Unable To Ping Dlink Switch

Unable to ping/telnet to management interface of switch
Answered Question
Charlie Jones 3 years ago

Good morning,
A couple of weeks ago we upgraded about 50 access layer switches at a branch office. All of
them are WS-3560-24PS. The switches were upgraded to IOS 12.2(55)SE6. Once the update
was completed, all of the switches were reloaded to complete the upgrade. One of the 50
switches showed up in our monitoring application as being down after the reload. We had
someone at the office plug in a laptop so we could console into it and the switch
configuration looked correct. The switch is working normally (PC's and phones working
normally), but we cannot ping or telnet into this one switch. Below is a breakdown of this
site in terms of topology:
Core - 2 6509
Distribution - 2 3750g
Access - 3560 switches
Layer two looks to be running normally in that vtp is being updated and cdp is working as
well. The trunk interfaces from this switch to the distribution layer switch are up (each gig
interface on this 3560 goes to one of the 3705g switches).
On this switch, I have erased the config and deleted the vlan.dat. I reapplied the config and
re-enabled VTP and this switch is still not accessible. Any suggestions?
I should mention that the management interface is vlan 1. I have tried giving this
management interface a different IP address in case there was a duplicate IP and that does not
work. Other switches that were upgraded and connect up into this 3750g stack work fine.
I have this problem too.
0 votes
Correct Answer by stephen.stack about 2 years 5 months ago
Charlie
thats great news, but unfortunate in a way that it was not found eariler
Not my text but the; vlan dot1q tag native which will prevent the double-encapsulation
attacks. This command globally works on all switchport trunks on that entire Ethernet
switch. This command will make sure that the native VLAN is always tagged on every trunk
on the switch. This is a great best practice and takes care of the issue with a single
command. This command should be entered in every switch in the campus." (my bold)
This caused every untagged ingress frame is dropped, so the traffic replies were not reaching
the control plane of the switch.
==========================
http://www.rConfig.com
A free, open source network device configuration management tool, customizable to your
needs!
- Always vote on an answer if you found it helpful
See correct answer in context
Overall Rating: 0 (1 ratings)
Log in or register to post comments
Share:
Replies
Collapse all
Recent replies first
stephen.stack 3 years ago
Hi
Can the switch ping out to the network? is the ip default-gateway set?
Regards
Stephen
==========================
needs!
See More

HI,
The switch cannot ping out. The default gateway is set as well.
See More
can you provide partial relevant configuration? Also, try a debug ip icmp when pinging it to
see if the icmp packets are reaching the switch
Regards
==========================
needs!
See More

I enabled ICMP debugging. I pinged the switch from another switch in this IDF and nothing
shows in the log of the failed switch.
Interface Vlan1
ip address 10.19.0.112 255.255.255.0
ip default-gateway 10.19.0.1
ip classless
glen.grant 3 years ago
Make sure ip routing is not turned on the 3560, otherwise the default gateway statement is
no good. If routing is turned on then you would need a default static route pointing to the
3750 gateway address for that vlan and get rid of the default gateway statement. Is this
switch trunked or just an access port ? Check trunk setup , native vlan for trunk etc... You
should be able to get to the switch from 3750 even if the gateway is no good because it is
directly attached to the 3750 which is where i assume the vlan 1 subnet originates. Source
ping the switch from the vlan 1 SVI .
See More
Richard Burts 3 years ago
Perhaps the output of show ip interface brief or of show interface status might shed some
light on the issue?
I also wonder what would be in the output of show arp from the problem switch.
HTH
Rick
See More

