2

I have had trouble searching for help on this one, as most searches for VLSM, CIDR and layer 3 switching bring back very basic questions posted by students just starting their CCNA.

I have a batch of public IPs that have been assigned to me. These come in on the end of an Ethernet cable out of the ISP's router. To keep things simple let's say that my ISP has given me a full 212.85.15.0/24 (hypothetical address). I would like to split that up into multiple distinct /28 networks. I have a layer 3 switch. Here's what I have tried:

I created three vlans on the switch. I created three interfaces and assigned each interface an IP address within the network range I desire. i.e:

  • port1, vlan1 - 212.85.15.2/30
  • port2, vlan2 - 212.85.15.9/29

  • port3, vlan3 - 212.85.15.17/29

  • The switch's default route is set to the ISP's router: 212.85.15.1

  • Port 1 on the switch is connected to the ISP's router.
  • Port 2 is connected to a computer with the address 212.85.15.10/29
  • Port 3 is connected to a computer with the address 212.85.15.18/29

I have configured ip forwarding & routing and one computer can see the other using the switch as the default gateway. However, the computers can't ping the ISP's router and therefore are unable to communicate further up the network. If I use the switch's built-in ping command it is able to ping the ISP's router successfully and both computers. Is this because the ISP's router is configured as supplying 212.85.15.0/24 and therefore can't communicate properly with 212.85.15.2/30? I don't understand why the switch can ping the router but the clients can't even though they are using and going through the core switch.

I tried defining vlan1's interface address as 212.85.15.2/24 but then I was unable to configure the smaller /29 networks as I was told it overlapped with vlan1.

Appreciate any help one of the networking gurus can offer.

Thank you.

longneck
  • 22,793
  • 4
  • 50
  • 84
sram
  • 23
  • 1
  • 4

2 Answers2

1

Assuming the ISP's router interface is configured as 212.85.15.1/24 it will attempt to ARP for all hosts in the 212.85.15.0/24 subnet. Your various hosts in the /29 networks will be able to route ICMP echo-requests to the ISP router but, since that router is configured to believe that 212.85.15.0/24 isn't subnetted it will ARP for the PC as it attempts to respond to the echo-request. This is why your hosts in the /29 networks aren't receiving responses from the ISP's router. The ISP's router "sees" your hosts as local to its Ethernet interface and doesn't "know" to address packets to your switch for delivery to the hosts in your subnets.

If your layer 3 switch supports proxy ARP you could configure it to answer for the various hosts in the subnets you're creating. Then, when the ISP's router ARPs, your switch will answer and receive the packet to be routed to the hosts in your subnets. I haven't found proxy ARP to be a very common feature in layer 3 switches, personally.

Alternatively, you could tell your ISP to configure their router's interface as 212.85.15.1/30 and add a static route for 212.85.15.0/24 to 212.85.15.2 (just as @techieb0y suggests in his answer).

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • Thank you very much for your explanation. You helped me to understand things much more clearly and as a result I am now using RIPv2 and have the setup working as I'd hoped! – sram Mar 11 '13 at 19:06
0

It sounds like you'll need to work with your ISP to change 212.85.15.0/24 from a connected network to a statically routed one. The change required is likely on your provider's end, pointing all of your /24 to a next-hop of your .2 IP in the /30 (or some new IP of their choosing).

techieb0y
  • 4,161
  • 16
  • 17
  • thanks for your reply, techieb0y. I've still a long way to go when it comes to routing. – sram Mar 11 '13 at 19:07