Всем добрый день.
Предоставилась возможность поиграться с L3 коммутатором Cisco 3550-12T, пытаюсь настроить на нем Inter-VLAN маршрутизацию:
ip subnet-zero
ip routing
!
interface GigabitEthernet0/1
description UPLINK
no switchport
ip address 10.1.1.250 255.255.255.0
!
interface GigabitEthernet0/2
description CLIENT
no switchport
ip address 10.20.10.1 255.255.255.252
!
ip route 0.0.0.0 0.0.0.0 10.1.1.253
---------------------------------------------------------------------------------
TESTED#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.1.1.253 to network 0.0.0.0
10.0.0.0/24 is subnetted, 2 subnets
C 10.20.10.0 is directly connected, GigabitEthernet0/2
C 10.1.1.0 is directly connected, GigabitEthernet0/1
S* 0.0.0.0/0 [1/0] via 10.1.1.253
-----------------------------------------------------------------------------------
TESTED#sh ver
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)
Copyright © 1986-2009 by Cisco Systems, Inc.
Compiled Mon 09-Mar-09 20:28 by gereddy
Image text-base: 0x00003000, data-base: 0x012A99FC
ROM: Bootstrap program is C3550 boot loader
TESTED uptime is 14 minutes
System returned to ROM by power-on
System image file is "flash:/c3550-ipservicesk9-mz.122-44.SE6/c3550-ipservicesk9-mz.122-44.SE6.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco WS-C3550-12T (PowerPC) processor (revision U0) with 65526K/8192K bytes of memory.
Processor board ID CAT0917X1AU
Last reset from warm-reset
Running Layer2/3 Switching Image
Ethernet-controller 1 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 2 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 5 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 6 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 7 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 8 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 9 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 10 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 11 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 12 has 1 Gigabit Ethernet/IEEE 802.3 interface
12 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.
384K bytes of flash-simulated NVRAM.
Base ethernet MAC Address: 00:14:1C:13:A5:80
Motherboard assembly number: 73-5527-17
Power supply part number: 34-0967-03
Motherboard serial number: CAT09180TDV
Power supply serial number: DTH08295ZZW
Model revision number: U0
Motherboard revision number: A0
Model number: WS-C3550-12T
System serial number: CAT0917X1AU
Configuration register is 0x10F
-------------------------------------------------------------------------
TESTED#sh sdm prefer
The current template is the default extended-match template.
The selected template optimizes the resources in
the switch to support this level of features for
16 routed interfaces and 1K VLANs.
number of unicast mac addresses: 6K
number of igmp groups: 6K
number of qos aces: 2K
number of security aces: 2K
number of unicast routes: 6K
number of multicast routes: 6K
--------------------------------------------------------------------
sdm extended-match template выбрал только потому, что в дальнейшем хотелось бы еще реализовать на коммутаторе policy routing
IP адрес клиентского компьютера, подключенного к gi0/2 - 10.20.10.2.
Шлюз 10.1.1.253 имеет выход в интернет, но клиентский компьютер сей шлюз не пингует.
Подскажите пожалуйста, в чем может быть проблема?)
Коммутатор пингует и 10.1.1.253, и 10.20.10.2
Клиентский комп - помимо 10.20.10.1 пингует 10.1.1.250