Here is the information you requested.
Interface
IP-Address
OK? Method Status
Vlan1
10.19.0.112
YES manual up
FastEthernet0/1
unassigned
YES unset down
Protocol
up
down
FastEthernet0/2
unassigned
YES unset up
up
FastEthernet0/3
unassigned
YES unset up
up
FastEthernet0/4
unassigned
YES unset down
down
FastEthernet0/5
unassigned
YES unset down
down
FastEthernet0/6
unassigned
YES unset up
up
FastEthernet0/7
unassigned
YES unset up
up
FastEthernet0/8
unassigned
YES unset up
up
FastEthernet0/9
unassigned
YES unset up
up
FastEthernet0/10
unassigned
YES unset up
up
FastEthernet0/11
unassigned
YES unset up
up
FastEthernet0/12
unassigned
YES unset up
up
FastEthernet0/13
unassigned
YES unset up
up
FastEthernet0/14
unassigned
YES unset down
FastEthernet0/15
unassigned
YES unset up
FastEthernet0/16
unassigned
YES unset down
FastEthernet0/17
unassigned
YES unset up
up
FastEthernet0/18
unassigned
YES unset up
up
FastEthernet0/19
unassigned
YES unset down
FastEthernet0/20
unassigned
YES unset up
up
FastEthernet0/21
unassigned
YES unset up
up
FastEthernet0/22
unassigned
YES unset up
up
FastEthernet0/23
unassigned
YES unset down
FastEthernet0/24
unassigned
YES unset up
down
up
down
down
down
up
GigabitEthernet0/1
unassigned
YES unset up
up
GigabitEthernet0/2
unassigned
YES unset up
up
sh arp
Protocol Address
Age (min) Hardware Addr Type Interface
Internet 10.19.0.1
0 Incomplete
Internet 10.19.0.112
ARPA
- 001b.0c7c.1340 ARPA Vlan1
See More
Thanks for the information. It is somewhat helpful, but not enough to diagnose the full
problem. It does confirm the IP address of the VLAN interface seems to be correct.
The fact that the arp table shows incomplete for the mac address of the gateway 10.19.0.1
indicates that arp is failing to resolve the IP address to a mac address. This typically indicates
some layer 2 problem. Can you post the output of show interface status, and indentify for us
the ports on the switch that connect to the upstream switch?
HTH
Rick
You may also want to check what vlans are allowed an the upstream trunk links with a show
int trunk. Do this on both sides of the trunks from the affected switch and ensure vlan1 is
allowed
Regards
Sent from Cisco Technical Support iPhone App
See More

I think this will hit the last two questions. I compared this output to another switch that we
upgraded, and the information matches the functional switch.
Trunks on problematic switch

Gi0/1
Gi0/2
connected trunk
connected trunk
full 1000 10/100/1000BaseTX SFP

full 1000 10/100/1000BaseTX SFP
Trunk Uplink Switch 1

Gi1/0/1
connected trunk
full 1000 10/100/1000BaseTX
Trunk Uplink Switch 2

Gi1/0/2
connected trunk
full 1000 10/100/1000BaseTX
Show int trunk from problematic switch

Port
Gi0/1
Gi0/2
Mode
on
on
Encapsulation Status
Native vlan
802.1q
trunking
1
802.1q
trunking
1
Port
Gi0/1
Gi0/2
Vlans allowed on trunk

1-4094
1-4094
Port
Vlans allowed and active in management domain
Gi0/1
1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi0/2
1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi0/1
Gi0/2
Vlans in spanning tree forwarding state and not pruned

1,25,27,29,31,125,127,129,131,503,851,853,935,977,985,999,1001
26,28,30,32,126,128,130,132,830,850,984,990,998
Show int trunk from Switch 1

