Switching

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Hi Jim,

If I understood correctly -

• VLAN 123 is the old VLAN configured on the Cisco switches and also the new Juniper switches.
• The new VLAN 456 is configured only on the new Juniper switches.
• The new VLAN 456 is accessible only from the devices connected in the VLAN 456. ( Is this correct? You also mentioned etc etc, so not sure if any other subnets/VLANs are also accessible from VLAN 456?)

The following clarification will help: -

• Can the devices communicate in the same switch (source in VLAN 123 and destination in VLAN 456)?
• As simple topology diagram can help understand the scenario better to help with "how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere."

Regards

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Good morning @SHEETANSHU SHEKHAR!  Thanks for the reply!

I just want to clarify that I don't want to get rid of the original 123 but have them both working in conjunction with each other.

I can access both the existing 123 and 456 on the same switches; but only from interface ports configured for either VLAN.

------------------------------
JIM VADEN

Original Message:
Sent: 01-06-2025 09:11
From: Sheetanshu Shekhar
Subject: Adding Route to Second Gateway

Hi Jim,

If I understood correctly -

• VLAN 123 is the old VLAN configured on the Cisco switches and also the new Juniper switches.
• The new VLAN 456 is configured only on the new Juniper switches.
• The new VLAN 456 is accessible only from the devices connected in the VLAN 456. ( Is this correct? You also mentioned etc etc, so not sure if any other subnets/VLANs are also accessible from VLAN 456?)

The following clarification will help: -

• Can the devices communicate in the same switch (source in VLAN 123 and destination in VLAN 456)?
• As simple topology diagram can help understand the scenario better to help with "how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere."

Regards

------------------------------
Sheetanshu Shekhar

Original Message:
Sent: 01-03-2025 16:52
From: JIM VADEN
Subject: Adding Route to Second Gateway

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

------------------------------
JIM VADEN
------------------------------

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Apologies.  In trying to NOT show the exact information from my network, I mistyped.  The 10.20.30.1 is actually on the old Cisco switch stack.  The VLAN 123 on my Juniper is actually 10.20.30.61. 

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Ok. Will the attached be a close depiction of the network?

• On the Juniper switch, can VLAN 975 and 980 devices communicate with VLAN456? They should as per the routing table.
• Do we have VLAN 456 and it's SVI defined on the Cisco switch? If not, does the Cisco switch have a route to the VLAN 456 subnet pointing towards the Juniper switch?
• Where does the gateway for VLAN 11 reside?

Apologies.  In trying to NOT show the exact information from my network, I mistyped.  The 10.20.30.1 is actually on the old Cisco switch stack.  The VLAN 123 on my Juniper is actually 10.20.30.61. 

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

H i Sheetanshu!

I really appreciate the assistance so far!

The Cisco switch DOES know 456, but not 980 nor 975 nor 11 for that matter.  11 is basically our replacement for the default vlan 1 on the Ciscos and resides only on the Junipers.

On the Junipers I am unable to see 456 from 975 or 980.

456 on the Ciscos has the following config:  ip address 10.40.50.3 255.255.255.0

And the Cisco routing for the 456 looks like this:

S*    0.0.0.0/0 [1/0] via 1.2.3.4
      10.0.0.0/8 is variably subnetted, 29 subnets, 3 masks
C        10.40.50.0/24 is directly connected, Vlan915
L        10.40.50.3/32 is directly connected, Vlan915

Ok. Will the attached be a close depiction of the network?

• On the Juniper switch, can VLAN 975 and 980 devices communicate with VLAN456? They should as per the routing table.
• Do we have VLAN 456 and it's SVI defined on the Cisco switch? If not, does the Cisco switch have a route to the VLAN 456 subnet pointing towards the Juniper switch?
• Where does the gateway for VLAN 11 reside?

Apologies.  In trying to NOT show the exact information from my network, I mistyped.  The 10.20.30.1 is actually on the old Cisco switch stack.  The VLAN 123 on my Juniper is actually 10.20.30.61. 

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Thanks, Jim. I will disregard the Cisco switch for now.

"On the Junipers I am unable to see 456 from 975 or 980."

This one is quite strange as you have all the required routes.

• Do the devices connected in 975/980 use the irb interface IPs configured on the Juniper switches as their gateways?
• Do we have any interface OR VLAN firewall-filters configured on the Juniper switch?
• Does "ping 10.40.50.1 source 10.80.60.1 (or 10.70.15.1)" work on the Juniper switch?

Regards

H i Sheetanshu!

I really appreciate the assistance so far!

The Cisco switch DOES know 456, but not 980 nor 975 nor 11 for that matter.  11 is basically our replacement for the default vlan 1 on the Ciscos and resides only on the Junipers.

On the Junipers I am unable to see 456 from 975 or 980.

456 on the Ciscos has the following config:  ip address 10.40.50.3 255.255.255.0

And the Cisco routing for the 456 looks like this:

S*    0.0.0.0/0 [1/0] via 1.2.3.4
      10.0.0.0/8 is variably subnetted, 29 subnets, 3 masks
C        10.40.50.0/24 is directly connected, Vlan915
L        10.40.50.3/32 is directly connected, Vlan915

Ok. Will the attached be a close depiction of the network?

• On the Juniper switch, can VLAN 975 and 980 devices communicate with VLAN456? They should as per the routing table.
• Do we have VLAN 456 and it's SVI defined on the Cisco switch? If not, does the Cisco switch have a route to the VLAN 456 subnet pointing towards the Juniper switch?
• Where does the gateway for VLAN 11 reside?

Apologies.  In trying to NOT show the exact information from my network, I mistyped.  The 10.20.30.1 is actually on the old Cisco switch stack.  The VLAN 123 on my Juniper is actually 10.20.30.61. 

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!

Yessir I'm currently connected on 975 and using that gateway and I CAN ping the other vlan gateways but unable to ping devices on those other two VLANs.  

There is no firewall config currently.

Thanks, Jim. I will disregard the Cisco switch for now.

"On the Junipers I am unable to see 456 from 975 or 980."

This one is quite strange as you have all the required routes.

• Do the devices connected in 975/980 use the irb interface IPs configured on the Juniper switches as their gateways?
• Do we have any interface OR VLAN firewall-filters configured on the Juniper switch?
• Does "ping 10.40.50.1 source 10.80.60.1 (or 10.70.15.1)" work on the Juniper switch?

Regards

H i Sheetanshu!

I really appreciate the assistance so far!

The Cisco switch DOES know 456, but not 980 nor 975 nor 11 for that matter.  11 is basically our replacement for the default vlan 1 on the Ciscos and resides only on the Junipers.

On the Junipers I am unable to see 456 from 975 or 980.

456 on the Ciscos has the following config:  ip address 10.40.50.3 255.255.255.0

And the Cisco routing for the 456 looks like this:

S*    0.0.0.0/0 [1/0] via 1.2.3.4
      10.0.0.0/8 is variably subnetted, 29 subnets, 3 masks
C        10.40.50.0/24 is directly connected, Vlan915
L        10.40.50.3/32 is directly connected, Vlan915

Ok. Will the attached be a close depiction of the network?

• On the Juniper switch, can VLAN 975 and 980 devices communicate with VLAN456? They should as per the routing table.
• Do we have VLAN 456 and it's SVI defined on the Cisco switch? If not, does the Cisco switch have a route to the VLAN 456 subnet pointing towards the Juniper switch?
• Where does the gateway for VLAN 11 reside?

Apologies.  In trying to NOT show the exact information from my network, I mistyped.  The 10.20.30.1 is actually on the old Cisco switch stack.  The VLAN 123 on my Juniper is actually 10.20.30.61. 

Thanks!

Looking at the output

• Why do we have the static default route pointing the next-hop to an interface on the same switch (10.20.30.1 exists on the same switch)?
• The devices connected in VLANs 975 and 980 should be able to communicate with the devices in VLANs 123 and VLANs 456 on the same switch, as the routes exist. Does this work?
• However, the devices connected in VLAN 11 will not be able to communicate with the other VLANs as VLAN 11 doesn't have an irb defined on this switch. Does the gateway of VLAN 11 exist on a different device? Even then, the shown switch will not have a route to the VLAN 11 destinations, as the default-route here points to an IP that exists on the same switch.

Regards

Hope this helps.  Thanks!

show configuration vlans 123
vlan-id 123;
l3-interface irb.123;

show configuration interfaces irb.123
description MGMT;
family inet {
    address 10.20.30.1/24;
}

show configuration vlans 456
vlan-id 456;
l3-interface irb.456;

show configuration interfaces irb.456
description newMGMT;
family inet {
    address 10.40.50.1/24;
}
show configuration vlans 11
vlan-id 11;

show route table inet.0

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 67w6d 18:17:24
                    >  to 10.20.30.1 via irb.123
10.40.50.0/24        *[Direct/0] 3d 16:57:33
                    >  via irb.456
10.40.50.1/32        *[Local/0] 3d 16:57:33
                       Local via irb.456
10.80.60.0/24        *[Direct/0] 3d 16:42:31
                    >  via irb.980
10.80.60.1/32        *[Local/0] 3d 16:42:31
                       Local via irb.980
10.70.15.0/24       *[Direct/0] 21w6d 23:03:23
                    >  via irb.975
10.70.15.1/32       *[Local/0] 21w6d 23:03:23
                       Local via irb.975
10.20.30.0/24     *[Direct/0] 67w6d 18:17:24
                    >  via irb.123
10.20.30.1/32    *[Local/0] 67w6d 18:17:24
                       Local via irb.123

Good afternoon!
Please bear with me as I try to explain my scenario (know that I'm not listing actual IPs):

1) existing Cisco stack has VLAN 123 with 10.20.30.1/24 and existing servers and storage are hanging off it

2) new Juniper switches has same VLAN 123 with routing-options "static route 0.0.0.0/0 next-hop 10.20.30.1" (I'm in the midst of hanging off new servers and storage behind the Junipers and will transition away from the old soon)

3) new VLAN456 with 10.10.10.45/24 will replace the old VLAN 123.  I have this configured on all the Junipers and new servers/storage and if I'm connected via an interface with that new VLAN then I can access the new servers, etcetera, but if I'm on an interface NOT configured for the new VLAN then I cannot.

What am I missing?  I'll eventually get rid of the original VLAN 123, but how can I add a route to my existing Junipers to also hit the new VLAN 456 from anywhere.

Thanks!

Happy Weekend!