Saturday, December 4, 2021

ICX 6610-48P does not route between VLANs

Hi all,

I am transitioning over from Cisco to Brocade, and I am having some confusion. I added my VLANs, added router interfaces to each of them, and added my ports. I am able to ping connected devices from my switch, but am unable to ping the devices from devices in other VLANs, and it doesn't seem to be routing the traffic between them.

Say I have a device in vlan 1 (192.168.21.2), I can't ping the device in VLAN 2 (200.1.1.2) from that first device, while the switch is able to ping both. I also can't ping any of my router interfaces from (192.168.21.2). How do I get the switch to route between my VLANs? Do I have to enable routing? (I read that all you need is the correct firmware). My show ip interface, shows that all router interfaces are part of default-vrf. Do I have to create a VRF?

Thanks for the help!

show flash:

SSH@ICX6610-48P Router#sh flash Stack unit 1: Compressed Pri Code size = 10545591, Version:08.0.30uT7f3 (FCXR08030u.bin) Compressed Sec Code size = 7762230, Version:08.0.30nT7f1 (FCXS08030n.bin) Compressed Boot-Monitor Image size = 370695, Version:10.1.00T7f5 Code Flash Free Space = 46399488

show ip route:

SSH@ICX6610-48P Router#sh ip route Total number of IP routes: 9 Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric BGP Codes - i:iBGP e:eBGP OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 Destination Gateway Port Cost Type Uptime 1 10.0.5.0/24 DIRECT ve 5 0/0 D 58m7s 2 10.0.6.0/24 DIRECT ve 6 0/0 D 58m7s 3 10.0.8.0/24 DIRECT ve 8 0/0 D 58m7s 4 10.0.100.0/24 DIRECT ve 100 0/0 D 58m7s 5 10.0.102.0/24 DIRECT ve 102 0/0 D 52m31s 6 10.0.103.0/24 DIRECT ve 103 0/0 D 58m7s 7 10.0.200.0/24 DIRECT ve 200 0/0 D 58m7s 8 192.168.21.0/24 DIRECT ve 1 0/0 D 58m7s 9 200.1.1.0/24 DIRECT ve 2 0/0 D 58m7s

show ip interface:

SSH@ICX6610-48P Router#sh ip int Interface IP-Address OK? Method Status Protocol VRF Ve 1 192.168.21.1 YES NVRAM up up default-vrf Ve 2 200.1.1.1 YES NVRAM up up default-vrf Ve 5 10.0.5.1 YES NVRAM up up default-vrf Ve 6 10.0.6.1 YES NVRAM up up default-vrf Ve 8 10.0.8.1 YES NVRAM up up default-vrf Ve 100 10.0.100.1 YES NVRAM up up default-vrf Ve 102 10.0.102.1 YES manual up up default-vrf Ve 103 10.0.103.1 YES NVRAM up up default-vrf Ve 200 10.0.200.1 YES NVRAM up up default-vrf

show run:

SSH@ICX6610-48P Router#sh run Current configuration: ! ver 08.0.30uT7f3 ! stack unit 1 module 1 icx6610-48p-poe-port-management-module module 2 icx6610-qsfp-10-port-160g-module module 3 icx6610-8-port-10g-dual-mode-module stack disable ! ! ! ! vlan 1 name DEFAULT-VLAN by port router-interface ve 1 ! vlan 2 name SwitchRoutedTraffic by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 2 ! vlan 3 name down-stream1 by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 4 name down-stream2 by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 5 name med-trusted-users by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 5 ! vlan 6 name low-trust-users by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 6 ! vlan 7 name iot-users by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 8 name guest-users by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 8 ! vlan 10 name static-external by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 11 name web-proxy by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 12 name external-dc-joined by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 20 name internal-services by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 21 name vdi by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 22 name uag by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 23 name automation by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 60 name 5GDev by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 70 name med-trust-lab by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 71 name lab2 by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 80 name low-trust-lab by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 90 name k8s-cluster by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 100 name management by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 100 ! vlan 101 name management-vpn by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 102 name dedicated-management by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 untagged ethe 1/1/9 ethe 1/1/21 ethe 1/1/48 router-interface ve 102 ! vlan 103 name power-control by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 103 ! vlan 104 name wifi-control by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 105 by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 200 name data-fabric by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 router-interface ve 200 ! vlan 201 name user-vpn by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! vlan 248 name vuln-scanner by port tagged ethe 1/1/5 to 1/1/8 ethe 1/1/17 to 1/1/20 ethe 1/1/40 to 1/1/43 ethe 1/1/47 ethe 1/3/1 to 1/3/2 ! ! ! ! ! aaa authentication web-server default local aaa authentication login default local console timeout 30 enable super-user-password ..... enable aaa console enable user password-masking no fast port-span ip dhcp-client disable ! no telnet server username AridDay-local password ..... password-change any cdp run fdp run ! ! web-management https web-management frame bottom web-management page-menu ! ! ! ! ! ! ! interface ethernet 1/3/1 speed-duplex 10G-full ! interface ethernet 1/3/2 speed-duplex 10G-full ! interface ethernet 1/3/3 speed-duplex 10G-full ! interface ethernet 1/3/4 speed-duplex 10G-full ! interface ethernet 1/3/5 speed-duplex 10G-full ! interface ethernet 1/3/6 speed-duplex 10G-full ! interface ethernet 1/3/7 speed-duplex 10G-full ! interface ethernet 1/3/8 speed-duplex 10G-full ! interface ve 1 ip address 192.168.21.1 255.255.255.0 ! interface ve 2 ip address 200.1.1.1 255.255.255.0 ! interface ve 5 ip address 10.0.5.1 255.255.255.0 ! interface ve 6 ip address 10.0.6.1 255.255.255.0 ! interface ve 8 ip address 10.0.8.1 255.255.255.0 ! interface ve 100 ip address 10.0.100.1 255.255.255.0 ! interface ve 102 ip address 10.0.102.1 255.255.255.0 ! interface ve 103 ip address 10.0.103.1 255.255.255.0 ! interface ve 200 ip address 10.0.200.1 255.255.255.0 ! ! ! ! ! lldp run ! ! ip ssh timeout 30 ip ssh idle-time 20 ! ! end


at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)