Port
Mode
Gi1/0/1 on
Gi1/0/2 on
Gi1/0/3 on
Gi1/0/4 on
Gi1/0/5 on
Gi1/0/6 on
Gi1/0/7 on
Gi1/0/25 on
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
Port
Gi1/0/1 1-4094
Gi1/0/2 1-4094
Gi1/0/3 1-4094
Gi1/0/4 1-4094
Gi1/0/5 1-4094
Native vlan
1
1
1
1
1
1
1
1
Gi1/0/6 1-4094
Gi1/0/7 1-4094
Gi1/0/25 1-4094
Port
Gi1/0/1 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/2 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/3 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/4 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/5 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/6 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/7 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/25 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi1/0/1 1,851,853
Gi1/0/2 1
Gi1/0/3 1,851,853
Gi1/0/4 1,851,853
Gi1/0/5 1,851,853
Gi1/0/6 1,851,853
Gi1/0/7 1,851,853
Gi1/0/25 1,25-32,125-132,503,830,850-851,853,935,977,984-985,990,998-999,1001
Show int trunk from Switch 2
Port
Mode
Gi1/0/1 on
Gi1/0/2 on
Gi1/0/3 on
Gi1/0/4 on
Gi1/0/5 on
Gi1/0/6 on
Gi1/0/7 on
Gi1/0/25 on
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
802.1q
trunking
Port
Gi1/0/1 1-4094
Gi1/0/2 1-4094
Gi1/0/3 1-4094
Gi1/0/4 1-4094
Native vlan
1
1
1
1
1
1
1
1
Gi1/0/5 1-4094
Gi1/0/6 1-4094
Gi1/0/7 1-4094
Gi1/0/25 1-4094
Port
Gi1/0/1 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/2 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/3 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/4 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/5 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/6 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/7 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi1/0/25 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi1/0/1 1,26,126,850
Gi1/0/2 1,26,126
Gi1/0/3 1,26,126,850
Gi1/0/4 1,26,126,850
Gi1/0/5 1,26,126,850
Gi1/0/6 1,26,126,850
Gi1/0/7 1,26,126,850
Gi1/0/25 1,25-32,125-132,503,830,850-851,853,935,977,984-985,990,998-999,1001
See More
Thanks for the additional information. So far it all looks reasonable (and looks like it should
be working).
Perhaps you could post the output of show cdp neighbor from the problem switch and also
from both of the upstream switches.
Where is the address 10.19.0.1 located? (on which device)
HTH
Rick
All looks ok
Not sure if this was done or can be done. But try to remove vlan 1 completely. Else default
it's config shut it down and start configuring it from scratch - bring it up only when
configured. Have had similar issues with svi's in the past
Regards
Sent from Cisco Technical Support iPhone App

See More

Below is the cdp information you requested. 10.19.0.1 resides on the core switches via hrsp.
Problematic Switch
CHI-3560-2602#sh cdp neighbors gi0/1
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID
Local Intrfce Holdtme Capability Platform Port ID
CHI-3750G-2601 Gig 0/1
126
S I WS-C3750G Gig 1/0/2
CHI-3560-2602#sh cdp neighbors gi0/2
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay
Device ID
Local Intrfce
CHI-3750G-2602 Gig 0/2
Holdtme
131
Capability Platform Port ID

S I WS-C3750G Gig 1/0/2
Trunk Switch 1
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID
Local Intrfce
CHI-3560-2601
Gig 1/0/1
Holdtme Capability Platform Port ID

173
S I WS-C3560-2Gig 0/1
Trunk Switch 2
CHI-3750G-2602#sh cdp neighbors gi1/0/2
Device ID
Local Intrfce
CHI-3560-2602
Gig 1/0/2

165
S I WS-C3560-2Gig 0/2
See More
Perhaps we have a clue about the problem. I see that from the problem switch we believe that
upstream switch 1 is using interface gi1/0/2
CHI-3750G-2601 Gig 0/1
126
S I WS-C3750G Gig 1/0/2
but on the upstream switch1 it think is it using interface Gig1/0/1

CHI-3560-2601
Gig 1/0/1
173
SI
WS-C3560-2Gig 0/1
I am not sure what causes this mismatch. But I suspect that this is related to the problem.
HTH
Rick
See More

Sorry, that was my fault. Here is the correct informaiton on the uplink switches
Switch 1
Device ID
CHI-3560-2602
Local Intrfce
Gig 1/0/2

162
SI
WS-C3560-2Gig 0/1
Switch 2
Device ID
CHI-3560-2602
Local Intrfce
Gig 1/0/2

147
SI
WS-C3560-2Gig 0/2
Or did you show the incorrect cdp neighbor on the upstream switch 1? Since the neighbor it
is reporting seems to not be the problem switch?
Trunk Switch 1
Device ID
Local Intrfce
CHI-3560-2601
Gig 1/0/1

