Flooding: Enabled
Jumbo: Disabled
Flow Control: Rx-Pause: Enabled Tx-Pause: Disabled
Priority Flow Control: Disabled
Reflective Relay: Disabled
Link up/down SNMP trap filter setting: Enabled
Egress Port Rate: No-limit
Broadcast Rate: No-limit
Multicast Rate: No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile: None configured
Ingress Rate Shaping : Unsupported
Ingress IPTOS Examination: Disabled
Ingress 802.1p Examination: Enabled
Ingress 802.1p Inner Exam: Disabled
Egress IPTOS Replacement: Disabled
Egress 802.1p Replacement: Disabled
NetLogin: Disabled
NetLogin port mode: Port based VLANs
Smart redundancy: Enabled
Software redundant port: Disabled
IPFIX: Disabled Metering: Ingress, All Packets, All Traffic
IPv4 Flow Key Mask: SIP: 255.255.255.255 DIP: 255.255.255.255
IPv6 Flow Key Mask: SIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
DIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
auto-polarity: Enabled
Shared packet buffer: default
VMAN CEP egress filtering: Disabled
PTP Configured: Disabled
Time-Stamping Mode: None

show port 2:13 info detail
Port: 2:13
Virtual-router: VR-Default
Type: UTP
Random Early drop: Unsupported
Admin state: Enabled with auto-speed sensing auto-duplex
Link State: Active, 1Gbps, full-duplex
Link Ups: 25 Last: Tue Jul 17 19:12:34 2018
Link Downs: 24 Last: Tue Jul 17 19:12:31 2018
VLAN cfg:
Name: Default, 802.1Q Tag = 1, MAC-limit = No-limit, Virtual router: VR-Default
Name: VOICE, 802.1Q Tag = 10, MAC-limit = No-limit, Virtual router: VR-Default
STP cfg:
Protocol:
Trunking: Load sharing is not enabled.
EDP: Enabled
ELSM: Disabled
Ethernet OAM: Disabled
Learning: Enabled
Unicast Flooding: Enabled
Multicast Flooding: Enabled
Broadcast Flooding: Enabled
Jumbo: Disabled
Flow Control: Rx-Pause: Enabled Tx-Pause: Disabled
Priority Flow Control: Disabled
Reflective Relay: Disabled
Link up/down SNMP trap filter setting: Enabled
Egress Port Rate: No-limit
Broadcast Rate: No-limit
Multicast Rate: No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile: None configured
Ingress Rate Shaping : Unsupported
Ingress IPTOS Examination: Disabled
Ingress 802.1p Examination: Enabled
Ingress 802.1p Inner Exam: Disabled
Egress IPTOS Replacement: Disabled
Egress 802.1p Replacement: Disabled
NetLogin: Disabled
NetLogin port mode: Port based VLANs
Smart redundancy: Enabled
Software redundant port: Disabled
IPFIX: Disabled Metering: Ingress, All Packets, All Traffic
IPv4 Flow Key Mask: SIP: 255.255.255.255 DIP: 255.255.255.255
IPv6 Flow Key Mask: SIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
DIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
auto-polarity: Enabled
Shared packet buffer: default
VMAN CEP egress filtering: Disabled
PTP Configured: Disabled
Time-Stamping Mode: None
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Whoops, wrong port.
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

So, you have a mismatch there. The untagged ports are the ones listed with "internal tag". The second port you list is a trunk port with only "tagged" vlans. It sounds like that's not what you're looking for.
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Yeah, that port was previously one of the ones I was working on. Working on getting updated config.

