+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 25
Wired Networks Thread, *gulp* VLANage. in Technical; OK, trying to get my head around this, in very very little time. 2 routers, one per site. DHCP/DNS and ...
  1. #1

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486

    *gulp* VLANage.

    OK, trying to get my head around this, in very very little time.

    2 routers, one per site.
    DHCP/DNS and file server per site, and one site has a lot more servers besides.

    Test setup worked brilliantly.
    Live - not so much, despite identical setups.

    For instance:

    Servers, being ESX dont seem to like the VLANS much. That's one big difference I think, the fact that we tested with physical boxes therefore the SERVERS vlan was untagged for the relevant ports. ESX doesn't play ball with that, and only seems to work when we add the relevant vlan tags on ESXi and then tag the ports on the switch. Does that sound right/usual?
    Our boxes are also in the SERVERS vlan (untagged) as we'll need access to pretty much everything.

    Trouble is, tomorrow it's going to be all or nothing - I don't want to give up and flatten it again when the tests worked so well
    Any input or known gimme's with ESXi stuff?
    Pair of Procurve 5406zl's doing the gruntwork and nearly all the edges are Dlink DGS-1224s or DGS-1210-24s.

  2. #2
    nicholab's Avatar
    Join Date
    Nov 2006
    Location
    Birmingham
    Posts
    1,527
    Thank Post
    4
    Thanked 100 Times in 96 Posts
    Blog Entries
    1
    Rep Power
    53
    Sorry it a while since I used VMware. Do you have a septate port for management? To me it sound like that the virtual switch is not set up correctly you need to have a virtual have a trunk port on the network. You create Vlan on the virtual switch and then put the port in the server vlan.
    Last edited by nicholab; 3rd April 2013 at 04:33 PM.

  3. #3

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    Yeah, thought that might be the case. Thankfully ports are a-plenty.
    So it would be right, that you would have it tagged on the switch rather than untagged?

  4. #4
    nicholab's Avatar
    Join Date
    Nov 2006
    Location
    Birmingham
    Posts
    1,527
    Thank Post
    4
    Thanked 100 Times in 96 Posts
    Blog Entries
    1
    Rep Power
    53
    You can do it both ways. You can either set up the HP port to the ESXi box as trunk port and then have the Vlan on the the Vswitch or you can have the Vswitch in one vlan.

  5. Thanks to nicholab from:

    synaesthesia (3rd April 2013)

  6. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,234
    Thank Post
    894
    Thanked 1,780 Times in 1,534 Posts
    Blog Entries
    12
    Rep Power
    462
    No idea what you mean with your vmware. But we have it setup on EXSi where the link from the Host to the switch is a trunk port. You then setup your management network with a VLAN ID. You then setup your networks inside the software and just set as many as you like using the VLAN ID's.

  7. Thanks to FN-GM from:

    synaesthesia (3rd April 2013)

  8. #6

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    Oh my giddy good god. That simple. I've been forgetting that it's a virtual switch too, hence of course it's just a trunk. There we go then

    Cheers!

  9. #7
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    Yes, just tag all the VLANs you want to be available on the vswitch for that port. You can also tag the management console if you want, I never used untagged for vmware boxes after they added management tagging in 3.0.

    Procurve has no concept of "trunk" ports that just send all vlans below 1000, unless specified, in the same way cisco does.

  10. Thanks to DMcCoy from:

    synaesthesia (6th April 2013)

  11. #8

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    Aye that's right - trunking in procurve terms is link aggregation. The only real difficulty faced is the different terms between manufacturers.

    Daft really, it was easier (in fact, possible at all) to get vlans working across dlink edges and our big procurve cores than it is to do it at all on procurve 1800's. Say what you like about D-Link, they make the PC 1800's look like kiddies toys. And that's just because HP keep changing their own terminology too.

  12. #9
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    The 1800s are nice, small, all Gb silent switches (at least the 24 port ones). However they suffer from the same issue as dlinks and netgears, PVIDs which I really don't see a need for. I'm sure there is a good reason for them, but I prefer the larger procurve options of no, forbid, tagged, untagged without a need for pvid.