173
S I WS-C3560-2Gig 0/1
l am now noticing that it is 3560-2601 and not 3560-2602

HTH
Rick
See More
OK. Let us take a slightly different approach. We know that part of the difficulty is that the
problematic switch is not able to arp for the 10.19.0.1 address (it shows incomplete in the arp
table). You have told us that this address is HSRP on the upstream switches. So can the
problematic switch arp (and ping) to the physical interface address (not the shared address)
on either or both of the upstream switches\?
Also I would be curious to know if the upstream switches can arp for the management
address of the problematic switch?
HTH
Rick
See More

I went to the upstream switches and attempted to ping the management IP of the problematic
switch, and that times out. When I checked the arp on the upstream switches, I see the
following:
0 001b.0c7c.1340 ARPA Vlan1
Is that what you were looking to see?

See More
Yes this is what I was looking for. It demonstrates that there is successful communication
between the upstream switch and the problematic switch. So the questions in this thread
about where interfaces configured correctly, were the trunks set up correctly, were the right
VLANs allowed on the trunk, etc are all answered now. We have successful communication.
The next test I would like to do is to see if the problematic switch can arp (and ping) to the
interface address of the upstream switch.
HTH
Rick
See More

Im unable to ping the upstream switches. Below is the arp table from the problematic switch
0 Incomplete
ARPA
0 Incomplete
ARPA
See More
I am a bit surprised at this. But I believe that it is quite helpful. Something is preventing the
switch from arp to what should be locally connected addresses. Would you turn on debug arp,
try the ping, and post the output of the debug?
It might also be helpful to turn on debug arp on the upstream switch, try ping from the
problematic switch, and post output to see if the arp gets to the upstream switch.
It would seem that either the problematic switch is not sending the arp request or that the
upstream is not sending the reply. These tests should show which it is.
HTH
Rick
See More

Here is the arp debug from the problematic switch to the DG.
CHI-3560-2602#ping 10.19.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.19.0.1, timeout is 2 seconds:
.Jan 23 08:31:01.667 CST: IP ARP: creating incomplete entry for IP address: 10.19.0.1
interface Vlan1
.Jan 23 08:31:01.667 CST: IP ARP: sent req src 10.19.0.112 001b.0c7c.1340,
dst 10.19.0.1 0000.0000.0000 Vlan1
dst 10.50.1.17 0000.0000.0000 Vlan1
.Jan 23 08:31:02.673 CST: IP ARP throttled out the ARP Request for 10.19.0.1.
dst 10.50.1.17 0000.0000.0000 Vlan1
dst 10.19.0.1 0000.0000.0000 Vlan1
.Jan 23 08:31:04.687 CST: IP ARP throttled out the ARP Request for 10.19.0.1
dst 10.19.0.1 0000.0000.0000 Vlan1.
dst 10.50.1.17 0000.0000.0000 Vlan1
dst 10.19.0.1 0000.0000.0000 Vlan1

dst 10.19.0.1 0000.0000.0000 Vlan1.
dst 10.19.0.1 0000.0000.0000 Vlan1.
dst 10.19.0.1 0000.0000.0000 Vlan1
.Jan 23 08:31:15.676 CST: IP ARP: creating incomplete entry for IP address: 10.50.1.17
interface Vlan1
dst 10.50.1.17 0000.0000.0000 Vlan1
dst 10.19.0.1 0000.0000.0000 Vlan1.
Success rate is 0 percent (0/5)
When I tried to ping the problematic switch from an upstream switch, I did not get any debug
messages.
When I pinged the DG from the problematic switch and had debugging enabled on an
upstream switch, I was seeing some log entries in the upstream switch
Jan 23 08:36:26.109 CST: IP ARP: rcvd req src 10.19.0.112 001b.0c7c.1340, dst 10.50.1.17
Vlan1
Jan 23 08:36:26.193 CST: IP ARP: rcvd req src 10.19.0.112 001b.0c7c.1340, dst 10.19.0.1
Vlan1
See More
Charlie,
I know you've rebuilt the config on the switch. Take my earlier suggestion and remove the
SVI (interface vlan 1) and re-add it if you can. as it's not working, i wont do any harm right
now.
Regards
==========================
needs!
See More

