+ Post New Thread
Results 1 to 13 of 13
Wireless Networks Thread, Routing between VLANs on HP ProCurve 4108GL Switch in Technical; Hello, I'm attempting to setup routing between VLANs on our core switch, a HP ProCurve 4108GL Switch. So far I've ...
  1. #1

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20

    Routing between VLANs on HP ProCurve 4108GL Switch

    Hello,

    I'm attempting to setup routing between VLANs on our core switch, a HP ProCurve 4108GL Switch.

    So far I've setup some VLANs via the GUI and Named them as well as assigning them a VLAN ID. Additionally I've also enabled IP Routing on the switch as well.

    I was hoping it would have been as simple as that but it isn't.

    I've tried to create static routes via the CLI, however, it always alerts me that the switch ip can not be a router address at the same time. Upon reading this it looks like I need to point the destination address as our gateway (an ISA Server). I want to avoid this for internal routing if, for whatever reason, this server goes down.

    The new range is 172.16.*.* with a subnet mask of 255.255.248.0

    At present our current IP system is 192.168.0.0 to 192.168.7.255, also with a subnet mask of 255.255.248.0. This is currently on the default VLAN. I'm hoping I can setup the neccessary routing so I can transfer the servers, infrastructure IPs, clients, printers etc in stages rather than all at once.

    Anyone able to offer any help?

    Thanks,

    Rob
    Last edited by robknowles; 30th May 2010 at 12:06 AM. Reason: Missed a ?

  2. #2
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    676
    Thank Post
    171
    Thanked 127 Times in 106 Posts
    Blog Entries
    1
    Rep Power
    47
    Does the switch have a ip address assigned in each vlan? If so you should only need to configure a static route to the outside world via the cli. This may be why your seeing the error messages.

    Your plan certainly sounds feasable, and I would agree that using a ISA server for internal routing may be a bit iffy in case it goes down.

    We have a smoothwall box routing wireless and our HP 5300 core switch doing everything else.

  3. #3

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20
    Hello,

    Yes, I've configured the VLANs with an IP Address. When I telnet into the switch and use the ping functionality I can ping devices on the default VLAN fine, but when I attempt to ping devices on the other vlans it says that "Ping Failed: Network is unreachable on this VLAN". I'm just wondering whether I've missed something when setting up the VLANs. I know that the 4108GL doesn't support ACLs so I don't believe it's anything to do with this.

    Thanks,

    Rob

  4. #4
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,424
    Thank Post
    10
    Thanked 488 Times in 428 Posts
    Rep Power
    111
    What about the clients/servers? You do not need to configure any routes on the switch, unless you want a default route on it for non network traffic to go to (like a firewall/router).

    The clients will either need to use the switches IP for their vlan as their gateway or you will need to add a route entry to make it send traffic via the switch. Normally you can just hand out the correct gateway information with DHCP.

  5. #5

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20
    Hello,

    All the devices that are on the default VLAN have the IP Address of the switch as the gateway, on the new VLAN I have a couple of client machines I'm testing which have the IP Address of the VLAN on the switch as their gateway as well.

    Thanks,

    Rob

  6. #6
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,424
    Thank Post
    10
    Thanked 488 Times in 428 Posts
    Rep Power
    111
    Can you ping the gateway address of the other vlan? If you are testing with Vista/7/2008 then the firewall will sometimes block traffic from outside the subnet.

  7. #7

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20
    I can't ping the gateway address of the other VLAN. If I do "show ip route" on the switch, I can see a destination of 192.168.0.0, network mask of 255.255.248.0 and the gateway of DEFAULT_VLAN and type connected. I don't see any information concerning the other VLANs. I would have expected to have seen another line with destination of 172.16.0.0, Network Mask of 255.255.248.0 and Gateway SERVER_VLAN and type connected. Have I missed something somewhere?

    Thanks,

    Rob

  8. #8
    Face-Man's Avatar
    Join Date
    Dec 2005
    Location
    London
    Posts
    577
    Thank Post
    11
    Thanked 58 Times in 40 Posts
    Rep Power
    70
    you might find this is the info you are looking for

    IT Resource Center forums - IP routing 4108gl

    It looks like the 4108 has limited layer 3 capabilities so you might be better off with a cheap router.

