HPE Community
Aruba & ProVision-based
1753530 Members
4757 Online
108795 Solutions
New Discussion

5406zl - using 2 as routers

 
SOLVED
Go to solution
synaesthesia
Frequent Advisor

‎03-12-2013 01:45 AM

‎03-12-2013 01:45 AM

5406zl - using 2 as routers

Hi,

 

Still getting to grips with these switches so please excuse any elementary errors.

Background is that we have 2 sites which we'd like to split up with VLANS and have the clients for each site use each site's core switch (both 5406zl) as the default gateway.

 

I have both the switches in front of me for testing and appear to be most of the way there as for configuring them. Inter-vlan transport appears to work perfectly on either switch on their own however can't seem to get them to work fully together without using the other switch as the default route which seems wrong?

 

Clients don't need to see eachother. There will be a DHCP server on each site with each router as the default gateway. The rest of the vlans are shared between them (printers, wifi etc)

 

Test configs are attached.

 

Is there something I'm missing there? Do we need a 3rd router to route between these two, bearing in mind we can only have a single physical connection (the fibre) between them and that will connect between the two 5406's.

1 person had this problem.
0 Kudos
8 REPLIES 8
synaesthesia
Frequent Advisor

‎03-12-2013 02:31 AM

‎03-12-2013 02:31 AM

Re: 5406zl - using 2 as routers

Also forgot to mention we have a router supplied by the ISP for internet/firewall so ultimately need to go through that - I imagine that should therefore be the default route on each switch when it goes live, however then it stops the switches routing to eachother properly
0 Kudos
Chrisd131313
Trusted Contributor

‎03-12-2013 03:49 AM

‎03-12-2013 03:49 AM

Re: 5406zl - using 2 as routers

Hi Synaesthesia,

 

What exactly are you trying to achieve? If I understand you correctly you have servers which are accessible across both switches via VLAN 100 and also Wi-Fi on VLAN 105 already. You want to keep both sets of clients isolated from each other, which is also working as expected, so What are you wanting to route between the two 5406 switches?

 

Because you have VLAN 100/ & 105 traversing both switches via a tagged port any routing between either site's clients and the servers will be done on each respective switch (the Default Gateway). It would only be if you were looking at routing between two isolated VLANs that you would need to route between the two switches. i.e. VLAN 300 -> VLAN 200.

 

Just to confirm, what were you testing that did not give you the results you were expecting to see?

 

I am assuming that when the switches are deployed there will not be a link between the two switches? are the two switches going to be deployed to two geographically isolated locations?

 

 

 

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
synaesthesia
Frequent Advisor

‎03-12-2013 05:06 AM

‎03-12-2013 05:06 AM

Re: 5406zl - using 2 as routers

The switches will be connected directly by about a mile of fibre. 

The idea is, both sets of clients on 200 and 300 will need access to the servers and vice versa. We need to minimise traffic on that fibre link between the switches. The main thing we're looking to acheive is massively upgrading our subnets as we've run out of space thanks to BYOD/wireless so it's a good time to do it all properly in the first place.

 

Currently it's one flat network with a pair of SCCM servers which handle PXE network builds and software deployment over one large site. Clients currently pick up a DHCP address from the first server to get the request, and therefore pick up software deployment from SCCM as per it's allocated IP address. The plan is that once they're split they'll pick up only their relevant site's allocated IP addresses and get software allocated only from that sites SCCM server, eliminating the load from the inter-site link. 

Hope that makes sense! I have a habit of over-complicating things.

0 Kudos
Chrisd131313
Trusted Contributor

‎03-12-2013 05:46 AM

‎03-12-2013 05:46 AM

Solution

Re: 5406zl - using 2 as routers

OK, if the clients are going to need to acccess servers that could be located at either site then the local site switch will do the inter-VLAN routing (192.168.4.1 & 2 set as the DG on the servers).

 

The clients will have their respective DG setup (192.168.12.1 & 18.1) which will allow them to route to VLAN 100.

 

If you are going to have an internet gateway/router at each of the two locations, then you will just need to set the default route on each 5406 to the respective gateway/router IP on each site. This should work fine.

 

Bring SCCM and PXE into the equation - you'll need to setup your network boundaries and then set you IP helper addresses on the VLANs pointing to the relevant SCCM server - currently, looking at your configs, you have both client VLANs pointing to the same DHCP Helper IP address.

 

In theory, that should then work. You are not a million miles away from it now.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
synaesthesia
Frequent Advisor

‎03-12-2013 05:54 AM

‎03-12-2013 05:54 AM

Re: 5406zl - using 2 as routers

Fantastic, many thanks. Got all the boundaries and stuff nailed already for SCCM, we were just waiting for the network side of things really. We only have a single internet gateway/firewall unfortunately so all traffic from all vlans need to be able to share that. I would imagine therefore I'd just need to do ip route 0.0.0.0 0.0.0.0 gateway_IP on both switches for that to work?
0 Kudos
Chrisd131313
Trusted Contributor

‎03-12-2013 06:38 AM

‎03-12-2013 06:38 AM

Re: 5406zl - using 2 as routers

Yep, that's correct. Just make sure your default route on both 5406zl switches has a gateway IP of your internet gateway/router and you should be good to go.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
Reda
Occasional Advisor

‎03-13-2013 09:30 PM

‎03-13-2013 09:30 PM

Re: 5406zl - using 2 as routers

Hi, 

 

 

I have similar senario but with two core switces in each site redundent using vrrp and stp 

 

would it possible to make site 2 vlan servers 112 visible to site 1 vlan  servers 102 

by connecting 2 selected ports on 102,112 respectively.

and make a route on core sw1 in site one into  core2 sw1  0.0.0.0 0 255.255.255.0 192.168.112.254 

 

kindlly note that i have no router now, i just want to temporary connect the servers in both sites while the routers arrives 

 

Thank you in advance 

 

0 Kudos
Chrisd131313
Trusted Contributor

‎03-14-2013 03:33 AM

‎03-14-2013 03:33 AM

Re: 5406zl - using 2 as routers

Hi Reda,

 

Next time please start a new thread as this one has already been marked as comlete..

 

But, to answer your question...

 

If you setup another VLAN connecting the two sites together you can then add a route on each site's switches pointing to the other...

 

e.g. setup a VLAN on both switches VLAN 199 (192.168.254.1/2 & 192.168.254.3/4 255.255.255.248) or whatever you want to setup. Assign ports on all four switches to VLAN 199 and connect them up.

 

Site #1 router

 

ip route 192.168.112.0 255.255.255.0 192.168.254.3/4 (whichever IP you assign as the VRRP owner)

 

Site #2 router

 

ip route 192.168.102.0 255.255.255.0 192.168.254.1/2 (whichever IP you assign as the VRRP owner)

 

HTH.

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.