Aruba & ProVision-based

5406zl Vlan setup

 
synaesthesia
Frequent Advisor

5406zl Vlan setup

Vlans appear to be set up and speaking well. Rough setup is:

 

3 vlans. 101 is site A, 102 is site B and 103 is for servers (which are across both sites)

 

DHCP working well on each system.

  

Setup from one of the switches (Site B)

(B21 is link from one switch to the other)

 

ip routing

ip udp-bcast-forward

vlan 1

name "DEFAULT_VLAN"

untagged B21-B24

no untagged A1-A24,B1-B20

no ip address

exit

vlan 101

name "Site A Switches"

ip address 192.168.3.10 255.255.255.0

exit

vlan 102

name "Site B Switches"

ip address 192.168.2.10 255.255.255.0

untagged A1-A24,B1-B20

ip helper-address 10.12.148.16

exit

vlan 103

name "Servers"

untagged B20

ip address 10.12.148.17 255.255.252.0

exit

snmp-server community "public" unrestricted

vlan 101

ip rip 192.168.3.10

ip rip 192.168.3.10 receive v1-only

ip rip 192.168.3.10 send v1-only

exit

vlan 102

ip rip 192.168.2.10

ip rip 192.168.2.10 receive v1-only

ip rip 192.168.2.10 send v1-only

exit

vlan 103

ip rip 10.12.148.17

ip rip 10.12.148.17 receive v1-only

ip rip 10.12.148.17 send v1-only

exit

 

 

DHCP server is 10.12.148.16 and plugs into B20.

 

Problem is that the clients plugged into Site B switch can't communicate with the server plugged into Site A switch and vice versa. Any tips? :)

 

29 REPLIES 29
MarJ
Advisor

Re: 5406zl Vlan setup

Hi,

 

You are using link in vlan 1 B21 as connection between sites, but if You want to route You have to declare a network and ip addresses for that between sites.

synaesthesia
Frequent Advisor

Re: 5406zl Vlan setup

Hi - sorry that's not the case. Vlan1 is not used therefore it doesn't need an IP address. The config could be tidied up to remove all mentions of it.

The important bits are further on in the config.

Mark Wibaux
Trusted Contributor

Re: 5406zl Vlan setup

What's the default gateways of your servers and your clients?

 

Make sure they are set to the IP address allocated to the switch in the relevant VLAN.

 

 

Helper
Valued Contributor

Re: 5406zl Vlan setup

Hi,

 

If the other switch is not a routing switch, then you will need to tagged all your vlan on the Inter-Switch Link.

 

Can you provide the Site A configuration ? I think that your configuration is not correct at that time.

 

Regards,

MarJ
Advisor

Re: 5406zl Vlan setup

Hi,

 

if  routing is only provided on switch B, You should allow vlans 103 and 101 on link between switches.

 

 

synaesthesia
Frequent Advisor

Re: 5406zl Vlan setup

Other switch is identical (they are a pair of 5406zl units)

 

Config is the same but with vlan details pretty much swapped.

 

Gateway on the servers is the relevant VLAN ip address. Funnily enough I didn't consider the same for the clients - that won't be a problem as DHCP would dish out the right gateway address. Will try that when I have access to the switches again.

Helper
Valued Contributor

Re: 5406zl Vlan setup

hi,

 

If you do not use VRRP, then i think that your configuration is the problem.

Regarding the partial snapshot provided in this post port vlan configuration is very strange/confused.

 

Can you provide your entire configuration for these two sites  ?

 

Regards,

synaesthesia
Frequent Advisor

Re: 5406zl Vlan setup

No worries. 

 

Only just heard of VRRP as you mention it now and looked it up. Would that provide any benefits? From the very little I've understood about it it wouldn't help our problem of cutting down broadcast traffic over the phsyical switches - or would it?

 

Not that it matters - there's no way in hell we're forking out that much for a premium licence - as impressed as I am with HP kit I find their licensing system pathetic.

 

Current configs as follows:

 

SITE A switch:

 

ip routing
ip udp-bcast-forward
vlan 1
name "DEFAULT_VLAN"
no ip address
exit
vlan 101
name "Site A Switches"
tagged B21
untagged A1-A24,B1-B13
ip address 192.168.3.9 255.255.255.0
ip helper-address 10.12.148.13
exit
vlan 102
name "Site B Switches"
ip address 192.168.2.9 255.255.255.0
tagged B21
exit
vlan 103
name "Servers"
tagged B21
untagged B14-B20
ip address 10.12.148.14 255.255.252.0
exit
snmp-server community "public" unrestricted
vlan 101
ip rip 192.168.3.9
exit
vlan 102
ip rip 192.168.2.9
exit
vlan 103
ip rip 10.12.148.14
exit

 

SITE B Switch

 

ip routing
ip udp-bcast-forward
vlan 1
name "DEFAULT_VLAN"
no ip address
exit
vlan 101
name "Site A Switches"
tagged B21
ip address 192.168.3.10 255.255.255.0
exit
vlan 102
name "Site B Switches"
ip address 192.168.2.10 255.255.255.0
tagged B21
untagged A1-A24,B1-B13
ip helper-address 10.12.148.16
exit
vlan 103
name "Servers"
tagged B21
untagged B14-B20
ip address 10.12.148.17 255.255.252.0
exit
snmp-server community "public" unrestricted
vlan 101
ip rip 192.168.3.10
exit
vlan 102
ip rip 192.168.2.10
exit
vlan 103
ip rip 10.12.148.17
exit

 

A bit tidied up from the last one, excuse any elementary mistakes.

 

Helper
Valued Contributor

Re: 5406zl Vlan setup

Hi,

 

Thanks for your feedback, now i have a better understanding of what i expect regarding your situation.

 

Can you try something ?

- add ip helper-address in all vlans (but not vlan 103) at all switchs.

 

- on one switch (only one) remove all vlan ip address, beware to be sure that the corresponding address is not used by your users/servers/end-nodes. Otherwise configure the gateway address for the end-node to point to the same switch/vlan address for all sites/end-nodes.

 

Tell us if it is better.

If yes, and if you need LAN Layer 3 redundancy, one more time VRRP should be the best solution.

If you would like to continue using RIP for that you will need to be sure that all your end-nodes are using DHCP (ALL), then in case of failure you will need to change the gateway address manually for the corresponding scope and force the bindings to be updated (or configure a short binding period like 15mn beware of the relevant trafic growth for your server).

There are other protocols like IRDP, but i don't know if it supported by the switchs and much more by all your end-nodes.

 

Bye.