HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Community
Aruba & ProVision-based
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core swi

 
SOLVED
Go to solution
BenWhite
BenWhite
Visitor

‎06-15-2016 08:11 AM

‎06-15-2016 08:11 AM

I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core swi

I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core switches, each vlan on these switches has an IP address and VRRP is configured on each vlan for redundancy. I have enabled IP routing and Inter VLAN routing is working to some degree but not fully.

Testing with some devices connected to the same core switch I was able to ping a device on vlan 30 from all vlans. But the device on vlan 30 is unable to ping devices on anything but it's own vlan.   From what I have read online and in the docs this should just work with the configuration I have entered.

Below are my test results.

JW3-CAB02-CORE02# ping 10.10.20.2
10.10.20.2 is alive, time = 14 ms
JW3-CAB02-CORE02# ping 10.10.20.2 source 10
Request timed out.
JW3-CAB02-CORE02# ping 10.10.20.2 source 20
Request timed out.
JW3-CAB02-CORE02# ping 10.10.20.2 source 30
Request timed out.
JW3-CAB02-CORE02# ping 10.10.20.2 source 40
10.10.20.2 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.10.20.2 source 50
Request timed out.

JW3-CAB02-CORE02# ping 10.30.33.41
10.30.33.41 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.30.33.41 source 10
10.30.33.41 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.30.33.41 source 20
10.30.33.41 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.30.33.41 source 30
10.30.33.41 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.30.33.41 source 40
10.30.33.41 is alive, time = 1 ms
JW3-CAB02-CORE02# ping 10.30.33.41 source 50
10.30.33.41 is alive, time = 1 ms

 

Here are the two devices showing in the ARP cache table

 IP ARP table

  IP Address       MAC Address       Type    Port
  ---------------  ----------------- ------- ----
  10.30.33.41      00155d-053406     dynamic B9
  10.10.20.2       00181c-0253fd     dynamic A9

 

Here are the important bits of the switch configuration

hostname "JW3-CAB02-CORE02"

ip route 0.0.0.0 0.0.0.0 10.30.255.254
ip routing   

router vrrp
   ipv4 enable
   exit
vlan 1
   name "DEFAULT_VLAN"
   no untagged A9-A14,A18-A22,B1-B10
   untagged A1-A8,A15-A17,A23-A24,B11-B24
   ip address 192.168.255.252 255.255.255.0
   exit
vlan 10
   name "BMS"
   tagged A1-A8,B20,B22
   ip address 10.10.2.252 255.255.255.0
   vrrp vrid 10
      virtual-ip-address 10.10.2.251
      enable
      exit
   exit
vlan 20
   name "Security"
   untagged A12-A14
   tagged A1-A8,B20,B22
   ip address 10.10.3.252 255.255.255.0
   vrrp vrid 20
      virtual-ip-address 10.10.3.251
      enable
      exit
   exit
vlan 30
   name "JW3 Management"
   untagged A18-A22,B1-B10
   tagged A1-A8,B20,B22
   ip address 10.30.255.252 255.255.0.0
   ip proxy-arp
   ip helper-address 10.30.33.11
   vrrp vrid 30
      virtual-ip-address 10.30.255.251
      enable
      exit
   exit
vlan 40
   name "IPTV"
   untagged A9-A11
   tagged A1-A8,B20,B22
   ip address 10.10.20.252 255.255.255.0
   ip proxy-arp
   ip helper-address 10.10.20.30
   ip igmp
   vrrp vrid 40
      virtual-ip-address 10.10.20.251
      enable
      exit
   exit
vlan 50
   name "Public WiFi"
   tagged A1-A8,A19-A21,B20,B22
   ip address 10.34.255.252 255.255.252.0
   ip helper-address 10.34.255.254
   vrrp vrid 50
      virtual-ip-address 10.34.255.251
      enable
      exit
   exit

 

0 Kudos
Reply
2 REPLIES
Vince-Whirlwind
Vince-Whirlwind
Honored Contributor

‎06-15-2016 07:46 PM

‎06-15-2016 07:46 PM

Solution

Re: I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core

We would need to see more information:

- switch VLAN interface and VRRP config from the other "core"
- interface config for all switchports that interconnect the two cores
(descriptions on all relevant interfaces)
- host IP addressing config - especially default GW
- spanning-tree config and current status

However, at a guess, 

Your VLAN40 issue is caused by 10.10.20.2 not having 10.10.20.251 as its default GW.
and
"I was able to ping a device on vlan 30 from all vlans"
"the device on vlan 30 is unable to ping devices on anything but it's own vlan"
sounds like a Windows firewall issue.

Reply
BenWhite
BenWhite
Visitor

‎06-17-2016 01:37 AM

‎06-17-2016 01:37 AM

Re: I have a VLAN routing issue on our network. We have two ProCurve 5406zl's being used as our core

Thanks Vince, after some thought on your post and another forum I setup a VM with a nic tagged to each vlan.  Inter-VLAN routing is working as expected.  Turns out the devices I was pinging weren't setup with correct gateways and sometimes even subnet masks by the installers.  I incorrectly assumed that if the switch was able to ping them then it was good enough.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.