I can't remove it completely since it is vlan 1. I removed the IP address, shutdown the port,
added the IP address, and enabled the port again and it is not working. I also tried giving the
vlan interface a different IP, and i get the same result.
See More
Odd, i can remove it on some lab kit i have

LABSW#conf t
Enter configuration commands, one per line. End with CNTL/Z.
LABSW(config)#int vlan 1
LABSW(config-if)#ip add 1.1.1.1 255.255.255.0
LABSW(config-if)#no shut
LABSW#sh ip int bri
Interface
IP-Address
Vlan1
1.1.1.1
OK? Method Status

YES manual up
Protocol
up
LABSW#conf t
Enter configuration commands, one per line. End with CNTL/Z.
LABSW(config)#no int vlan 1
LABSW#sh run int vlan 1
^
% Invalid input detected at '^' marker.

LABSW#sh ip int bri
Interface
IP-Address
OK? Method Status
Protocol
==========================
needs!
paul driver 3 years ago
Charile,
From this problem switch upto the cores - where in that path are pings succesfull - what switch is able to ping
the cores?
res
Paul
See More

From the problematic switch, I can only ping its VLAN interface, I can't ping anything
upstream from it. From the upstream switches, I can ping the default gateway but not the IP
of the problematic switch.
See More
Okay from the good switch directly attached to the problem switch, and the problem switch
can you post:
Running config
sh int trunk
sh vtp status
sh ip int brief
sh vlan bri
sh cdp neighbour
res
Paul
Please don't forget to rate this post if it has been helpful.

Here you go. I cleaned it up so it wasn't as long.
UPLINK SWITCH 1
Port
Mode
Gi1/0/1 on
802.1q
trunking
Native vlan
1
Port
Gi1/0/1 1-4094
Port
Gi1/0/1 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi1/0/1 1,851,853
CHI-3750G-2601#sh vtp status
VTP Version
:2
Configuration Revision
: 235
Maximum VLANs supported locally : 1005
Number of existing VLANs
: 36
VTP Operating Mode
: Client
VTP Domain Name
: CHI
VTP Pruning Mode
: Enabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0xE5 0x68 0x65 0x50 0x48 0x2F 0x23 0x4A
Configuration last modified by 10.19.0.254 at 4-12-12 13:49:06
CHI-3750G-2601#sh ip int brief
Interface
IP-Address
OK? Method Status
Vlan1
10.19.0.109 YES NVRAM up
GigabitEthernet1/0/1 unassigned YES unset up
Protocol
up
up
#sh vlan brief

VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active Gi1/0/8, Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/17,
Gi1/0/18, Gi1/0/19
Gi1/0/20, Gi1/0/21, Gi1/0/22, Gi1/0/23, Gi1/0/24, Gi1/0/26,
Gi1/0/27, Gi1/0/28
1001 NO-ACCESS
1002 fddi-default
1003 trcrf-default
1004 fddinet-default
1005 trbrf-default
active
act/unsup
act/unsup
act/unsup
act/unsup
UPLINK SWITCH 2
#sh int trunk
Port
Mode
Gi1/0/1 on
802.1q
trunking
Port
Gi1/0/1 1-4094
Native vlan
1
Port
Gi1/0/1 1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi1/0/1 1,26,126,850
#sh vtp status
VTP Version
:2
: 235
: 36
VTP Operating Mode
: Client
VTP Domain Name
: CHI
VTP Pruning Mode
: Enabled
VTP V2 Mode
: Enabled
: Disabled
MD5 digest
: 0xE5 0x68 0x65 0x50 0x48 0x2F 0x23 0x4A
#sh ip int brief
Interface
IP-Address
OK? Method Status
Vlan1
10.19.0.110 YES NVRAM up
GigabitEthernet1/0/1 unassigned YES unset up
Protocol
up
up
#sh vlan bri

VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active Gi1/0/8, Gi1/0/9, Gi1/0/10, Gi1/0/11, Gi1/0/12, Gi1/0/13,
Gi1/0/14,
1001 NO-ACCESS
active
1002 fddi-default
act/unsup
1003 trcrf-default
act/unsup
act/unsup
1005 trbrf-default
act/unsup
Problematic Switch
#sh int trunk
Port
Gi0/1
Gi0/2
Mode
on
on
Native vlan
802.1q
trunking
1
802.1q
trunking
1
Port
Gi0/1
Gi0/2

