OK, trying to get my head around this, in very very little time.
2 routers, one per site.
DHCP/DNS and file server per site, and one site has a lot more servers besides.
Test setup worked brilliantly.
Live - not so much, despite identical setups.
Servers, being ESX dont seem to like the VLANS much. That's one big difference I think, the fact that we tested with physical boxes therefore the SERVERS vlan was untagged for the relevant ports. ESX doesn't play ball with that, and only seems to work when we add the relevant vlan tags on ESXi and then tag the ports on the switch. Does that sound right/usual?
Our boxes are also in the SERVERS vlan (untagged) as we'll need access to pretty much everything.
Trouble is, tomorrow it's going to be all or nothing - I don't want to give up and flatten it again when the tests worked so well :(
Any input or known gimme's with ESXi stuff?
Pair of Procurve 5406zl's doing the gruntwork and nearly all the edges are Dlink DGS-1224s or DGS-1210-24s.
Sorry it a while since I used VMware. Do you have a septate port for management? To me it sound like that the virtual switch is not set up correctly you need to have a virtual have a trunk port on the network. You create Vlan on the virtual switch and then put the port in the server vlan.
Yeah, thought that might be the case. Thankfully ports are a-plenty.
So it would be right, that you would have it tagged on the switch rather than untagged?
You can do it both ways. You can either set up the HP port to the ESXi box as trunk port and then have the Vlan on the the Vswitch or you can have the Vswitch in one vlan.
No idea what you mean with your vmware. But we have it setup on EXSi where the link from the Host to the switch is a trunk port. You then setup your management network with a VLAN ID. You then setup your networks inside the software and just set as many as you like using the VLAN ID's.
Oh my giddy good god. That simple. I've been forgetting that it's a virtual switch too, hence of course it's just a trunk. There we go then :)
Yes, just tag all the VLANs you want to be available on the vswitch for that port. You can also tag the management console if you want, I never used untagged for vmware boxes after they added management tagging in 3.0.
Procurve has no concept of "trunk" ports that just send all vlans below 1000, unless specified, in the same way cisco does.
Aye that's right - trunking in procurve terms is link aggregation. The only real difficulty faced is the different terms between manufacturers.
Daft really, it was easier (in fact, possible at all) to get vlans working across dlink edges and our big procurve cores than it is to do it at all on procurve 1800's. Say what you like about D-Link, they make the PC 1800's look like kiddies toys. And that's just because HP keep changing their own terminology too.
The 1800s are nice, small, all Gb silent switches (at least the 24 port ones). However they suffer from the same issue as dlinks and netgears, PVIDs which I really don't see a need for. I'm sure there is a good reason for them, but I prefer the larger procurve options of no, forbid, tagged, untagged without a need for pvid.
That's exactly it - and there's no way around them. Thankfully no PVID's on the dlinks hence they work (in testing). And there's no option to manage the small procurves other than the GUI :(
Right, so I'm now at a dead end. Everything worked in testing and it's not now it's vaguely live.
Config is thus:
As said, this worked in testing with no issues. The only difference is internet router behind it now (not worried, we can get it running without internet until ISP can config it for us).
ip address 10.12.149.1 255.255.255.0
no untagged A1-A5,B15,B17
ip address 10.12.148.2 255.255.255.0
ip helper-address 10.12.148.12
ip address 10.12.152.1 255.255.252.0
ip helper-address 10.12.148.12
ip address 10.12.160.1 255.255.240.0
ip route 0.0.0.0 0.0.0.0 10.12.148.1
ip route 10.12.156.0 255.255.252.0 10.12.148.3
10.12.148.12 being the DHCP server, obviously.
This is a VM on an ESXi 5 box.
IP setup on that VM is 10.12.148.12 255.255.255.0 gateway being the vlan address of 10.12.148.2
Tried all sorts on the ESXi vlan setup but currently that NIC connected to the DC is set to vlan 100.
DC can ping the switch but only on the gateway/vlan address of 148.12 - it can't ping the switch itself, nor anything connected to it on the same IP range.
I'm guessing this is an ESXi related issue but not so sure.
Any help would be MASSIVELY appreciated!
Only read this quickly but assuming the DC is a VM with its network set to 100 have you got another VM set up with the same network on the same ESXi host? If so can the DC ping that?
If you set a port on the switch untagged in VLAN 100 with a physical PC plugged into it can the DC ping that?
I assume you have the vlan on the vswich, and the NIC on the vm is assigned to that vlan?
If you add a vlan to a vswitch after the VM is created you need to change the NIC properties for it as it will be unassigned still.
I'm working on EST tagging which is all done at the physical switch and not at the virtual switch. That allows me to ping to and from just about everything. DHCP helper is currently the only thing not working as a result.
When on a VST (so the VM network was set to vlan100) it could ping other devices in the same vlan only. Routing appears to be OK:
IP Route Entries
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 10.12.148.1 100 static 1 1
10.12.148.0/24 Servers 100 connected 1 0
10.12.149.0/24 Management 1 connected 1 0
10.12.152.0/22 LRClients 200 connected 1 0
10.12.156.0/22 10.12.148.3 100 static 1 1
10.12.160.0/20 WiFi 105 connected 1 0
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0
I suggest you use to normal VST method, I don't see why you would want to use EST.
OK. May I ask what you mean by "Change the NIC properties" please?