Here is the arp errors:

Dynamic Entries : 160 Static Entries : 0
Pending Entries : 0
In Request : 5151717 In Response : 39365
Out Request : 368235 Out Response : 466309
Failed Requests : 55332
Proxy Answered : 0
Rx Error : 0 Dup IP Addr : 0.0.0.0
Rejected Count : 344344 Rejected IP : 169.254.101.108
Rejected Port : 2:41 Rejected I/F : Default
Max ARP entries : 8192 Max ARP pending entries : 256
ARP address check: Enabled ARP refresh : Enabled
Timeout : 20 minutes ARP Sender-Mac Learning : Disabled
Retransmit Time : 1000 milliseconds
Reachable Time : 900000 milliseconds (Auto)
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Interesting. Port 2:41 saw an IP that did not match the VLAN on that port. It's probably just because your DHCP is not getting out and/or back.
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Port: 2:13
Virtual-router: VR-Default
Type: UTP
Random Early drop: Unsupported
Admin state: Enabled with auto-speed sensing auto-duplex
Link State: Active, 1Gbps, full-duplex
Link Ups: 26 Last: Tue Jul 17 19:20:45 2018
Link Downs: 25 Last: Tue Jul 17 19:20:42 2018
VLAN cfg:
Name: Default, 802.1Q Tag = 1, MAC-limit = No-limit, Virtual router: VR-Default
Name: VOICE, 802.1Q Tag = 10, MAC-limit = No-limit, Virtual router: VR-Default
Name: VLAN11, Internal Tag = 11, MAC-limit = No-limit, Virtual router: VR-Default
STP cfg:
Protocol:
Name: VLAN11 Protocol: ANY Match all protocols.
Trunking: Load sharing is not enabled.
EDP: Enabled
ELSM: Disabled
Ethernet OAM: Disabled
Learning: Enabled
Unicast Flooding: Enabled
Multicast Flooding: Enabled
Broadcast Flooding: Enabled
Jumbo: Disabled
Flow Control: Rx-Pause: Enabled Tx-Pause: Disabled
Priority Flow Control: Disabled
Reflective Relay: Disabled
Link up/down SNMP trap filter setting: Enabled
Egress Port Rate: No-limit
Broadcast Rate: No-limit
Multicast Rate: No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile: None configured
Ingress Rate Shaping : Unsupported
Ingress IPTOS Examination: Disabled
Ingress 802.1p Examination: Enabled
Ingress 802.1p Inner Exam: Disabled
Egress IPTOS Replacement: Disabled
Egress 802.1p Replacement: Disabled
NetLogin: Disabled
NetLogin port mode: Port based VLANs
Smart redundancy: Enabled
Software redundant port: Disabled
IPFIX: Disabled Metering: Ingress, All Packets, All Traffic
IPv4 Flow Key Mask: SIP: 255.255.255.255 DIP: 255.255.255.255
IPv6 Flow Key Mask: SIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
DIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
auto-polarity: Enabled
Shared packet buffer: default
VMAN CEP egress filtering: Disabled
PTP Configured: Disabled
Time-Stamping Mode: None
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Can you try removing everything but V11 from that port? conf def del port 2:13 | conf voice del port 2:13 and retest?
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Still nothing.

Port: 2:13
Virtual-router: VR-Default
Type: UTP
Random Early drop: Unsupported
Admin state: Enabled with auto-speed sensing auto-duplex
Link State: Active, 1Gbps, full-duplex
Link Ups: 28 Last: Tue Jul 17 19:31:06 2018
Link Downs: 27 Last: Tue Jul 17 19:31:02 2018
VLAN cfg:
Name: VLAN11, Internal Tag = 11, MAC-limit = No-limit, Virtual router: VR-Default
STP cfg:
Protocol:
Name: VLAN11 Protocol: ANY Match all protocols.
Trunking: Load sharing is not enabled.
EDP: Enabled
ELSM: Disabled
Ethernet OAM: Disabled
Learning: Enabled
Unicast Flooding: Enabled
Multicast Flooding: Enabled
Broadcast Flooding: Enabled
Jumbo: Disabled
Flow Control: Rx-Pause: Enabled Tx-Pause: Disabled
Priority Flow Control: Disabled
Reflective Relay: Disabled
Link up/down SNMP trap filter setting: Enabled
Egress Port Rate: No-limit
Broadcast Rate: No-limit
Multicast Rate: No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile: None configured
Ingress Rate Shaping : Unsupported
Ingress IPTOS Examination: Disabled
Ingress 802.1p Examination: Enabled
Ingress 802.1p Inner Exam: Disabled
Egress IPTOS Replacement: Disabled
Egress 802.1p Replacement: Disabled
NetLogin: Disabled
NetLogin port mode: Port based VLANs
Smart redundancy: Enabled
Software redundant port: Disabled
IPFIX: Disabled Metering: Ingress, All Packets, All Traffic
IPv4 Flow Key Mask: SIP: 255.255.255.255 DIP: 255.255.255.255
IPv6 Flow Key Mask: SIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
DIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
auto-polarity: Enabled
Shared packet buffer: default
VMAN CEP egress filtering: Disabled
PTP Configured: Disabled
Time-Stamping Mode: None
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Still nothing.

Port: 2:13
Virtual-router: VR-Default
Type: UTP
Random Early drop: Unsupported
Admin state: Enabled with auto-speed sensing auto-duplex
Link State: Active, 1Gbps, full-duplex
Link Ups: 28 Last: Tue Jul 17 19:31:06 2018
Link Downs: 27 Last: Tue Jul 17 19:31:02 2018
VLAN cfg:
Name: VLAN11, Internal Tag = 11, MAC-limit = No-limit, Virtual router: VR-Default
STP cfg:
Protocol:
Name: VLAN11 Protocol: ANY Match all protocols.
Trunking: Load sharing is not enabled.
EDP: Enabled
ELSM: Disabled
Ethernet OAM: Disabled
Learning: Enabled
Unicast Flooding: Enabled
Multicast Flooding: Enabled
Broadcast Flooding: Enabled
Jumbo: Disabled
Flow Control: Rx-Pause: Enabled Tx-Pause: Disabled
Priority Flow Control: Disabled
Reflective Relay: Disabled
Link up/down SNMP trap filter setting: Enabled
Egress Port Rate: No-limit
Broadcast Rate: No-limit
Multicast Rate: No-limit
Unknown Dest Mac Rate: No-limit
QoS Profile: None configured
Ingress Rate Shaping : Unsupported
Ingress IPTOS Examination: Disabled
Ingress 802.1p Examination: Enabled
Ingress 802.1p Inner Exam: Disabled
Egress IPTOS Replacement: Disabled
Egress 802.1p Replacement: Disabled
NetLogin: Disabled
NetLogin port mode: Port based VLANs
Smart redundancy: Enabled
Software redundant port: Disabled
IPFIX: Disabled Metering: Ingress, All Packets, All Traffic
IPv4 Flow Key Mask: SIP: 255.255.255.255 DIP: 255.255.255.255
IPv6 Flow Key Mask: SIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
DIP: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
auto-polarity: Enabled
Shared packet buffer: default
VMAN CEP egress filtering: Disabled
PTP Configured: Disabled
Time-Stamping Mode: None
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

grrr... I hate stuff like this. It's got to be something really stupid. Now I'm banging my head against the wall too!
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Yeah, I don't get it. Very bizarre behavior.
This was all working and then I came to work last week and my coworker said certain PCs weren't working. Found out it was all VLAN11 PCs. Checked switch and everything looked good. Checked some more settings in the switch via web GUI about an hour later and the whole VLAN was gone. Just deleted. I suspected something is failing but hard to tell at this point.
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

Only other thing I'm seeing in the configs is the application of jumbo ports on a handful of them. Usually, you'd want jumbo on all or nothing as you can get frames back that are too large for the end device to understand. Everything else really looks pretty straightforward.
Userlevel 4
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

There is a report from the past of someone setting intervlan routing off using SNMP SET, but I'm not sure if you're someone who might be targeted by something like that. It sets an OID which in turn turns off routing. Describing the way some stuff is going away over time - could it be malicious?
IT-SA wrote:

I should mention that ports 1:41 and 2:30 are currently working. I thought I had it figured out last week but all the other ports I try to enable as VLAN11 seems to fail to pull DHCP IP.
I can ping them from a VLAN1 PC too.

I really don't think so but you never know. I checked the security log on the switch and didn't see anything out of line. Just me and my coworker IPs showed up.

Reply