- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- I have a VLAN routing issue on our network. We hav...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-15-2016 08:11 AM
тАО06-15-2016 08:11 AM
I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core switches, each vlan on these switches has an IP address and VRRP is configured on each vlan for redundancy. I have enabled IP routing and Inter VLAN routing is working to some degree but not fully.
Testing with some devices connected to the same core switch I was able to ping a device on vlan 30 from all vlans. But the device on vlan 30 is unable to ping devices on anything but it's own vlan. From what I have read online and in the docs this should just work with the configuration I have entered.
Below are my test results.
JW3-CAB02-CORE02# ping 10.10.20.2 10.10.20.2 is alive, time = 14 ms JW3-CAB02-CORE02# ping 10.10.20.2 source 10 Request timed out. JW3-CAB02-CORE02# ping 10.10.20.2 source 20 Request timed out. JW3-CAB02-CORE02# ping 10.10.20.2 source 30 Request timed out. JW3-CAB02-CORE02# ping 10.10.20.2 source 40 10.10.20.2 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.10.20.2 source 50 Request timed out. JW3-CAB02-CORE02# ping 10.30.33.41 10.30.33.41 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.30.33.41 source 10 10.30.33.41 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.30.33.41 source 20 10.30.33.41 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.30.33.41 source 30 10.30.33.41 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.30.33.41 source 40 10.30.33.41 is alive, time = 1 ms JW3-CAB02-CORE02# ping 10.30.33.41 source 50 10.30.33.41 is alive, time = 1 ms
Here are the two devices showing in the ARP cache table
IP ARP table IP Address MAC Address Type Port --------------- ----------------- ------- ---- 10.30.33.41 00155d-053406 dynamic B9 10.10.20.2 00181c-0253fd dynamic A9
Here are the important bits of the switch configuration
hostname "JW3-CAB02-CORE02" ip route 0.0.0.0 0.0.0.0 10.30.255.254 ip routing router vrrp ipv4 enable exit vlan 1 name "DEFAULT_VLAN" no untagged A9-A14,A18-A22,B1-B10 untagged A1-A8,A15-A17,A23-A24,B11-B24 ip address 192.168.255.252 255.255.255.0 exit vlan 10 name "BMS" tagged A1-A8,B20,B22 ip address 10.10.2.252 255.255.255.0 vrrp vrid 10 virtual-ip-address 10.10.2.251 enable exit exit vlan 20 name "Security" untagged A12-A14 tagged A1-A8,B20,B22 ip address 10.10.3.252 255.255.255.0 vrrp vrid 20 virtual-ip-address 10.10.3.251 enable exit exit vlan 30 name "JW3 Management" untagged A18-A22,B1-B10 tagged A1-A8,B20,B22 ip address 10.30.255.252 255.255.0.0 ip proxy-arp ip helper-address 10.30.33.11 vrrp vrid 30 virtual-ip-address 10.30.255.251 enable exit exit vlan 40 name "IPTV" untagged A9-A11 tagged A1-A8,B20,B22 ip address 10.10.20.252 255.255.255.0 ip proxy-arp ip helper-address 10.10.20.30 ip igmp vrrp vrid 40 virtual-ip-address 10.10.20.251 enable exit exit vlan 50 name "Public WiFi" tagged A1-A8,A19-A21,B20,B22 ip address 10.34.255.252 255.255.252.0 ip helper-address 10.34.255.254 vrrp vrid 50 virtual-ip-address 10.34.255.251 enable exit exit
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-15-2016 07:46 PM
тАО06-15-2016 07:46 PM
SolutionWe would need to see more information:
- switch VLAN interface and VRRP config from the other "core"
- interface config for all switchports that interconnect the two cores
(descriptions on all relevant interfaces)
- host IP addressing config - especially default GW
- spanning-tree config and current status
However, at a guess,
Your VLAN40 issue is caused by 10.10.20.2 not having 10.10.20.251 as its default GW.
and
"I was able to ping a device on vlan 30 from all vlans"
"the device on vlan 30 is unable to ping devices on anything but it's own vlan"
sounds like a Windows firewall issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-17-2016 01:37 AM
тАО06-17-2016 01:37 AM
Re: I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core
Thanks Vince, after some thought on your post and another forum I setup a VM with a nic tagged to each vlan. Inter-VLAN routing is working as expected. Turns out the devices I was pinging weren't setup with correct gateways and sometimes even subnet masks by the installers. I incorrectly assumed that if the switch was able to ping them then it was good enough.