ER7206: Members of added VLANs cannot ping each other.

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER7206: Members of added VLANs cannot ping each other.

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER7206: Members of added VLANs cannot ping each other.
ER7206: Members of added VLANs cannot ping each other.
2023-08-09 14:35:22
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.3.0 Build 20230322 Rel.70951

Members of added VLANs, excluding the factory default non-removable vlan, cannot ping each other.  They can ping internet web pages.  Members of the factory default vlan can ping each other, internet web pages, and members of other vlans.

 

When peforming a tracert, no routing information is returned for added vlan IPs.

 

How do I enable it so members of added vlans can ping each other?

  0      
  0      
#1
Options
6 Reply
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-10 05:53:46

Hi @martincom 

Thanks for posting in our business forum.

What kind of VLAN did you configure? Is it a VLAN interface? Or 802.1Q VLAN? What other devices do you have?

If you use 802.1Q VLAN, VLAN is isolated. While the VLAN interface is not unless you have set up ACL.

How to create multi networks and manage network behavior with ACL on Omada Gateway in standalone mode

About 802.1Q VLAN and its effect: How to configure 802.1Q VLAN on Smart and Managed switches using the new GUI

 

BTW, if you are using VLAN interface but still cannot ping each other, consider your firewall. You should at least be able to ping the other VLAN gateway. If the gateway is pingable, then the router's fine.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-10 13:07:08

  @Clive_A  I have two, stacked, Dell 5548P switches between the ER7206 and the network clients.  It is an 802.1Q configuration.  I'm going to speculate that Cisco built the Dell units, as the CLI commands are near identical, if not identical.

 

The Dell 5548P is configured for DHCP relay and the ER7206 is confiured to have a DHCP server for each VLAN.

 

 

When I define the primary DNS server, for VLAN 300, VLAN members cannot ping each other or the router gateway.  If I do not define the primary DNS server and leave it blank, then the router gateway can be pinged by members, but not, of course,between members.

 

 

VLAN 100, which is the factory, un-deletable, VLAN functions OK.  VLAN 100 and 300 are configured exactly, short of IP addresses, the same, but yet the ping issues only impact VLAN 300.

 

 

 

 

 

 

 

  0  
  0  
#3
Options
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-10 13:41:02 - last edited 2023-08-10 13:42:43

  @martincom PVID is 1 so depending on the dell switches that are like cisco, to get switchport trunk allowed vlan to work without a native the PVID would have to match the tagged number as well, otherwise it won't match the other end.

 

pvid 100 & tag 100 =

 

switchport trunk allowed vlan 100

switchport mode trunk

 

Its possible that the ping is matching 1 and not 300

 

Thats my experience with it anyway.

  0  
  0  
#4
Options
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-10 13:55:12 - last edited 2023-08-10 14:01:24

  @soupastars If the connection to the switch (VLAN 300) was from an untagged interface that would be correct.  However, that is not the case here.  The interface is a trunk, which passes the tags from the switch to the router.  A trunk will not pass any untagged traffic, except for VLAN 1, which is typically the native VLAN.  For the router to respond to VLAN 1, the receiving port must have its PVID set as 1.

 

Regardless, this doesn't have anything to do with the issue at hand.

  0  
  0  
#5
Options
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-11 06:05:52

Hi @martincom 

Thanks for posting in our business forum.

I have no idea about the Cisco/Dell switch. But the config on the 7206 is fine. Trunk is good, too. In this kind of setup, the switch has to be set up with the 802.1Q VLAN alone as the interface is created on the router. So, I never tried to set up a DHCP relay on this as we always recommend you use 802.1Q VLAN on the switch and it should do it.

This is what I'd like to point out. So, if you are willing, you set it to 802.1Q VLAN on your switch and test it again.

 

Another possible cause on your network could be the routing tables. I think you can probably investigate in that way.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#6
Options
Re:ER7206: Members of added VLANs cannot ping each other.
2023-08-17 21:48:08 - last edited 2023-08-17 21:53:22

  @martincom SOLVED The issue was a conflict between hardware and software VLAN assignments.

 

This is a Server 2019 host with a Server 2019 VM.  They both were served by a common, 10gb, NIC.  The host vlan was set in the NIC hardware (Adapter properties\advanced drop down.)  The VM vlan assignment was made within the hyper manager virtual switch tool, where the VM virtual interface is created.  Apparently, it does not like to function properly on top of the hardware assigned vlan.  It had me fooled, as the host operation was 100% and the VM could access the internet, and the LAN briefly, at times..

 

To resolve the issue, I configured a virtual NIC team on the host.  See the link within this title: Configuring Multiple VLAN Interfaces on Windows  (I would have included an embedded link, but the forum software stated it was "illegal".)  I configured a virtual interface on the team, for the host, and assigned the vlan within.  I utilized the virtual switch, within hyper manager, to create the VM virtual interface, as you would normally, and assiged the VM VLAN within.

  0  
  0  
#7
Options