Could you please help me out here?
I have a 3850 Layer switch connected to a core switch. The core switch configured with SVI (i.e. Interface VLAN198 and Interface VLAN199). I can ping the IP address that is assigned to the SVI from the 3850 switch, but I cannot ping any device in VLAN198 or in VLAN199 from the 3850 switch.
I made sure that there is no ACL. Could you please provide me some steps on how to enable ICMP debug on the 3850 to find the root cause of the problem? Thanks!
Hello Eyad
There are a couple of things that come to mind that may help you in your troubleshooting.
First of all, you can check problems involved with routing (i.e. Layer 3). Remember that if routing is successful in one direction, it doesn’t mean that the opposite direction is also successful. So your pings may have reached their destination, but they may not be able to be sent back.
I suggest you check your routing configuration on the whole path of the transmission. Also check that the default gateway of the hosts on VLANs 198 and 199 are indeed the IP addresses of the SVIs, and that their subnet masks are corrrect. Also, make sure that the core switch (and all intervening routers if any) are updated with the routing information of both the 3850’s networks and the SVI networks.
Next, check Layer 2 issues. Check to see that your hosts on VLANs 198 and 199 are connected to access ports on those respective VLANs.
If you’re still having trouble and you want to use debugs to see if pings are reaching particular interfaces, you can take a look at this NetworkLessons note on the topic for more details.
I hope this has been helpful!
Laz
Hi Laz,
I have been told not to execute this debug command debug ip packet detail as the switch wont give you the chance to run undebug all command. Please advise!
Also, I have double checked your suggestion and I have done all of that and still no luck and that’s why I have opened this help request to see what debug option I can performed without hurting the switch!
Hello Eyad
Indeed, if your switch is a production switch serving live hosts then you are correct, you should not use this command. However, the problem you are facing is not typically resolved using debugs. Yours is a connectivity issue, that is either a layer 2 problem (i.e. VLAN assignments) or a Layer 3 problem (routing or default gateway config on hosts or incorrect subnet mask). If interVLAN routing is not working on the layer 3 switch, you may need to do some additional troubleshooting. Check out this lesson on troubleshooting intervlan routing for more info.
If you’re still having problems, I would suggest you send us a diagram of your topology, and your config so that we can help you further.
I hope this has been helpful!
Laz