1-4094
1-4094
Port
Gi0/1
1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Gi0/2
1,25-32,125-132,503,803-804,830,850-851,853,935,977,984-985,990,998999,1001
Port
Gi0/1
Gi0/2

1,25,27,29,31,125,127,129,131,503,851,853,935,977,985,999,1001
26,28,30,32,126,128,130,132,830,850,984,990,998
#sh vtp status

VTP Version capable
: 1 to 3
VTP version running
:2
VTP Domain Name
: CHI
VTP Pruning Mode
: Enabled
: Disabled
Device ID
: 001b.0c7c.1300
Feature VLAN:
-------------VTP Operating Mode
: Client
: 36
: 235
MD5 digest
: 0xE5 0x68 0x65 0x50 0x48 0x2F 0x23 0x4A
0xC1 0x88 0x19 0x24 0x22 0x30 0x8F 0x5B
#sh ip int brief
Interface
Vlan1
IP-Address
10.19.0.112
GigabitEthernet0/1
GigabitEthernet0/2
OK? Method Status

YES manual up
unassigned
unassigned
YES unset up
YES unset up
Protocol
up
up
up
#sh vlan bri

VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active
1001 NO-ACCESS
active
1002 fddi-default
act/unsup
1003 trcrf-default
act/unsup
act/unsup
1005 trbrf-default
act/unsup
See More
I would like to go back to my question of yesterday about arp between the problematic switch
and the upstream. The output of debug arp shows that the problematic router is generating
requests for arp for the gateway address but not receiving any response. The output of debug
arp on the upstream router shows that it receives the request from the problematic switch. It
does not seem to show that the upstream sends any response. But I am not sure how long that
debug was running. So I would ask Charlie to run debug arp on the upstream switch
(preferable the switch that is the active router in HSRP). While the debug is running then do
the ping from the problematic router. This should generate the arp request to upstream. Let
the debug run long enough to be sure whether the switch is sending a response or not.
HTH
Rick
See More
Charlie
CDP from previous posts:
Switch 1
Device ID
Local Intrfce
CHI-3560-2602
Gig 1/0/2
162
SI
WS-C3560-2Gig 0/1
Switch 2
Device ID
Local Intrfce
CHI-3560-2602
Gig 1/0/2
147
SI
WS-C3560-2Gig 0/2
Now from you current posting:

UPLINK SWITCH 1 Only one trunk interface is up
GIG1/0/1 - this is not your link to the problem switch as stated in your previous cdp post
Port
Gi1/0/1
Port
Gi1/0/1
Gi1/0/1
Mode
on
802.1q
trunking
Native vlan
1

1,851,853 Port
1,851,853
UPLINK SWITCH 2 -
Only one trunk interface shows up

GIG1/0/1 - this is not your link to the problem switch as stated in your previous cdp post
Port
Mode
Gi1/0/1
on
802.1q
trunking
Native vlan
1
Port
Gi1/0/1 1,26,126,850
Problematic Switch
#sh int trunk
Port
Gi0/1
Gi0/2
Mode
on
on
Native vlan
802.1q
trunking
1
802.1q
trunking
1
Port
Gi0/1
1,25,27,29,31,125,127,129,131,503,851,853,935,977,985,999,1001
Gi0/2
26,28,30,32,126,128,130,132,830,850,984,990,998
Port
Vlans in spanning tree forwarding state and not pruned -
Gi0/1
Gi0/2
1,25,27,29,31,125,127,129,131,503,851,853,935,977,985,999,1001
26,28,30,32,126,128,130,132,830,850,984,990,998
I can see some anomalies regards trunking and stp:

How are these two Uplink switches connected to the problem switch? I only see 1 trunk on
each uplink switch and this does not seem to be going to the problem switch?
Can you post your running config in file attachments for all 3 switches:
Please don't forget to rate this post if it has been helpful.
See More