  13. Thanks to DMcCoy from:

    synaesthesia (6th April 2013)

  14. #10

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    That's exactly it - and there's no way around them. Thankfully no PVID's on the dlinks hence they work (in testing). And there's no option to manage the small procurves other than the GUI

    Right, so I'm now at a dead end. Everything worked in testing and it's not now it's vaguely live.

    Config is thus:

    Code:
    Running configuration:
    
    ip routing
    vlan 1
       name "Management"
       untagged A6-A24,B1-B14,B16,B18-B24
       ip address 10.12.149.1 255.255.255.0
       no untagged A1-A5,B15,B17
       exit
    vlan 100
       name "Servers"
       untagged A5
       ip address 10.12.148.2 255.255.255.0
       tagged A1-A4,A6-A18,B11,B20,B24
       exit
    vlan 200
       name "LRClients"
       untagged B15
       ip helper-address 10.12.148.12
       ip address 10.12.152.1 255.255.252.0
       tagged A1,B1-B12,B20
       exit
    vlan 105
       name "WiFi"
       untagged B17
       ip helper-address 10.12.148.12
       ip address 10.12.160.1 255.255.240.0
       tagged A1,B1-B12,B24
       exit
    ip route 0.0.0.0 0.0.0.0 10.12.148.1
    ip route 10.12.156.0 255.255.252.0 10.12.148.3
    As said, this worked in testing with no issues. The only difference is internet router behind it now (not worried, we can get it running without internet until ISP can config it for us).
    10.12.148.12 being the DHCP server, obviously.
    This is a VM on an ESXi 5 box.

    IP setup on that VM is 10.12.148.12 255.255.255.0 gateway being the vlan address of 10.12.148.2
    Tried all sorts on the ESXi vlan setup but currently that NIC connected to the DC is set to vlan 100.
    DC can ping the switch but only on the gateway/vlan address of 148.12 - it can't ping the switch itself, nor anything connected to it on the same IP range.
    I'm guessing this is an ESXi related issue but not so sure.

    Any help would be MASSIVELY appreciated!

  15. #11
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,703
    Thank Post
    172
    Thanked 226 Times in 208 Posts
    Rep Power
    68
    Only read this quickly but assuming the DC is a VM with its network set to 100 have you got another VM set up with the same network on the same ESXi host? If so can the DC ping that?

    If you set a port on the switch untagged in VLAN 100 with a physical PC plugged into it can the DC ping that?

  16. #12
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    I assume you have the vlan on the vswich, and the NIC on the vm is assigned to that vlan?

    If you add a vlan to a vswitch after the VM is created you need to change the NIC properties for it as it will be unassigned still.

  17. #13

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    I'm working on EST tagging which is all done at the physical switch and not at the virtual switch. That allows me to ping to and from just about everything. DHCP helper is currently the only thing not working as a result.

    When on a VST (so the VM network was set to vlan100) it could ping other devices in the same vlan only. Routing appears to be OK:

    Code:
     IP Route Entries
    
      Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
      ------------------ --------------- ---- --------- ---------- ---------- -----
      0.0.0.0/0          10.12.148.1     100  static               1          1
      10.12.148.0/24     Servers         100  connected            1          0
      10.12.149.0/24     Management      1    connected            1          0
      10.12.152.0/22     LRClients       200  connected            1          0
      10.12.156.0/22     10.12.148.3     100  static               1          1
      10.12.160.0/20     WiFi            105  connected            1          0
      127.0.0.0/8        reject               static               0          0
      127.0.0.1/32       lo0                  connected            1          0

  18. #14
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,484
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    I suggest you use to normal VST method, I don't see why you would want to use EST.

  19. #15

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,242
    Thank Post
    603
    Thanked 1,095 Times in 843 Posts
    Blog Entries
    15
    Rep Power
    486
    OK. May I ask what you mean by "Change the NIC properties" please?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [ACS] Gulp...
    By Oaktech in forum MIS Systems
    Replies: 7
    Last Post: 24th January 2012, 08:39 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •