+ Post New Thread
Results 1 to 15 of 15
Wired Networks Thread, Procurve vlan routing in Technical; I realise there is lots of similar threads but as far as I can tell our config is setup 'correctly' ...
  1. #1

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17

    Procurve vlan routing

    I realise there is lots of similar threads but as far as I can tell our config is setup 'correctly' to enable inter vlan routing.

    What we are trying to achieve is gain internet access from our old subnet 10.120.140.0/22 to our new router 10.120.136.1, I've created a vlan (136) with the IP 10.120.136.2 and ip-helper of our dhcp in the other subnet; we were using the default vlan for the other subnet as we were using dynamic LACP, whilst troubleshooting i've tried to create another vlan but this has not helped!

    I can ping the gateways of either vlan within either vlan so I think routing is working? However if I point the machine to the gateway in the 140.0/22 subnet I have no access.

    I also don't get a DHCP response from the 136 vlan so that functionality isn't working either.

    Any ideas what is going on here? Ignore the somewhat messy vlans as I can't move some of our LACP uplinks yet as the dynamic LACP keeps them in vlan 1.

    Code:
    ip routing 
    vlan 1 
       name "DEFAULT_VLAN" 
       untagged A9-A10,B20-B24,C13-C14,D1-D12 
       no ip address 
       no untagged A1-A8,A11-A24,B1-B19,C1-C12,C15-C22,D13-D24,Trk1 
       ip igmp 
       exit 
    vlan 136 
       name "onethreesix" 
       untagged A23,B7 
       ip address 10.120.136.2 255.255.255.0 
       ip helper-address 10.120.140.2 
       ip igmp 
       exit 
    vlan 100 
       name "VLAN100" 
       untagged A1-A8,A11-A22,A24,B1-B6,B8-B19,C1-C12,C15-C22,D13-D24,Trk1 
       ip address 10.120.140.1 255.255.252.0 
       exit 
    fault-finder bad-driver sensitivity low 
    fault-finder bad-transceiver sensitivity low 
    fault-finder bad-cable sensitivity low 
    fault-finder too-long-cable sensitivity low 
    fault-finder over-bandwidth sensitivity low 
    fault-finder broadcast-storm sensitivity low 
    fault-finder loss-of-link sensitivity low 
    fault-finder duplex-mismatch-HDx sensitivity low 
    fault-finder duplex-mismatch-FDx sensitivity low 
    ip route 0.0.0.0 0.0.0.0 10.120.136.1
    I realise this switch isn't great on the routing front but I believe it should do this! I'm off to check on firmware now which is almost certainly not the latest, will check back soon.

  2. #2

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    Newer firmware has not solved either problem - should I be able to ping our router (10.120.136.1) from the 140.0/22 subnet? If so this does not work currently, however from the 136 vlan I can.

  3. #3

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,174
    Thank Post
    284
    Thanked 773 Times in 583 Posts
    Rep Power
    335
    You need to enable rip in VLAN 136

    vlan 136
    ip rip 10.120.136.2

  4. #4

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,174
    Thank Post
    284
    Thanked 773 Times in 583 Posts
    Rep Power
    335
    It's also strange to have 10.120.136.2 as the routing address, shouldn't that be 10.120.136.1?
    Also, have you put the 10.120.136.2 as the default gateway in DHCP for that VLAN range?

  5. #5
    IrritableTech's Avatar
    Join Date
    Nov 2007
    Location
    West Yorkshire
    Posts
    795
    Thank Post
    84
    Thanked 172 Times in 141 Posts
    Rep Power
    64
    On what ports are your new router (gateway) and your DHCP server connected to?

    Do you know the config of your router?

  6. #6

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    The router is 10.120.136.1 hence the vlan has to have a different address (10.120.136.2 was what I chose, this is in the DHCP scope but as I mentioned dhcp leases aren't being handed out currently).

    Code:
    ip address 10.120.136.1 255.255.255.0
    10.120.136.1/24 can not be switch IP address and route gateway at the same time.
    Should I be able to specify the ip for the vlan?

    This switch does not have the 'rip' command, however 'ip routing' is accepted.

    As there is currently no IP on the vlan 136 I cannot ping anything from 140.0/22 on 'that side', but from 136 I can still ping 140.1 and also I've still got internet access (from 136)

    I've no idea on the router config I'm afraid as its our LBC property; the router is plugged into B7 and the dhcp server is on D20
    Last edited by nicklec; 14th February 2012 at 01:25 PM.

  7. #7

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    Sorted access from 140.0/22 to the gateway, vlan needed ip proxy-arp - investigated dhcp etc now.

  8. #8
    IrritableTech's Avatar
    Join Date
    Nov 2007
    Location
    West Yorkshire
    Posts
    795
    Thank Post
    84
    Thanked 172 Times in 141 Posts
    Rep Power
    64
    Ok, have you set up different scopes in your DHCP server?

    From what I have read, your old scope (within VLAN100) is working perfectly, except for internet access, correct?
    What is your current DHCP server giving out as the clients default gateway? It should be 10.120.140.1 so your VLAN 100 clients contact the switch, then your switch (using the default gateway address) should route the traffic to your RBC router.

    Then you need to create a second scope on your dhcp server. Lets say, 10.120.136.5 - 10.120.136.250 for arguments sake. It is the scope your DHCP will use to service requests from the 10.120.136.0 (VLAN 136) clients.

    Does that make sense?

