View Only
last person joined: yesterday 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  EX2200 Routing between VLANs

    Posted 06-24-2015 09:03
      |   view attached

    I have an EX2200 48T running version 12.3R6.6.  I'm trying to set up RVI to route between VLANs, but it's not working properly. The VLANs in question are listed below:


    DHCP Unit 3
    Test Unit 5
    Test2 Unit 6


    Interfaces ge-0/0/5 and ge-0/0/30 are trunked to access all three of these VLANs.


    The EX2200 is running DHCP on these three networks (,, and, with the range .1 - .250 for each, and .253 is set as the default gateway.


    Laptop A on the DHCP VLAN has address
    Laptop B on the Test VLAN has address


    Laptop A can ping its own gateway ( and the gateway for the Test VLAN (, but it cannot ping Laptop B.


    The same is true for Laptop B.  It can ping its own gateway and the gateway for other VLANs, but it cannot ping anything else on a different VLAN.


    I tried to follow this technote:


    The issue is very similar to the behavior described in the 7th message of this post:


    I created Test2 on from scratch to see if I made a mistake in the earlier config, but it behaves in exactly the same way.


    The relevant parts of the config are attached.  What am I doing incorrectly?


    NOTE: This system is in production, so I can't take drastic steps, like rebooting or upgrading/reverting versions.



    config to post.txt   2 KB 1 version

  • 2.  RE: EX2200 Routing between VLANs

    Posted 06-24-2015 09:25

    You do not need those /24 static routes.  These are local routes the switch is aware of.  I suggest you copy config for ge-0/0/28 and use it to config some other physical interface, say ge-0/0/29, and also change VLAN member to either DHCP or Test 2.  You should now be able to ping between these subnets (.4 to either .3 or .6).


    When you try to ping from .5/Test (BTW much easier to manage/keep track if you match unit number to vlan number) to either DHCP or Test 2 what is physically connected to ge-0/0/5 or ge-0/0/30, another PC?  This will NEVER work unless the PC can strip Dot1Q headers.  To test PC to PC pings you need them on access ports, not trunk ports.  Of the trunk ports would generally be another switch, and then that switch needs proper VLAN configuration, etc.


    Also, when you ping anything that is 10.10.x.253 you are ping the same place.  That would be switch CPU/RE.  Ping gateways on L3 switches, means very little, except to prove local gateway is up.  Id CPU/RE is busy, pings could be either delayed or potentially dropped.


    This is all very basic stuff, and it all works, 100% for sure.  If not working you are doing something wrong, generally with very basic stuff.


  • 3.  RE: EX2200 Routing between VLANs

    Posted 06-24-2015 10:59
      |   view attached

    I set ge-0/0/5 and ge-0/0/30 back to access ports and removed the /24 static routes.  DHCP VLAN is on ge-0/0/5, and Test2 is on ge-0/0/30. 


    One PC is one (DHCP VLAN), and another is on (Test2 VLAN), but they still cannot ping each other.


    The updated config is attached. 


    updated config.txt   3 KB 1 version

  • 4.  RE: EX2200 Routing between VLANs

    Posted 06-24-2015 23:57
      |   view attached

    I took your config with some minor modifications, and dumped it directly into an EX2200 switch, with a single trunk link connecting to my laptop with 3x VLANS (10,20,30) configured. As you can see, I can ping fine from each set of hosts, with the traceroute confirming my path to/from each.


    VLAN10 received via DHCP

    VLAN20 received via DHCP


    This doesn't prove reverse routing (the return route will be directly connected), but does show unidirectional test in each direction through the router.


    laptop$ traceroute -s
    traceroute to ( from, 64 hops max, 52 byte packets
    1 ( 9.597 ms 2.356 ms 3.416 ms
    2 ( 0.406 ms 0.386 ms 0.323 ms


    ## ping forcing source address from VLAN10 to destination in VLAN20
    laptop$ ping -S
    PING ( from 56 data bytes
    64 bytes from icmp_seq=0 ttl=63 time=0.278 ms
    64 bytes from icmp_seq=1 ttl=63 time=0.337 ms
    --- ping statistics ---
    2 packets transmitted, 2 packets received, 0.0% packet loss
    round-trip min/avg/max/stddev = 0.278/0.307/0.337/0.030 ms



    laptop$ ifconfig | egrep -A 8 -e "vlan" | egrep "inet\s|vlan:|^vlan"
    vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet netmask 0xffffff00 broadcast
    vlan: 10 parent interface: en3
    vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet netmask 0xffffff00 broadcast
    vlan: 20 parent interface: en3
    vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet netmask 0xffff0000 broadcast
    vlan: 30 parent interface: en3



    I'd suggest checking the end-systems to see if there's a conflicting interface or route causing the response to be sent somewhere else.  You can confim the correct interfaces are configured, and that there aren't routes for networks on the reply path configured locally, or somewhere else. 




    netstat -rn




    route print


    dhcp-test-config.txt   3 KB 1 version

  • 5.  RE: EX2200 Routing between VLANs

    Posted 06-25-2015 09:15

    Hi barnesry-jnet,

    What modifications did you make?  Were you using one host to ping another, or were you pinging the hosts from your laptop on the trunk port?

  • 6.  RE: EX2200 Routing between VLANs

    Posted 06-30-2015 08:39



    host to host pings via switch (inter-vlan route). You can run a diff of my config vs yours to get the exact details, but basically vlan numbering, etc. Confirmed the pings were routing correctly source->dest, but the response would likely have been direct (as the vlans co-exist on my laptop - not separate isolated VMs which would have been a more comprehensive test). I did test from both directions though specifying source addresses.


    laptop vlan10 -------\

                                   trunk ---------- switch

    laptop vlan20 - -----/ 

  • 7.  RE: EX2200 Routing between VLANs

    Posted 06-30-2015 07:22

    RVI still is not working.  When I run tracert for an IP on another VLAN, I get results like this:



    Tracing route to over a maximum of 30 hops

      1     8 ms    10 ms     1 ms
      2     *        *        *     Request timed out.
      3     *        *        *     Request timed out.
      4     *        *        *     Request timed out.


    In this case, I'm trying to go from VLAN 3 ( with the EX2200 as default gateway on to VLAN 6 ( with EX2200 as gateway on 


    The same thing happens if I run tracert from VLAN 6 to VLAN 3 or VLAN 5.  The packets get to the EX2200 and then time out.  The laptops on each VLAN can ping the switch, so they definitely have connectivity.  The packets get to the default gateway and then don't go anywhere, because RVI isn't working.


    Can someone please tell me what I need to change in my config (posted above) to get RVI to work?

  • 8.  RE: EX2200 Routing between VLANs

    Posted 07-07-2015 07:43

    I've investigated some more, and all evidence indicates that the routing table config is correct.  The problem seems to be that the EX2200 switch cannot ping the clients that are connected to it, even though the clients can ping the switch.


    The clients were getting addresses from DHCP on the EX2200.  As an experiment, I set a desktop to a static IP on on vlan.5.  That desktop on can ping the switch on, but the switch cannot ping  The desktop does appear in the switch's arp table.


    Does anybody know why the switch cannot ping physical clients that are directly connected?


    show arp
    MAC Address       Address         Name                      Interface           Flags
    3c:97:0e:2f:4e:a4                 vlan.3              none
    44:37:e6:0b:59:3d                 vlan.5              none


    PING ( 56 data bytes
    --- ping statistics ---
    15 packets transmitted, 0 packets received, 100% packet loss

  • 9.  RE: EX2200 Routing between VLANs
    Best Answer

    Posted 07-07-2015 19:52

    2 dumb questions:

    1) what are the client OS's?

    2) if connect 2 clients on the same VLAN, can they ping each other?


    Relating to Q1, if WIn7/8 is the answer, by default ping (reply) is blocked in local firewall rules...this one drove me crazy years ago...still gets me sometimes when I bring up a new Win7 client...also true for W2K8/W2K8-R2.




  • 10.  RE: EX2200 Routing between VLANs

    Posted 07-08-2015 07:03

    Thanks, Jeff.  This fixed it!