TTL expired in transit!


Userlevel 1
Hi Friends,

Good day.

I have problem with Inter-Vlan.

Our goal is PC1 must communicate to PC2 with different VLANs. same as PC2 to PC1.

We followed this link below as guide. https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-enable-inter-VLAN-routing-in-EXOS

But seems inter-VLAN is not working because PC1 not successfully PING the PC2, same as PC2 to PC1. When we tried to ping each PC the ping is "TTL expired transit". but zero packet loss.
We tried this set up to our X440-G2. with the same configurations with the above GTAC link guide.

Thanks,

Resolut1on

16 replies

Userlevel 1
Did you Enable the Ip forwarding Globally?
Are you able to ping the gateway from both PC?
If you are not able to ping the Gateway switch off the Window firewall and try once.
Userlevel 1
Aman wrote:

Did you Enable the Ip forwarding Globally?
Are you able to ping the gateway from both PC?
If you are not able to ping the Gateway switch off the Window firewall and try once.

Yes, I already enable the ipforwarding from both VLAN, turn off the firewall of both PC.
PC1 10.10.10.10 can only ping 10.10.10.1 gateway.
PC2 20.20.20.20 can only ping 20.20.20.1 gateway
Userlevel 1
Aman wrote:

Did you Enable the Ip forwarding Globally?
Are you able to ping the gateway from both PC?
If you are not able to ping the Gateway switch off the Window firewall and try once.

You have to enable IPFORWARDING GLOBALLY Also.
else check the ACLs.
Userlevel 1
Aman wrote:

Did you Enable the Ip forwarding Globally?
Are you able to ping the gateway from both PC?
If you are not able to ping the Gateway switch off the Window firewall and try once.

Hi Aman, I already configured the "#enable ipforwarding"

I also following the GTAC guide on the link above.

concern not yet resolve.
Userlevel 7
Cool story, but not many technical infromation included, how about a network diagram and the config of the switch or at least a screenshot of "show vlan".

Are you able to ping the PCs from the switch, please provide also a screenshot of the results.
Userlevel 1
Ron wrote:

Cool story, but not many technical infromation included, how about a network diagram and the config of the switch or at least a screenshot of "show vlan".

Are you able to ping the PCs from the switch, please provide also a screenshot of the results.

Hi,

Please see screenshots below:











Userlevel 3
Does the swith pass traffic in 1 vlan? I know there was a glitch on some switches that the default config had unicast fordwarding disabled. If we has all output from show config we could see that If you can not find any other culperate... Back on the x450 (g1) the ttl can be changed in switch via snmp command. I had this with a used switch once, eveything looked on except the ttl was reduced to far. To be usable. And is not visable in show config And as far as i know this did not set back when the switch qas defaulted. You have to use an snmp tool to reset the value. I will look for the doc on that and share.
Userlevel 1
David Rahn wrote:

Does the swith pass traffic in 1 vlan? I know there was a glitch on some switches that the default config had unicast fordwarding disabled. If we has all output from show config we could see that If you can not find any other culperate... Back on the x450 (g1) the ttl can be changed in switch via snmp command. I had this with a used switch once, eveything looked on except the ttl was reduced to far. To be usable. And is not visable in show config And as far as i know this did not set back when the switch qas defaulted. You have to use an snmp tool to reset the value. I will look for the doc on that and share.

Thanks David, did you already found the doc? Even default vlan cannot pass through other vlan.

Inter-vlan routing not working
Userlevel 3
David Rahn wrote:

Does the swith pass traffic in 1 vlan? I know there was a glitch on some switches that the default config had unicast fordwarding disabled. If we has all output from show config we could see that If you can not find any other culperate... Back on the x450 (g1) the ttl can be changed in switch via snmp command. I had this with a used switch once, eveything looked on except the ttl was reduced to far. To be usable. And is not visable in show config And as far as i know this did not set back when the switch qas defaulted. You have to use an snmp tool to reset the value. I will look for the doc on that and share.

https://community.extremenetworks.com/extreme/topics/time_to_live_exceeded The comments under that question has the info i used to determine if this is the issue. You should post whole config for best help
Userlevel 1
David Rahn wrote:

Does the swith pass traffic in 1 vlan? I know there was a glitch on some switches that the default config had unicast fordwarding disabled. If we has all output from show config we could see that If you can not find any other culperate... Back on the x450 (g1) the ttl can be changed in switch via snmp command. I had this with a used switch once, eveything looked on except the ttl was reduced to far. To be usable. And is not visable in show config And as far as i know this did not set back when the switch qas defaulted. You have to use an snmp tool to reset the value. I will look for the doc on that and share.

