Welcome to the second article in the troubleshooting series, where we are presented with different troubleshooting scenarios and asked to resolve the issues. The scenario in this lab will focus on sub-sections 7.3 and 7.11 of the CCNA R&S exam topics will deal with troubleshooting VLANs and inter-VLAN routing.
We will be using the following setup for this troubleshooting scenario:
The PCs are in VLAN 10 while the server is in VLAN 20. The router is used to provide inter-VLAN routing. Your task is to ensure that there is communication among all the end devices; i.e., hosts and server.
Two files are attached to this article:
trblsht_vlan_init.pkt: This Packet Tracer file contains the lab setup with various configuration issues.
trblsht_vlan_final.pkt: This Packet Tracer file contains the lab with the issues resolved.
Troubleshooting Scenario Resolution
Unlike the previous scenario, the lab diagram presented in this article does not contain detailed information such as IP addresses and default gateways; there is only a high-level description of the problem. Therefore, one place to start will be to familiarize yourself with the network and you can come up with a table such as the one below:
IP Address (if any)
This table will act as a quick reference guide during our troubleshooting. Of course you don’t need to come up with a table such as this–you may prefer to print out the network diagram and write out the interface/IP address.
Before we begin troubleshooting inter-VLAN routing, let’s first check that there is intra-VLAN connectivity, i.e., between PC1 and PC2. So I will ping from PC1 to PC2:
As you can see, the ping was unsuccessful; therefore, let’s confirm that the interfaces on the switches connecting both PCs are in their right VLAN. The easiest command to use will be show vlan brief, although you can also use show vlan id and show interface switchport:
The good thing about the show vlan brief command is that not only does it show us what ports are in what VLANs, it also lets us know that the VLAN exists. Since both ports are in their right VLAN, then we need to continue troubleshooting.
Hint: One thing I find helpful when troubleshooting VLAN issues is if the switch itself has an IP address on its VLAN interface. If it doesn’t and I can configure one without causing any issue, I will configure it and remove it after the troubleshooting session.
Since the PCs are connected to different switches, this should immediately raise a red flag in your head: How are the switches connected? Ideally, the link between the switches should be a trunk link so that PC2 will also have access to the server. So let’s check the interfaces connecting the switches: we can either just view their configuration in the switch’s running configuration or use the show interface switchport command:
From the output above, we see that the Fa0/24 interfaces on both switches are in the dynamic auto mode, meaning they will not form a trunk link. One way to resolve this is to statically configure both interfaces as trunk links using the switchport mode trunk command or we can configure one interface as dynamic desirable and that should make the trunk form. I will use the second option on Switch1:
interface FastEthernet0/24 switchport mode dynamic desirable
We can confirm the status of the trunk link using the show interfaces trunk command:
With the trunk formed, we can test by pinging from PC1 and PC2 again:
We can now move on to inter-VLAN routing. I will try to ping from PC1 to the server:
The ping is unsuccessful. Since the router is the one responsible for inter-VLAN routing, let’s check the relevant configuration on the router:
From the configuration, we see that the router only has configuration for VLAN 10 and not for VLAN 20. Therefore we need to add the configuration for VLAN 20:
interface GigabitEthernet0/0.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0
Even with this configuration, if we try the ping again from PC1 to the server, it won’t work, so we need to look deeper. A good place to look will be the configuration on the switch interface to which the router is connected:
For inter-VLAN routing using a router (also called “router on a stick”) to work, the switch interface to which the router is connected must be a trunk port. However, since the router does not support trunk negotiation, the switch must be manually configured as a trunk port using the switchport mode trunk command. Therefore, we need to add the following configuration on Switch1:
interface GigabitEthernet0/1 switchport mode trunk
However, even after this configuration, we again meet with disappointment as the ping between PC1 and the server still fails. Therefore, let’s take a look at the configuration on the interface that connects the server to the switch:
Everything seems to be fine there, so let’s use the show interfaces switchport command:
In the highlighted section of the output above, we see the “Inactive” keyword on the Access Mode VLAN. This tells us that the VLAN to which the port belongs to has been deleted. If we look at the output of the show vlan brief again, we will also notice that VLAN 20 is not listed there:
Therefore, we need to re-create this VLAN simply by using the following command from global configuration mode: vlan 20.
With this configuration, if we try to ping from PC1 to the Server, the ping should be successful:
Since the lab task requires that there is connectivity among all devices, let us confirm that PC2 can also ping the server:
This brings us to the end of the lab where we have looked at how to troubleshoot VLAN and inter-VAN routing issues. I hope you have found this article helpful.
Troubleshooting Switch Port and Interface Problems: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/12027-53.html#inact