Routed Configuration-Devices in same subnet no VLAN available

Version 1
    This document was generated from CDN thread

    Created by: Jack Schluckbier on 09-05-2012 10:58:24 AM
    Hi team, I have the following config on my 3945 and SRE-V 900

    #sh diag | inc FRU   
            Product (FRU) Number     : CISCO3945-CHASSIS
            Product (FRU) Number     : C3900-SPE150/K9
            Product (FRU) Number     : PWR-3900-AC
            Product (FRU) Number     : PVDM3-128     
            Product (FRU) Number     : VWIC2-2MFT-T1/E1
            Product (FRU) Number     : SM-SRE-900-K9
            Product (FRU) Number     : SM-NM-ADPTR
            Product (FRU) Number     : NM-1T3/E3

    #service-module sm1/0 status
    Service Module is Cisco SM1/0
    Service Module supports session via TTY line 67
    Service Module is in Steady state
    Service Module heartbeat-reset is enabled
    Getting status from the Service Module, please wait..
    Application eXtension Platform (AXP) 1.6.2
    Online on SME
    No install/uninstall in progress


    interface GigabitEthernet0/0.10
     description svl-gem-rmte2 service VLAN 10
     encapsulation dot1Q 10
     ip address 10.33.107.130 255.255.255.240
     ip pim sparse-dense-mode
     ip flow ingress
     standby 3 ip 10.33.107.129
     standby 3 priority 110
     standby 3 preempt
     arp timeout 1740
    !
    interface GigabitEthernet0/0.380
     description svl-gem-rmte2 IC VLAN 380
     encapsulation dot1Q 380
     ip address 10.33.107.154 255.255.255.248
     ip flow ingress
     ip nat outside
     ip virtual-reassembly
     ntp broadcast
     standby 1 ip 10.33.107.153
     standby 1 priority 110
     standby 1 preempt
     arp timeout 1740
    !
    interface GigabitEthernet0/0.400
     description svl-gem-rmte2 voice VLAN 400
     encapsulation dot1Q 400
     ip address 10.33.107.146 255.255.255.248
     ip pim dr-priority 4294967294
     ip pim sparse-dense-mode
     ip flow ingress
     ip igmp version 3
     standby 2 ip 10.33.107.145
     standby 2 priority 105
     standby 2 preempt
     arp timeout 1740
    ------------------------------


    interface SM1/0
     ip unnumbered GigabitEthernet0/0.10
     service-module ip address 10.33.107.138 255.255.255.240
     !Application: Online on SME
     service-module ip default-gateway 10.33.107.129
     !
     hold-queue 60 out
    !
    interface SM1/1
     no ip address

    -----------------------------

    ip route 10.33.107.138 255.255.255.255 SM1/0

    ----------------------------

    My problem is that I cannot create a vlan under the SM1/1 interface command. I was under the impression that we "do not" need the HWIC, and therefore do not need the MGF, in order to get this to work in this routed L3 mode? If we do need a HWIC to get this to work, in order to use the vlan configuaration, then we might as well just use the L2 MGF config instead. The configuration guide is not very clear in this respect. The guide is still directing us to use the vlan config under int SM1/1 even for the L3 routed config!

    Subject: RE: Routed Configuration-Devices in same subnet no VLAN available
    Replied by: Brett Tiller on 09-05-2012 03:04:08 PM
    Jack,

    You have AXP 1.6.2 installed on the module which does not utilze the SM 1/1 interface.  You can install the replacement product SRE-V by downloading the files from the knowledgebase at http://developer.cisco.com/web/srev/docs .   On SRE-V, the MGF interface is utilized to bypass the router CPU, therefore, optimizing the use of the router.  This is done via an EHWIC card or EtherSwitch module.  We have a white paper, Configuring EtherSwitches on SRE-V, in the url referenced above that explains this configuration.

    Regarding vlans, you are correct, layer 2 configuration is not required.  You would not setup a vlan in the SM 1/1 interface since that interface acts as a layer 2 switch.  Rather in this interface you would specified the mode as trunk or vlan access depending upon your ethernet configuration.  You would set up the vlans outside of this interface.  You also need to specifiy the vlan id inside ESXi on the VM.