* X440G2-12p-10G4.23 # show configuration
#
# Module devmgr configuration.
#
configure snmp sysContact "support@extremenetworks.com, +1 888 257 3000"
configure sys-recovery-level switch reset

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-16
configure vr VR-Default add ports 1-16
configure vlan default delete ports 1-2
create vlan "v10"
configure vlan v10 tag 10
create vlan "v20"
configure vlan v20 tag 20
configure vlan Default add ports 3-16 untagged
configure vlan v10 add ports 1 untagged
configure vlan v20 add ports 2 untagged
configure vlan v10 ipaddress 10.10.10.1 255.255.255.0
enable ipforwarding vlan v10
configure vlan v20 ipaddress 20.20.20.1 255.255.255.0
enable ipforwarding vlan v20

#
# Module mcmgr configuration.
#

#
# Module fdb configuration.
#

#
# Module rtmgr configuration.
#

#
# Module policy configuration.
#

#
# Module aaa configuration.
#

#
# Module acl configuration.
#

#
# Module bfd configuration.
#

#
# Module cfgmgr configuration.
#

#
# Module dosprotect configuration.
#

#
# Module dot1ag configuration.
#

#
# Module eaps configuration.
#

Press to continue or to quit:
#
# Module edp configuration.
#

#
# Module elrp configuration.
#

#
# Module ems configuration.
#

#
# Module epm configuration.
#

#
# Module erps configuration.
#

#
# Module esrp configuration.
#

Press to continue or to quit:
#
# Module ethoam configuration.
#

#
# Module etmon configuration.
#

#
# Module exsshd configuration.
#

#
# Module hal configuration.
#

#
# Module idMgr configuration.
#

#
# Module ipSecurity configuration.
#
Press to continue or to quit:

#
# Module ipfix configuration.
#

#
# Module lldp configuration.
#

#
# Module mrp configuration.
#

#
# Module msdp configuration.
#

#
# Module netLogin configuration.
#

#
# Module netTools configuration.
#

#
# Module ntp configuration.
#

#
# Module poe configuration.
#

#
# Module rip configuration.
#

#
# Module r.png configuration.
#

#
# Module snmpMaster configuration.
#

#
# Module stp configuration.
#
Press to continue or to quit:

#
# Module techSupport configuration.
#

#
# Module telnetd configuration.
#

#
# Module tftpd configuration.
#

#
# Module thttpd configuration.
#

#
# Module twamp configuration.
#

#
# Module vmt configuration.
#

#
# Module vsm configuration.
#
* X440G2-12p-10G4.24 #
* X440G2-12p-10G4.24 #
Userlevel 6
The TTL transmit expired reply is from 116.50.128.1, is this a device in the network?
Can you check if there is some mis-configuration in the routing part?

show configuration "rtmgr" could be helpful here
Userlevel 3
Your PC looks like it doesn't have a route for 20.20.20.0/24. And the other PC doesn't have a route for 10.10.10.0/24, even though you have it set. I think the packets are going out to the Internet and then timing out there.

do a 'route print' on both PCs, that should show what's happening with the routing.

Paul.
Userlevel 3
Karthik Mohandoss wrote:

The TTL transmit expired reply is from 116.50.128.1, is this a device in the network?
Can you check if there is some mis-configuration in the routing part?

show configuration "rtmgr" could be helpful here

Good catch... i wonder now if he doesn't have the gateways set on the nics in the pc. And if he has a secind nic (wifi) on on them...
Userlevel 1
Paul Thornton wrote:

Your PC looks like it doesn't have a route for 20.20.20.0/24. And the other PC doesn't have a route for 10.10.10.0/24, even though you have it set. I think the packets are going out to the Internet and then timing out there.

do a 'route print' on both PCs, that should show what's happening with the routing.

Paul.

Hi Paul,

I disabled my wireless connection now. The PC1 and PC2 not on the network now. But still PC1 cannot ping PC2, same as PC2 to PC1.



Userlevel 1
Karthik Mohandoss wrote:

The TTL transmit expired reply is from 116.50.128.1, is this a device in the network?
Can you check if there is some mis-configuration in the routing part?

show configuration "rtmgr" could be helpful here

I disabled my wireless connection now. The PC1 and PC2 not on the network now. But still PC1 cannot ping PC2, same as PC2 to PC1.







Userlevel 1
Hi Friends,

Good day!

I give you update.

Now I can ping from both PC1 and PC2 the both gateway.

But PC1 and PC2 cannot yet ping each other.

PC1 10.10.10.10 can PING 10.10.10.1 and 20.20.20.1
PC2 20.20.20.20 can PING 20.20.20.1 and 10.10.10.1

Thanks,

Resolut1on

Reply