Troubleshooting
Most common Inter-VLAN Issues
There are multiple reasons why an Inter-VLAN configuration may not be functional. All of the reasons are connectivity related. The following are common reasons
| Issue | Diagnose | Rectify |
|---|---|---|
| Missing VLANs | show vlan brief show interfaces switchport ping | Create the VLAN if it does not exist. Ensure that the host port is assigned to the correct VLAN. |
| Switch Trunk Port Issues | show interfaces trunk show running-config | Ensure trunks are configured properly. Ensure the port is a trunk port and is enabled. |
| Switch Access Port Issues | show interfaces switchport show running-config interface ipconfig | Ensure that the access port is assigned to the correct VLAN. Ensure port is an access port mode and enabled. The host might be configured in the wrong subnet. |
| Router Configuration Issues | show ip interface brief show interfaces | Router subinterface IPv4 address is incorrectly configured. The router sub-interface is assigned to the VLAN ID. |
Router on a stick Troubleshooting
Of course one can use a ping between devices to check Inter-VLAN connectivity but apart from ping, there are useful show commands that can be used to verify and troubleshoot a router-on-a-stick setup
show ip route
R1# show ip route | begin Gateway
Gateway of last resort is not set
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0/0.10
L 192.168.10.1/32 is directly connected, GigabitEthernet0/0/0.10
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, GigabitEthernet0/0/0.20
L 192.168.20.1/32 is directly connected, GigabitEthernet0/0/0.20
192.168.99.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.99.0/24 is directly connected, GigabitEthernet0/0/0.99
L 192.168.99.1/32 is directly connected, GigabitEthernet0/0/0.99
R1#
After configuring the sub-interfaces, we can verify if they are appearing in the routing table of the Router by using this command. There are 3 (C) Connected routes and their related exit interfaces for each routable VLAN. By using this command we can confirm that the correct subnets, VLANs, and sub-interfaces are active and functional.
show ip interface brief
R1# show ip interface brief | include up GigabitEthernet0/0/0 unassigned YES unset up up Gi0/0/0.10 192.168.10.1 YES manual up up Gi0/0/0.20 192.168.20.1 YES manual up up Gi0/0/0.99 192.168.99.1 YES manual up up R1#
This output confirms that the sub-interfaces have the correct IPv4 address assigned to them and that they are functional.
show interfaces
R1# show interfaces g0/0/0.10
GigabitEthernet0/0/1.10 is up, line protocol is up
Hardware is ISR4221-2x1GE, address is 10b3.d605.0301 (bia 10b3.d605.0301)
Description: Default Gateway for VLAN 10
Internet address is 192.168.10.1/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 10.
ARP type: ARPA, ARP Timeout 04:00:00
Keepalive not supported
Last clearing of "show interface" counters never
R1#
Subinterfaces can be also verified using this command.
show interfaces trunk
S1# show interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 100 Fa0/5 on 802.1q trunking 100 Port Vlans allowed on trunk Fa0/1 1-4094 Fa0/5 1-4094 Port Vlans allowed and active in management domain Fa0/1 1,10,20,100 Fa0/5 1,10,20,100 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 1,10,20,100 Fa0/5 1,10,20,100 S1#
An improper configuration could also be present on the trunk port of the switch. To verify the active trunk links you can use this command on a Layer 2 switch. This output confirms that the link to the Router is trunking for the required VLANs.