  9. #9
    IrritableTech's Avatar
    Join Date
    Nov 2007
    Location
    West Yorkshire
    Posts
    795
    Thank Post
    84
    Thanked 172 Times in 141 Posts
    Rep Power
    64
    Quote Originally Posted by nicklec View Post
    Sorted access from 140.0/22 to the gateway, vlan needed ip proxy-arp - investigated dhcp etc now.
    Ok some progress! Although my config doesn't require a proxy arp?

    I've just re read my last post and it doesn't read very well.. Let me try again.

    Your clients on your 136 VLAN are sending out a DHCP request. Your switch sees the request and routes it on to your DHCP server using the ip-helper information.
    Your DHCP server receives the request and attempts to service it. However the request came from a subnet it doesn't know about. So it can't service the request.
    The client therefore never receives a DHCP response.

    If however you create a suitable DHCP scope on your DHCP server, it will be able to service the request because it is aware of the subnet from where the request first came.

  10. #10

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,802
    Thank Post
    272
    Thanked 1,135 Times in 1,031 Posts
    Rep Power
    349
    On all Our Vlans the Default Gateway is the core Switch (5406ZL), This then routes any unknown traffic to its default gateway (firewall).

  11. #11

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,174
    Thank Post
    284
    Thanked 773 Times in 583 Posts
    Rep Power
    335
    Quote Originally Posted by nicklec View Post
    The router is 10.120.136.1 hence the vlan has to have a different address (10.120.136.2 was what I chose, this is in the DHCP scope but as I mentioned dhcp leases aren't being handed out currently).

    Code:
    ip address 10.120.136.1 255.255.255.0
    10.120.136.1/24 can not be switch IP address and route gateway at the same time.
    Should I be able to specify the ip for the vlan?

    This switch does not have the 'rip' command, however 'ip routing' is accepted.

    As there is currently no IP on the vlan 136 I cannot ping anything from 140.0/22 on 'that side', but from 136 I can still ping 140.1 and also I've still got internet access (from 136)

    I've no idea on the router config I'm afraid as its our LBC property; the router is plugged into B7 and the dhcp server is on D20
    Are you setting it up so your router does all the internal routing or are you using the switch for the internal routing and the router for external routing?

  12. #12
    IrritableTech's Avatar
    Join Date
    Nov 2007
    Location
    West Yorkshire
    Posts
    795
    Thank Post
    84
    Thanked 172 Times in 141 Posts
    Rep Power
    64
    Quote Originally Posted by glennda View Post
    On all Our Vlans the Default Gateway is the core Switch (5406ZL), This then routes any unknown traffic to its default gateway (firewall).
    You see, you said it without nearly as many words as me.... #KeepItSimpleIrritableTech

  13. #13

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    The dhcp issues were solved with the same setting sorry for the slow update.

    This switch is a 4204vl by the way incase anyway finds this info.

    I'm not sure if its this switch and/or procurve but all the documentation says 'ip routing' OR default gateway so im not quite sure what you mean by this:

    Quote Originally Posted by glennda View Post
    On all Our Vlans the Default Gateway is the core Switch (5406ZL), This then routes any unknown traffic to its default gateway (firewall).
    The switch doesn't have a gateway set (but there is a default route) is this what you mean?

    For example all your vlans have the same address? (Not possible on this switch)

    I cannot 'reach' the gateway via our 140/22 vlan so the vlan has the address 10.120.140.1 and this gateway works within this vlan...

    Very confusing... but I'm fairly sure some terms should be clarified to avoid further confusion.

  14. #14

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,802
    Thank Post
    272
    Thanked 1,135 Times in 1,031 Posts
    Rep Power
    349
    Yes default route. we have

    Vlan's for each block plus a a couple for printers/voice etc. For all Vlan's with there own range and the default gateway to be xx.xx.xx.1 (which is the Core switch)

    B Block 10.1.0.X subnet 255.255.0.0 GW 10.1.0.1
    C Block 10.2.0.X subnet 255.255.0.0 GW 10.2.0.1
    G Block 10.3.0.X subnet 255.255.0.0 GW 10.3.0.1
    D Block 10.4.0.X subnet 255.255.0.0 GW 10.4.0.1
    and so on - each gateway is the Main Core Switch on the Vlan interface - the core then routes any traffic that it knows to the other VLans - any unknown traffic (so 0.0.0.0 255.255.255 ip.of.gate.way) This is on an HP 5406ZL

    Toby

  15. #15

    Join Date
    May 2008
    Posts
    213
    Thank Post
    2
    Thanked 27 Times in 27 Posts
    Rep Power
    17
    Thanks for clarification yes thats my understanding of the procurve way but we need to use addresses within 10.120.136.0/21 so thats why the first vlan had an address of 10.120.136.2 to avoid clashing with the LAN port on our LBC (LGfL 2.0) firewall (what you refer to as a gateway).

    Thanks for input everyone, all is good now hopefully!

SHARE:
+ Post New Thread

Similar Threads

  1. Procurve VLAN Routing Switch
    By Cache in forum Wired Networks
    Replies: 12
    Last Post: 7th June 2012, 12:30 PM
  2. Procurve vlan dhcp problem
    By maark in forum Wireless Networks
    Replies: 4
    Last Post: 5th June 2009, 09:36 AM
  3. Procurve VLAN help
    By meastaugh1 in forum Wireless Networks
    Replies: 8
    Last Post: 4th September 2008, 08:29 PM
  4. 3Com 4500G VLAN Routing
    By ptenteges in forum Wireless Networks
    Replies: 1
    Last Post: 28th May 2008, 12:31 PM
  5. Procurve - InterVLAN routing
    By meastaugh1 in forum Wireless Networks
    Replies: 3
    Last Post: 5th March 2008, 08:20 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •