Is there anyone out there with a vaguely HP setup that wouldn't mind furnishing me with a copy of their switch config?
Struggling to get VLANs working over multiple switches. Easy peasy on a single switch but as soon as tagging comes into it, it's like banging my head against a brick wall.
Create vlan with same ID on the second switch. On the uplink betweek the two tag the ports with the vlans you want it to pass between switches. You only need an IP on the routing switch, and I also usually have only tagged between switches (set the edge switch to tagged first for the management port!)
Example:
Core:
vlan 90
name "Client A"
untagged H1-H2,H5
ip helper-address 10.0.7.1
ip helper-address 10.0.7.15
ip address 10.0.9.254 255.255.255.0
tagged B1,D1-D20
ip igmp
ip access-group "Staff" in
exit
Edge:
vlan 90
name "Client A"
no ip address
tagged 45
ip igmp
no ip igmp querier
exit
synaesthesia (8th March 2013)
This is Comware 5, just using my printers VLAN as an example - it's a VLAN that spans every switch, and is routed from core.
On the core switch:
On an edge switch:Code:dhcp relay server-group 1 ip 10.45.176.100 dhcp relay server-group 1 ip 10.45.176.30 vlan 192 description Printers_VLAN # need to be in system to work on interfaces interface Vlan-interface192 description Printers_VLAN ip address 10.45.192.1 255.255.255.0 dhcp select relay dhcp relay server-select 1 # example port out to an edge switch interface GigabitEthernet1/0/22 port link-type hybrid port hybrid vlan 192 196 1011 tagged port hybrid vlan 1 untagged # added to routing table automatically, this is just for you to check. Won't appear until at least one port is carrying traffic for VLAN192 10.45.192.0/24 Direct 0 0 10.45.192.1 Vlan192 10.45.192.1/32 Direct 0 0 127.0.0.1 InLoop0
I think that's everything relevant from my config.Code:vlan 192 description Printers_VLAN # example port connected to printer interface GigabitEthernet1/0/29 port access vlan 192 stp edged-port enable # static route directs traffic to core switch 0.0.0.0/0 Static 60 0 172.31.240.5 Vlan1011 # (vlan1011 is a connecting VLAN between the core and this edge switch, and is an approach you don't necessarily have to implement)
If you're on HP ProCurve, all of the above is irrelevant.
EDIT: in brief, untagged is the VLAN that port actually uses - so if a computer wants to use VLAN 100, the port it connects to should be untagged as 100. If a port needs to carry VLAN traffic (so between switches, basically), then it needs to be tagged with all the VLANs it might need to carry. For example, if an edge switch has computers in VLANs 194 and 195, and printers using VLAN 192, the connecting port between the core and the edge switch in question will be untagged to VLAN 1 (as the switch's IP itself is in VLAN 1, the management VLAN) but be tagged with 192, 194 and 195.
Last edited by sonofsanta; 7th March 2013 at 11:52 AM.
synaesthesia (8th March 2013)
Aha. It would appear then from both of your inputs that my issue lies in not untagging VLAN1 on the uplinks/trunks/management of the switches
Cheers!
Now I just need to figure out what the hell HP are on about on the procurve 1800 switches. I wish people would stick to a standard especially when they're using 3 different terms between their own switches.
I can set "Tagged only" or "All" for vlan traffic on each port. Bah.
Last edited by synaesthesia; 8th March 2013 at 08:54 AM.
Gack, this is doing my nut now.
Going right back to a very simple, single switch setup I can't even get traffic in the right places.
DHCP server sitting on 192.168.4.11 obviously, and plugged into port B17. Client plugged into port A1. Client can ping the ip of it's VLAN (192.168.8.1) when it's given a static IP in the same range. It will even ping the switches management IP of 192.168.5.2 so therefore I assume the routey bit is working fine.Code:hostname "HP-E5406zl" module 1 type J9534A module 2 type J9535A ip routing vlan 1 name "DEFAULT_VLAN" untagged B1-B16,B18-B24 ip address 192.168.5.2 255.255.255.0 no untagged A1-A24,B17 ip igmp exit vlan 100 name "Servers" ip address 192.168.4.1 255.255.255.0 untagged B17 ip igmp exit vlan 200 name "LRClients" untagged A1-A24 ip helper-address 192.168.4.11 ip address 192.168.8.1 255.255.252.0 ip igmp exit
But client can't ping the DHCP server nor will it obviously pick up an IP from it.
