0

[UPDATE] The problem/behavior described below was caused by the public network connection on the system -which had a default gateway. The unusual behavior was a result of the private network sending traffic through the public network. The issues disappear once the two are properly isolated.

Two subnets on the same vlan. Everything works fine within the subnets & can ping from PC/Switch in one subnet to the Switch in the other subnet. But, cannot ping from Switch/PCs in one subnet to PCs in other.

Subnet #1:
Switch1 IP: 10.20.78.1/26
PC1 IP: 10.20.78.10/26
Static route on PCs: route 10.20.78.0/26 10.20.78.1
Static route on Switch: ip route 0.0.0.0 0.0.0.0 "router 1"

Subnet #2:
Switch2 IP: 10.20.78.65/26
PC2A IP: 10.20.78.70/26
PC2B IP: 10.20.78.71/26
Static route on PCs: route 10.20.78.64/26 10.20.78.65
Static route on Switch: ip route 0.0.0.0 0.0.0.0 "router 2"

Switch #1:
Switch #1 screenshot

Switch #2:
Switch #2 screenshot

PC:
Ping on PC screenshot

Since both switches can communicate with each other, I suppose that the routers in between & the routing on the switches are fine. Windows firewall for 'echo' is open (without any scope restrictions) on all PCs. Trace route from PC/switch in subnet #1 works fine up to the switch in subnet #2, but and then timeout (& vice-versa). Am I missing something obvious, or is this strange? Appreciate pointers on how to fix this.

Improve this question

1 Answer 1

Reset to default
0

There is more to this than I feel you've included in the screenshots, because as far as I see it you have some ping successes that really should be failing; PC2A to switch 1 from the config details you included should not be working, but for some reason your last screenshot shows replies.

The issue I can see right away is the routes on your PCs:

Subnet #1: (10.20.78.0/26) ... Static route on PCs: route 10.20.78.0/26 10.20.78.1 ... Subnet #2: (10.20.78.64/26) ... Static route on PCs: route 10.20.78.64/26 10.20.78.65 ...

is incorrect. You need to route the other network through the local switch interface; ie. it should be as below:

Subnet #1: (10.20.78.0/26) ... Static route on PCs: route 10.20.78.64/26 10.20.78.1 ... Subnet #2: (10.20.78.64/26) ... Static route on PCs: route 10.20.78.0/26 10.20.78.65 ...

I suspect changing this will probably fix your issue, but that ping from PC2A to switch 1 that is working does raise some skepticism.

Run the command route print -4 from cmd on your PCs and update your question with the output and you should be able to get a more confident answer.

Improve this answer
5
  • I think you have not noticed the routing command on the switches (Switch 1: IP routing 0.0.0.0. 0.0.0.0 "router1") and hence your comment that it should not be working. The screenshots show what I get. Router 1 is connected to Switch #1 (and router 2 to switch 2, and there are a bunch of switches/routers in between Router 1 & Router 2. both routers and those in between have routing tables to direct traffic from my switch 1 to switch 2 & vice-versa). I am currently away & will get an route print -4 when get to these machines Commented Nov 29, 2022 at 2:07
  • @vasikan no the default route on the switches is fine, but on the PCs your config samples showed specific routes configured on the PCs; doesn't show what the default gateway on the PCs is. My comment that it shouldn't be working was going purely by the config that was included in the original question, assuming there was nothing else configured. Try the routing and see, if it doesn't fix, do the route print -4 and post that output Commented Nov 29, 2022 at 3:30
  • These PCs are dual-homed (with this private IP & a public IP). In my attempt to keep the post not too long (which it already was) I missed mentioning that aspect. I now recognize the error in the routing statement that you caught & understand why it still connected (the traffic was routed through the public IP address & the default gateway which is the public IP address of the same switch (which routed it to the same router). When I get to the site, I will try the new route and/or get route print -4 Commented Nov 29, 2022 at 5:54
  • Newbie question: Is the proper thing here is for me to delete the question since it was based on an incomplete premise, or leave it since the [Update] explains the issue. Commented Dec 7, 2022 at 17:47
  • @vasikan I think you're safe to leave it up, that way if anyone is having a similar issue they might find this and be able to resolve it without opening a new question. If it was a problem I think the mods would have probably flagged and closed it already. Commented Dec 7, 2022 at 18:48

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.