    Please let us know if you have more questions.

    Thanks,

    Brett

    Subject: RE: New Message from Brett Tiller in Service Ready Engine Virtualization -
    Replied by: Jack Schluckbier on 09-05-2012 03:14:29 PM
    Hi Brett,

    Thank you very much for the response. I noticed that too, the AXP 1.6.2 that is. Was this SRE module shipped with this version of software or something? Because we have not installed anything ourselves. I have already downloaded the sre-v-k9-r.SPA.smv.2.0.1 and will soon put it up on our TFP server for download to the SRE-v. So then what you are saying below is that once I put the proper product on the SRE-v, the interface SM1/1 will allow the trunk configuration?



    I have gone up and down the config guide, and this is not mentioned. It should be mentioned or pointed out that you must have the correct software product installed “first” in order to utilize the Trunking feature under the SM1/1 interface.



    Many thanks again for your assistance, you are doing a super job for all of us!!!!



    From: Cisco Developer Community Forums [mailto:cdicuser@developer.cisco.com]
    Sent: Wednesday, May 09, 2012 12:04 PM
    To: cdicuser@developer.cisco.com
    Subject: New Message from Brett Tiller in Service Ready Engine Virtualization - SRE-V Technical Questions: RE: Routed Configuration-Devices in same subnet no VLAN available



    Brett Tiller has created a new message in the forum "SRE-V Technical Questions":

    --------------------------------------------------------------
    Jack,

    You have AXP 1.6.2 installed on the module which does not utilze the SM 1/1 interface. You can install the replacement product SRE-V by downloading the files from the knowledgebase at http://developer.cisco.com/web/srev/docs . On SRE-V, the MGF interface is utilized to bypass the router CPU, therefore, optimizing the use of the router. This is done via an EHWIC card or EtherSwitch module. We have a white paper, Configuring EtherSwitches on SRE-V, in the url referenced above that explains this configuration.

    Regarding vlans, you are correct, layer 2 configuration is not required. You would not setup a vlan in the SM 1/1 interface since that interface acts as a layer 2 switch. Rather in this interface you would specified the mode as trunk or vlan access depending upon your ethernet configuration. You would set up the vlans outside of this interface. You also need to specifiy the vlan id inside ESXi on the VM.

    Please let us know if you have more questions.

    Thanks,

    Brett
    --
    To respond to this post, please click the following link:

    <http://developer.cisco.com/web/srev/forums/-/message_boards/view_message/5681573>

    or simply reply to this email.

    Subject: RE: Routed Configuration-Devices in same subnet no VLAN available
    Replied by: Brett Tiller on 09-05-2012 04:13:24 PM
    Hi Jack,

    I'm glad I could help.  I'm not sure what occurred in your order, but apparently AXP was ordered as pre-installed.   If you also purchased an AXP license please give me your sales order number.  I'll pass this along to our marketing team and someone will work with you to migrate you over to SRE-V.  

    Regarding the SM1/1 interface, yes once you install SRE-V you'll be able to trunk this interface, but you'll also need to have the correct IOS release installed on the router as well which would be 15.1(3)T or higher or 15.1(4)M or higher. 

    Thanks,
    Brett

    Subject: RE: Routed Configuration-Devices in same subnet no VLAN available
    Replied by: Jack Schluckbier on 17-05-2012 06:00:28 PM
    Ok, I installed the correct IOS version and Hypervisor installed perfectly. But now I cannot seem to login to my VM directly. I can login to the SRE and manage the VMs that way by just opening the consoles to each. But I get the connection error on the vSpere client when I try to connect to the VM directly. I also cannot seem to ping 10.33.107.149 from the router either. However I can ping the DG (.146) from the VM.