Last edited by synaesthesia; 8th March 2013 at 11:22 AM.
Hmm. Not sure. My lack of surety is not helped by the fact that with a 5406, you're on Procurve code, not Comware, and that's the one switch OS I've never worked with.
Can the switch ping the DHCP server? It's not as daft as Win2008R2's firewall rejecting ICMP by default, is it? (I do that a lot)
Last edited by sonofsanta; 8th March 2013 at 11:49 AM.
Checked that after making the same mistake yesterdaySwitch can ping the DHCP server fine.
Finding it odd how many different setups there are. The documentation says I just need to enable routing using "IP Routing" whereas other actual configs I see have static routes set up, or have ip rip enabled.
"Show route" appears to be entirely empty though, which seems odd?
Last edited by synaesthesia; 8th March 2013 at 12:11 PM.
igmp should preclude the need to use static routes or RIP, assuming your whole network can support it - my edge switches can't, so I use static routes.
If your switch can ping the server and your client can ping the switch, though, it sounds very much like a routing issue in the switch. Maybe switching to static routing will help?
Do you have the gateways set to the relevant vlan and the scopes created in dhcp?
You don't need to do anything with static routes, it's not that complicated to get working.
This is what I thought. Yeah the gateways are set up, dhcp tested working on the relevant scope.
I've just gotten it working to an extent by adding "ip proxy-arp" however I'm sure that's a bit of a dodgy workaround. Oddly now the client can ping and get an IP from the server without a problem, but server can't ping the client.
Was using the wrong command to check routing - should have been using show ip route:
HP-E5406zl(vlan-200)# show ip route
IP Route Entries
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0
192.168.4.0/24 Servers 100 connected 1 0
192.168.5.0/24 DEFAULT_VLAN 1 connected 1 0
192.168.8.0/22 LRClients 200 connected 1 0
Last edited by synaesthesia; 8th March 2013 at 12:51 PM.
Problem found and solved. The 2012 server I was using - on VirtualBox wasn't playing ball. Set up a physical PC (which btw is DAMNQUICK! when booted to 2012 on SSD) and everything is working as intended on an extremely basic setup
Can't get much more simple really. No faffing with RIP or manual routes.Code:hostname "HP-E5406zl" module 1 type J9534A module 2 type J9535A ip routing vlan 1 name "Management" untagged A2-A24,B1-B18,B21-B24 ip address 192.168.5.2 255.255.255.0 no untagged A1,B19-B20 exit vlan 100 name "Servers" untagged B19-B20 ip address 192.168.4.1 255.255.255.0 ip igmp exit vlan 200 name "LRClients" ip helper-address 192.168.4.11 ip address 192.168.8.1 255.255.252.0 tagged B1 ip igmp exit ip multicast-routing snmp-server community "public" unrestricted password manager
Okie folks, another conundrum to ponder.
2 x 5406zl's which serve a different site to our school. The ideal setup is that they act as the relevant default gateways for the clients on each site so they pick up DHCP and DNS settings appropriately.
However, I can't seem to get this to work with both being a router. Would I be correct in thinking I therefore need a 3rd router (possibly the ISP provided one) to handle that?
I can get the switches talking to eachother fine and all clients acting appropriately but only if I disable routing on one switch and add a default route from each switch to the other. That however seems to be a nasty way of doing it and opens things up a little too much for my liking.
Any thoughts greatly appreciated.
Not using igmp I fear I won't be much help here, but you absolutely can have more than one switch routing on a network - in fact, it's preferable to push the routing as far out on the network as possible, to reduce load at the core. Where I have a VLAN coming solely off a single Layer 3 edge switch, that edge switch does the routing for that VLAN (i.e. has the gateway on it, has the routes etc.)
So what you want to do is possible, but I don't know owt about igmp to work out why the routing switches aren't correctly routing. It's possible that router means something slightly different in the context of igmp, in which case ignore me entirely.
I could probably take IGMP out. That's something garnered from other threads here, there are so many standards in place it's amusing.
I'll test that now, in fact
Just done. No difference, all still works as intended
Last edited by synaesthesia; 12th March 2013 at 08:30 AM.
igmp is multicast filtering, it allows machines to join a multicast session so that the traffic only goes to those ports. You want it enabled on the core and the edge, but with the core for the igmp querier to manage the groups. It's useful for things like multicast WDS and ghost.
You should think carefully about using multicast routing, I managed without it, but all my machines ended up in a guest vlan when booting to WDS so they were all in the same vlan for imaging.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
