Ugh. I was hoping there would be something obvious. I already have what
you suggest - a "router on a stick" configuration with the vlans combined
in an 802.1Q trunk to the router. Here's a picture:
|--------------| |--------------|
| oreilly.net |------|vlan5 |
|--------------| | |
| |
|--------------| | |
| colophon.net |------|vlan6 s |
|--------------| | 2 w | 802.1Q | one interface
| 9 i |============| "router-on-a-stick"
|--------------| | 5 t | vlan5-8 | ix86 running linux
| zoo.net |------|vlan8 0 c |
|--------------| | h |
| |
|--------------| | |
| safari.net |------|vlan7 |
|--------------| |--------------|
|
-----
3600 router
loopback address
10.0.0.5
-----
| | |
big
network
cloud
I would like to be able to telnet from any of the networks to maintain the
switch, but can't. 10.0.0.6 is the address of the switch, and it is
currently assigned to vlan 7. The 3600 router has 10.0.0.6 in its routing
table as a directly connected address. The linux router has the four local
networks in its routing table, with the 3600 router as the default router.
The linux "router-on-a-stick" can ping 10.0.0.6, presumably because it
sends the packet to its default router, the 3600, which then routes the
packet back to the switch. The 3600 can also ping 10.0.0.6, as expected.
However, when a box on oreilly.net pings 10.0.0.6, a sniffer sees the ping
on the vlan5 line, but another sniffer sees nothing on the 802.1Q trunk
wire and, of course, the ping is not successful. On the other hand, when a
box on oreilly.net pings 10.0.0.5, it does so successfully. Wierd.
I've also tried putting 10.0.0.6 in the linux router's table, with no
apparent change in behavior. Presumably, the linux router sends packets
directly to the switch instead of making one hop through the 3600, but
pings still don't get from oreilly.net to the switch.
Anyone know why the switch isn't forwarding 10.0.0.6 packets to the linux
router?
DeVoe, Charles (PKI wrote:
> You will need routing between the VLANs. If this is done via the uplink
> you
> will also need to do some trunking. Hope this helps.
>
> -----Original Message-----
> From: J. Johnson [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 25, 2003 5:06 PM
> To: [EMAIL PROTECTED]
> Subject: 2950 telnet access is lost after vlans [7:63789]
>
>
> I've lost some telnet access to my 2950 after implementing vlans.
>
> Before - Address 10.0.0.6 was available on vlan 1, which was the default
> vlan for all ports. telnet was possible into the switch from machines
> connected to any port.
>
> After - Created several vlans (5, 6, 7, and 8) and split the ports among
> them. Now when I do:
> switch(config)#interface vlan 5
> switch(config-if)#ip address 10.0.0.6 255.255.255.0
> switch(config-if)#no shutdown
> the vlan interface that was previously up shuts down and only boxes
> connected to the ports in vlan 5 are able to telnet into the switch.
>
> Is there a way to allow boxes on ports assigned to other vlans to telnet
> into the switch at 10.0.0.6?
>
> James
> Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63894&t=63789
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