Good morning,
It's been awhile since I've had a chance to work on this, and today I have an update of sorts.
We decided to swap out this problematic switch in the hope it was a problem with the switch.
Unfortuntely, this did not correct the problem. The problem must lie somewhere else within
this office.
Here are the configs for the trunks and the vlan interface on the problematic switch:
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
speed 1000
duplex full
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
priority-queue out
mls qos trust cos
auto qos trust
rmon collection history 10101 owner campusmanager buckets 10 interval 300
!
interface GigabitEthernet0/2

speed 1000
duplex full
queue-set 2
priority-queue out
mls qos trust cos
auto qos trust
!
interface Vlan1
ip address 10.19.0.112 255.255.255.0
!
ip default-gateway 10.19.0.1
Here is the config of switch 1 uplink that this switch trunks to
interface GigabitEthernet1/0/2
speed 1000
duplex full

queue-set 2
mls qos trust dscp
auto qos voip trust
Here is the config for the switch 2 trunk:
interface GigabitEthernet1/0/2
speed 1000
duplex full
queue-set 2
mls qos trust dscp
auto qos voip trust
To give you an idea of the network topology, it follows Cisco's practice of a
core/distribution/access model.
Core - Pair of 6509
distribution - Pair of 3750G
access- 3550 switches
At this access layer, there are other switches that are trunked up to the 3750G's, and those
switches are working normally. Also, there are PC's/phones plugged into this switch, and
those are working normally. In fact, I tested pinging one of the hosts on this switch, and I can
ping the host from somewhere else on the network. However from the problematic switch, I
cannot ping this host.
See More

Problem solved. I ended up looking at a configuration from an existing switch at this branch,
and the switch having the problem had the command "vlan dot1q tag native". As soon as I
did a no vlan dot1q tag native, the problem was gone.
See More
Correct Answer
Charlie
thats great news, but unfortunate in a way that it was not found eariler
Not my text but the; vlan dot1q tag native which will prevent the double-encapsulation
attacks. This command globally works on all switchport trunks on that entire Ethernet
switch. This command will make sure that the native VLAN is always tagged on every trunk
on the switch. This is a great best practice and takes care of the issue with a single
command. This command should be entered in every switch in the campus." (my bold)
This caused every untagged ingress frame is dropped, so the traffic replies were not reaching
the control plane of the switch.
==========================
needs!
See More

If this is configured globally, then what would have been the fix to keep this command
active? Would we need to add something to the trunk ports on this switch? Now, I'm
curious.
See More
No, i've checked it out, and i've not seen a way to disable on a per-port basis. It's all-for-one,
or none-at-all
Really gald you located the issue.
==========================
needs!

Unable To Ping Dlink Switch

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Unable To Ping Dlink Switch

Diunggah oleh

Hak Cipta:

Format Tersedia

Unable to ping/telnet to management interface of switch

Charlie Jones 3 years ago

Overall Rating: 0 (1 ratings)

Log in or register to post comments

Recent replies first

stephen.stack 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Charlie Jones 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

stephen.stack 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Charlie Jones 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

glen.grant 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Richard Burts 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Charlie Jones 3 years ago

OK? Method Status

YES unset down

YES unset down

YES unset down

YES unset down

YES unset down

YES unset down

YES unset down

Age (min) Hardware Addr Type Interface

- 001b.0c7c.1340 ARPA Vlan1

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Richard Burts 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

stephen.stack 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Charlie Jones 3 years ago

Trunks on problematic switch

full 1000 10/100/1000BaseTX SFP

Trunk Uplink Switch 1

full 1000 10/100/1000BaseTX

Trunk Uplink Switch 2

full 1000 10/100/1000BaseTX

Show int trunk from problematic switch

Vlans allowed on trunk

Vlans in spanning tree forwarding state and not pruned

Show int trunk from Switch 1

Overall Rating: 0 (0 ratings)

Log in or register to post comments

Richard Burts 3 years ago

Overall Rating: 0 (0 ratings)

Log in or register to post comments

stephen.stack 3 years ago

Sent from Cisco Technical Support iPhone App

Overall Rating: 0 (0 ratings)

Log in or register to post comments