Inter-vlan routing problem

Mike Tancsa mike at sentex.net
Fri Aug 20 17:11:54 UTC 2010 

At 11:52 AM 8/20/2010, Xavier HUMBERT wrote:
>vlan3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>     description: Chateau
>     options=3<RXCSUM,TXCSUM>
>     ether 00:e0:81:2d:62:3e
>     inet 10.75.2.251 netmask 0xffffff00 broadcast 10.75.2.255
>     media: Ethernet autoselect (1000baseT <full-duplex>)
>     status: active
>     vlan: 30 parent interface: bge0
>vlan4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>     description: VoIP
>     options=3<RXCSUM,TXCSUM>
>     ether 00:e0:81:2d:62:3e
>     inet 10.75.3.251 netmask 0xffffff00 broadcast 10.75.3.255
>     media: Ethernet autoselect (1000baseT <full-duplex>)
>     status: active
>     vlan: 100 parent interface: bge0
>
>
>Destination        Gateway            Flags    Refs      Use  Netif Expire
>default            10.75.2.1          UGS         0    13742  vlan3
>192.168.1.0/24     link#9             U           5   234765  vlan0
>172.16.214.0/24    link#10            U           4   395054  vlan1
>192.168.0.0/24     link#11            U           1     4659  vlan2
>10.75.2.0/24       link#12            U           0     3361  vlan3
>10.75.3.0/24       link#13            U           0     2716  vlan4
>------------------------------------------------------------------------
>
>The problem is that, from the gateway itself, I can "see" all devices on all
>vlans (nmap proves this). But from my station (which is on the vlan 
>#10), I can
>access on my own vlan, and the default vlan #1. A ping or traceroute 
>to another
>machine - I tried the defaul_router, which as you can see is on vlan #30 -
>fails miserably. Tcpdump is not very helpful :
>
>------------------------------------------------------------------------
>[xavier at imac-xav ~]$ traceroute 10.75.2.1
>traceroute to 10.75.2.1 (10.75.2.1), 64 hops max, 52 byte packets
>  1  gateway (172.16.214.251)  0.697 ms  0.227 ms  0.245 ms
>  2  * * *

I dont understand, why is 10.75.2.1 going out your default interface 
? It should look for packets on the same subnet that the vlan3 interface is on

Can you do an
arp -na
and
netstat -Wnra

On the nortel switch, are you sure you have it on the equiv of a 
"trunk" port? Is there a way to see what MAC addresses the switch 
sees as part of what VLAN ?



>Is the bad cksum relevant ?

Not necessarily. It might be due to the chksum offloading of the NIC driver.

         ---Mike





--------------------------------------------------------------------
Mike Tancsa,                                      tel +1 519 651 3400
Sentex Communications,                            mike at sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada                         www.sentex.net/mike

More information about the freebsd-net mailing list