  9. #9

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20
    Hello,

    I've figured out the problem. Well, sort of. The routing is working fine, it's my VLANs that are the issue. I've put a couple of clients on the default VLAN, one with an IP Address of 192.168.0.2 (Subnet Mask of 255.255.248.0 and Gateway of 192.168.0.1) and another client on the same VLAN with 172.16.0.2 (Subnet Mask of 255.255.248.0 and Gateway of 172.16.0.1) and they can now ping connect etc fine.

    I then put the one client back to the other VLAN and that is when it breaks. I'm guessing it's due to how I should be tagging the VLANs against ports. As a trial I created a virtual machine on ESX 4, attached it to a new virtual switch, assigned that an NIC and then tagged the port the NIC is connected to on the switch against the VLAN ID and gave the Virtual Machine the 172.* details as above. This is now working fine. Furthurmore it's getting the correct DHCP Settings via the use of the switch's DHCP-Helper command.

    My new question is, and I must read up on VLANs myself, can I tag all the switch's ports to the multiple VLANs I create without causing issues and getting it to work the way I want? It's easy enough to tag all the ports that connect to the servers on the switch to the one VLAN (the server VLAN), but I have other ports that link to the other switches around the school for which data will arrive from different VLANS (i.e. a VLAN for wireless guest devices, authenticated wired devices, IP Cameras etc).

    Thanks,

    Rob

  10. #10
    Face-Man's Avatar
    Join Date
    Dec 2005
    Location
    London
    Posts
    577
    Thank Post
    11
    Thanked 58 Times in 40 Posts
    Rep Power
    70
    If it a fully hp procurve environment you can use tagged ports to transfer the vlan data quite easily. I've had difficulty when using different manufacturers hardware. It's best to use untagged data points when connecting to the actual device.

  11. #11

    Join Date
    Apr 2007
    Location
    Sutton Coldfield
    Posts
    207
    Thank Post
    29
    Thanked 34 Times in 28 Posts
    Rep Power
    20
    Hello,

    Yes, our environment is a full HP ProCurve environment. So, if I understand you correctly, I should not tag the data by using the software on the Network Cards themselves (for example the Intel ProSet Utilities, or VMware's Virtual Switches), but instead should tag the ports on the core switch with the VLAN data I want it to carry. I'm guessing that I should then in turn tag the VLAN ports to the uplink ports on the HP 2626 satellite switches around the school, or can this be left?

    Thanks,

    Rob

  12. #12

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,607
    Thank Post
    514
    Thanked 2,441 Times in 1,889 Posts
    Blog Entries
    24
    Rep Power
    828
    The way it usually gets set up is to have all uplink ports (ie. all links between switches) set to tagged for all vlans that you wish them to carry. Then, every port should be assigned to a vlan as untagged.

    This would statically set your ports to their required VLANs.

  13. #13
    mrbios's Avatar
    Join Date
    Jun 2007
    Location
    Stroud, Gloucestershire
    Posts
    2,447
    Thank Post
    349
    Thanked 254 Times in 209 Posts
    Rep Power
    98
    You're doing basically the exact same thing as we setup a few years ago, with the slight difference that ours was 172.18.*.* and a subnet mask of 255.255.255.0, we recently moved over to an 8206zl and there are a lot of routes that had to be setup manually, sadly i can't tell you what exactly as someone far more experienced than anyone here set those up for us. you're definately on the right track, the only thing i will say though about the 4108: after a certain firmware version it won't allow you to do IP Routing + trunk ports! and once you get to the point of having about 15 vlans with various different routes it reaches it's rouing capabilities and when it does that, it falls over!

SHARE:
+ Post New Thread

Similar Threads

  1. [Wanted] HP ProCurve Switch GL 20 PortModule Switch (J4908A)
    By robknowles in forum Classified Adverts
    Replies: 4
    Last Post: 6th November 2009, 08:14 PM
  2. VLANS L3 Switch Netgear Help
    By benIT in forum Wireless Networks
    Replies: 3
    Last Post: 5th August 2009, 12:55 PM
  3. Procurve - InterVLAN routing
    By meastaugh1 in forum Wireless Networks
    Replies: 3
    Last Post: 5th March 2008, 08:20 PM
  4. HP Procurve 4108GL
    By wesleyw in forum Hardware
    Replies: 16
    Last Post: 5th July 2006, 01:58 PM
  5. Changing port vLANs on an HP ProCurve switch
    By MrDylan in forum Hardware
    Replies: 6
    Last Post: 9th March 2006, 03:13 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •