Thanks Dima, I can't swap IPs since it's a production environment.
I can tell that routing/NAT is broken at the destination end. The source IP
is in overlap IP space of another AS# that we merged with. There's NAT in
place to deal with this but there's something not set up correctly with this
source subnet in question. Having said that, I wish I could explain why I
can ping from the switch but not from the user's PC.
thanks, JG
On Tue, Feb 8, 2011 at 11:36 AM, Dima Muzychko <muzychko_at_gmail.com> wrote:
> Hi
>
> I would suggest to swap ip-addresses of DG and PC...
> You might get a case when ping works from PC but stops working from DG. It
> will identify existence of PBR or FW
>
>
>
> 2011/2/8 Carl Gosselin <carl.gosselin_at_altizone.com>
>
> > Jersey,
> > Look into your routing table for that destination.
> > If the routing table follows the same path as the traceroute from the
> 6509
> > then you will know that the routing of that hop is fine.
> >
> > My guess is that you may have some PBR defined on your network...
> >
> > Look for route-maps that would select your source traffic and send it a
> > different way then the information in the routing table....
> >
> > Also the target host? Does it use a different default GW then the router
> > send the packet on the last hop?
> >
> > Any default routes used on the path?
> >
> > You must draw out the network with the routing hop by hop to be able to
> > find the issue... Both ways... From the source to the destination and the
> > reverse...
> >
> > This is not something that anyone can answer easily on a forum...
> >
> > /Carl
> >
> >
> >
> > On 2011-02-08, at 10:32, Jersey Guy <guy.jersey_at_gmail.com> wrote:
> >
> > > Hi Larry,
> > > I can ping successfully from the 6509 using the source IP of the vlan
> on
> > > which the user sits. From the user's PC, cannnot ping the same address!
> > If I
> > > do a trace from the pc, it does after 8 hops. I don't know what the 8th
> > hop
> > > is, as I'm not able to telnet to it (connection refused). When I get
> into
> > > the 7th hop and do a trace for the destination IP, the route points to
> a
> > > different machine than the 8th hop in the traceroute. That is weird.
> > >
> > > On Fri, Feb 4, 2011 at 6:27 AM, Larry H <larryh12203_at_gmail.com> wrote:
> > >
> > >> Have you tried to ping from the 6509 using the source ip of one of the
> > user
> > >> vlan's? What is the result? What about a trace from the pc? Where does
> > it
> > >> die?
> > >>
> > >> Thanks
> > >> Larry Hadrava
> > >> CCIE #12203
> > >>
> > >> Sent from my iPad
> > >>
> > >> On Feb 3, 2011, at 6:16 PM, Jersey Guy <guy.jersey_at_gmail.com> wrote:
> > >>
> > >>> From the user's machine I can ping plenty of other IPs including the
> > >> default
> > >>> gateway and other IPs many hops away.
> > >>>
> > >>> On Thu, Feb 3, 2011 at 6:07 PM, Raghav Bhargava
> > >>> <raghavbhargava12_at_gmail.com>wrote:
> > >>>
> > >>>> Did u check the user machine..whether there is a host firewall
> > blocking
> > >>>> icmp on his machine..
> > >>>>
> > >>>> -Raghav
> > >>>>
> > >>>> On Thu, Feb 3, 2011 at 2:35 PM, Jersey Guy <guy.jersey_at_gmail.com>
> > >> wrote:
> > >>>>
> > >>>>> Folks,
> > >>>>> I have a 6509 switch with a few user vlans. From the switch I can
> > ping
> > >> a
> > >>>>> certain IP address that sits multiple hops away. From user
> > workstations
> > >>>>> that
> > >>>>> have this switch as their default gateway, I can't ping the same IP
> > >>>>> address.
> > >>>>> I've checked the usual stuff - subnet mask, being able to ping the
> > >> default
> > >>>>> gateway, being able to ping other IPs, rebooting the darn PC....no
> > >> change.
> > >>>>> For clarification, when on the switch, I run extended ping with the
> > >> user's
> > >>>>> vlan as the source address. It works fine. Just can't ping from the
> > >> user's
> > >>>>> machine! Any pointers/ideas please?!
> > >>>>>
> > >>>>> TIA
> > >>>>>
> > >>>>>
> > >>>>> Blogs and organic groups at http://www.ccie.net
> > >>>>>
> > >>>>>
> > _______________________________________________________________________
> > >>>>> Subscription information may be found at:
> > >>>>> http://www.groupstudy.com/list/CCIELab.html
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Warm Regards
> > >>>> Raghav
> > >>>
> > >>>
> > >>> Blogs and organic groups at http://www.ccie.net
> > >>>
> > >>>
> _______________________________________________________________________
> > >>> Subscription information may be found at:
> > >>> http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Feb 08 2011 - 12:48:04 ART
This archive was generated by hypermail 2.2.0 : Tue Mar 01 2011 - 07:01:50 ART