    VM: 10.33.107.149
    DG: 10.33.107.146

    interface GigabitEthernet0/0.380
    description IC VLAN 380
    encapsulation dot1Q 380
    ip address 10.33.107.147 255.255.255.240
    ip flow ingress
    ip nat outside
    ip virtual-reassembly in
    standby 1 ip 10.33.107.146
    standby 1 priority 110
    standby 1 preempt
    ntp broadcast
    arp timeout 1740

    interface SM1/0
    ip unnumbered GigabitEthernet0/0.380
    service-module ip address 10.33.107.145 255.255.255.240
    !Application: VMware ESXi 5.0.0 build-474610 running on SRE
    service-module ip default-gateway 10.33.107.146
    hold-queue 60 out
    !
    interface SM1/1
    description Internal switch interface connected to Service Module
    switchport mode trunk
    no ip address

    !
    ip route 10.33.107.145 255.255.255.255 SM1/0
    ip route 10.33.107.149 255.255.255.255 SM1/0
    !

    Subject: RE: Routed Configuration-Devices in same subnet no VLAN available
    Replied by: Brett Tiller on 18-05-2012 05:13:49 PM
    Hi Jack,

    If you can ping from the VM to the service module, but not vice versa, this issue is most likely due to a firewall of the OS installed on the VM that is blocking inbound traffic.  Please check your firewall or if Linux, the Linux SE, and make the needed changes so that inbound traffic is accepted.

    Thanks,
    Brett

    Subject: RE: Routed Configuration-Devices in same subnet no VLAN available
    Replied by: Brett Tiller on 18-05-2012 03:00:23 PM
    Hi Jack,

    I'm glad that you're making progress.  I've never tried logging into the VM directly from the vSphere client and I don't think that VMware supports that.  You have to log into the VMware host, and then access the VMs via the console as you have been doing.

    Regarding the issue of being able to ping the VMs, you need to put the VMs on the vSwitch0 so that you can get external access.  I've provided the steps below to create a port group for vSwitch0.

    1.  In the vSphere client click on the host then the Configuration tab and then click on the Networking link.

    2.  In vSwitch0 click Properties then the Ports tab and finally the Add button.

    3.  Select VM then vSwitch0 and give it a name. Finally click Finish.

    4.  Now we'll assign the VM to the new vSwitch0 Port Group.  Right click on the VM and select Edit Settings. then select Network Adapter 1.  In the right drop down box, select the new port group you created and click Ok.

    Please let us know if you have any other questions/concerns.

    Thanks,
    Brett

    Subject: RE: New Message from Brett Tiller in Service Ready Engine Virtualization -
    Replied by: Jack Schluckbier on 18-05-2012 07:00:53 PM
    Hi Brett, you were right! I had the private domain firewall profile on, yet had the public domain firewall off. But turned them all off, and I can now ping the VM from the router! Just a screenshot of how I have it setup already on vSitch0.



    Thanks again!

    Jack







    From: Cisco Developer Community Forums [mailto:cdicuser@developer.cisco.com]
    Sent: Friday, May 18, 2012 12:00 PM
    To: cdicuser@developer.cisco.com
    Subject: New Message from Brett Tiller in Service Ready Engine Virtualization - SRE-V Technical Questions: RE: Routed Configuration-Devices in same subnet no VLAN available



    Brett Tiller has created a new message in the forum "SRE-V Technical Questions":

    --------------------------------------------------------------
    Hi Jack,

    I'm glad that you're making progress. I've never tried logging into the VM directly from the vSphere client and I don't think that VMware supports that. You have to log into the VMware host, and then access the VMs via the console as you have been doing.

    Regarding the issue of being able to ping the VMs, you need to put the VMs on the vSwitch0 so that you can get external access. I've provided the steps below to create a port group for vSwitch0.

    1. In the vSphere client click on the host then the Configuration tab and then click on the Networking link.

    2. In vSwitch0 click Properties then the Ports tab and finally the Add button.

    3. Select VM then vSwitch0 and give it a name. Finally click Finish.

    4. Now we'll assign the VM to the new vSwitch0 Port Group. Right click on the VM and select Edit Settings. then select Network Adapter 1. In the right drop down box, select the new port group you created and click Ok.

    Please let us know if you have any other questions/concerns.

    Thanks,
    Brett
    --
    To respond to this post, please click the following link:

    <http://developer.cisco.com/web/srev/forums/-/message_boards/view_message/5752610>

    or simply reply to this email.