HPE Community
Aruba & ProVision-based
1752749 Members
4835 Online
108789 Solutions
New Discussion

routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

 
JopvBerlo
Occasional Collector

‎12-01-2014 02:33 AM - edited ‎12-02-2014 01:30 AM

‎12-01-2014 02:33 AM - edited ‎12-02-2014 01:30 AM

routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

Dear,

 

Our situation is as follows:

We are getting a new VOIP solution in the near future, therefor we need to configure new VLANs (since we only have 1 default VLAN)

 

The internal routing from switches to switches is working (in the same voice VLAN 20), but we are not able to route from the voice VLAN 20 (ip: 10.10.20.1) to the default gateway VLAN 1 (this is our modem. ip: 172.16.1.2)  or even other devices in our Default VLAN 1, like desktops, servers, etcetera. 

 

 

Our configuration is as follows:

 

Running configuration:

; J9452A Configuration Editor; Created on release #K.15.07.0008
; Ver #02:1b.2f:36

hostname "106-6600" 
qos dscp-map 011010 priority 3 
qos dscp-map 101110 priority 6 
module 2 type J94yyA 
module 3 type J94zzA 
module 5 type J94wwA 
module 6 type J94wwA 
no stack 
trunk 50,52 Trk1 Trunk 
trunk 21-22 Trk3 Trunk 
ip default-gateway 172.16.1.2 
ip routing 
vlan 1 
   name "DEFAULT_VLAN" 
   untagged 1-20,23-27,29-48,49,51,Trk1,Trk3 
   qos priority 0 
   ip address 172.16.16.32 255.255.0.0 
   no untagged 28 
   ip proxy-arp 
   ip igmp 
   exit 
vlan 20 
   name "VOIP" 
   untagged 28 
   qos priority 6 
   ip address 10.10.20.1 255.255.255.0 
   tagged 33,Trk1,Trk3 
   voice 
   ip proxy-arp 
   ip igmp 
   exit 
vlan 200 
   name "Management" 
   tagged Trk1,Trk3 
   no ip address 
   exit 
vlan 10 
   name "Data" 
   no ip address 
   exit 
vlan 30 
   name "Video" 
   no ip address 
   exit 
vlan 40 
   name "Printers" 
   no ip address 
   exit 
vlan 50 
   name "Internet" 
   no ip address 
   exit 
vlan 60 
   name "PLC" 
   no ip address 
   exit 
vlan 70 
   name "Extern" 
   no ip address 
   exit 
vlan 100 
   name "Servers" 
   no ip address 
   exit 
ip route 0.0.0.0 0.0.0.0 172.16.1.2
ip route 10.10.20.0 255.255.255.0 vlan 1
snmp-server community "public" unrestricted
snmp-server contact "xxxxxxxxxxxxx" location "CMA - 172.16.16.32"
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree Trk3 priority 4
oobm
   no ip address
   exit
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator

 

I really hope someone can help us.

 

Thanks in advance,

Greetings Jop.

 

 

P.S. This thread has been moved from Switches, Hubs, Modems (Legacy ITRC forum) to ProCurve / ProVision-Based. - Hp Forum Moderator

0 Kudos
4 REPLIES 4
Vince-Whirlwind
Honored Contributor

‎12-01-2014 06:58 PM

‎12-01-2014 06:58 PM

Re: routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

What's this line meant to be doing?
"ip route 10.10.20.0 255.255.255.0 vlan 1"

 

Does the Modem have a route to 10.10.20.0?

What does it point to?

 

What is the configured default GW address on the devices in VLAN20?

 

What is the configured default GW address on the devices in VLAN1?

DLeijsten
Occasional Visitor

‎12-02-2014 01:47 AM

‎12-02-2014 01:47 AM

Re: routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

Hi, jumping into the discussion. I'm a colleague of Jop.

 

 

What's this line meant to be doing?
"ip route 10.10.20.0 255.255.255.0 vlan 1"

 - This ip route has been deleted. This was pure for testing purposes

 

Does the Modem have a route to 10.10.20.0?

What does it point to?

- Modem is a Palo Alto P200, which accepts ALL traffic from ANY ip subnet. It's used as default gateway troughout our (current) LAN network reachable under ip 172.16.1.2 (on DEFAULT_VLAN , vlan 1). modem is conected to port 33 untagged.

- So my understanding was that the modem doesn't need to have a route for the 10.10.20.0 range.

- Furthermore, we can't even ping across subnets, so that issues needs to be resolved first.

 

What is the configured default GW address on the devices in VLAN20?

- 10.10.20.1

 

What is the configured default GW address on the devices in VLAN1?

- 172.16.1.2

 

 

I started thinking that there might be a problem with using the gateway 172.16.1.2 on the default vlan 1 as gateway routing for the vlan's. One thing is for sure. Traffic from the vlan's is not getting routed back.

 

From vlan 1 (DEFAULT_VLAN) we can ping the 172.16.1.2 interface of the Palo Alto, so that's something that we ofcourse are trying to accomplish from the other vlan's. 

 

The configuration posted above by Jop is from our Core switch. All the other switches also have all vlan's configured, without ip address assignment. The vlan's are tagged over the Trunk connections going to the Core switch.

 

For now we are only testing on this HP Procurve 6600 core switch.

0 Kudos
Vince-Whirlwind
Honored Contributor

‎12-02-2014 02:09 AM

‎12-02-2014 02:09 AM

Re: routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

Your Palo Alto needs a route to 10.10.20.0.

 

But the overall issue is poor design. You have two Layer3 devices and 2 of them are on the same subnet. This is not good, creates confusion, asymmetric routing, and weird problems.

 

Either

make your switch a layer2 switch only, and trunk both VLANs to the Palo Alto.

or

Get rid of VLAN1 subnet off the Palo Alto and create a new point-to-point only subnet between Palo Alto and switch (eg VLAN99) and move the VLAN1 .2 address onto the switch.

 

Even better, follow best practices and eliminate VLAN1.

DLeijsten
Occasional Visitor

‎12-02-2014 03:31 AM - edited ‎12-02-2014 03:32 AM

‎12-02-2014 03:31 AM - edited ‎12-02-2014 03:32 AM

Re: routing between VLAN Procurve E6600ml-48G-4XG(J9452A)

Vince,

 

Thanks very much for thinking with us. Indeed the Palo Alto P200 needed an route back to the 10.10.20.0/24 subnet. Created this on the ethernet interface of the device.

 

The inter vlan communication was working, but due to a difference in ip of VLAN 1 gateway configuration on a client we couldn't reach a client in vlan 20. Stupid mistake!

 

All working now.

 

The poor design is where Jop and I were hired for ;)

 

VLAN 1 is definitely going to dissapear !! Because of time pressure with new VoIP implementation, for now on hold. First VLAN 20 and VoIP working.

 

Thanks again!!!

 

 

Regards,

Dave

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.