Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

Problem trying access hosts in another VLAN

 
SOLVED
Go to solution
lautrec
Occasional Contributor

Problem trying access hosts in another VLAN

Hi everybody.  How are you?

As you can see by the tittle im having a little issue trying to access devices connected in a vlan. So, i created two vlans(VLAN 100 and VLAN 200) and put the ip address in each on:

Vlan 100: 172.100.0.1, 255.255.0.0;

Vlan 200: 172.100.0.1, 255.255.0.0;

Create a trunk on eache switch with the two vlans tagged,  i enable the ip routing, put the static IP on the computer(172.100.0.5, 255.255.0.0, GW 172.100.0.1) and connecte to the port who has the vlan 100 unttaged. I tried to ping the gateway(vlan 100 ip address) on the computer, and work just fine, but when i tried to ping the another gateway(vlan 200 ip address) just dont work. So i change the static ip to 172.200.0.5, 255.255.0.0, 172.200.0.1.So i tried to ping the gateway(172.200.0.1) and work, after i tried to ping the vlan 100(172.200.0.1) and work to.  When i return to the vlan 100, i was able to ping both VLANs.

This is the configuration fo the switch 1:

; J9623A Configuration Editor; Created on release #RA.16.04.0016
; Ver #10:19.02.03.18.82.34.61.1c.28.f3.84.9c.63.ff.37.2f:9c
hostname "HP-2620-24"
trunk 2 trk1 trunk
ip routing
snmp-server community "public" unrestricted
vlan 1
name "DEFAULT_VLAN"
no untagged 3-4,Trk1
untagged 1,5-28
ip address dhcp-bootp
exit
vlan 100
name "floor1"
untagged 3
tagged Trk1
ip address 172.100.0.1 255.255.0.0
exit
vlan 200
name "floor2"
untagged 4
tagged Trk1
ip address 172.200.0.1 255.255.0.0
exit
spanning-tree Trk1 priority 4

 

And this is the configuration for the switch 2:

; J9623A Configuration Editor; Created on release #RA.16.04.0016
; Ver #10:19.02.03.18.82.34.61.1c.28.f3.84.9c.63.ff.37.2f:9c
hostname "switch2"
trunk 2 trk1 trunk
ip routing
snmp-server community "public" unrestricted
vlan 1
name "DEFAULT_VLAN"
no untagged 3-4,Trk1
untagged 1,5-28
ip address dhcp-bootp
exit
vlan 100
name "floor1"
untagged 3
tagged Trk1
ip address 172.100.0.1 255.255.0.0
exit
vlan 200
name "floor2"
untagged 4
tagged Trk1
ip address 172.200.0.1 255.255.0.0
exit
spanning-tree Trk1 priority 4

 

Thanks in advance

6 REPLIES 6
lautrec
Occasional Contributor

Re: Problem trying access hosts in another VLAN

Im using Procurve switches 2620.

parnassus
Honored Contributor
Solution

Re: Problem trying access hosts in another VLAN

First of all enabling IP Routing on both Switches isn't needed: in your scenario (Switch A connected to Switch B through a single physical link with both Switches sharing the very same VLANs) use only one Switch as IPv4 router!

Then you misconfigured VLAN IP addressing (which isn't strictly necessary on the switch without IP routing enabled...): you can't have the same IP (example: 172.100.0.1 on both VLANs 100 on Switch A and B)...so remove double addressing (the only address you should care about on non IP routing Switches is the one assigned to a VLAN dedicated for Switch management...which your scenario seems to lack).

Second error is the usage of trunk: why you created a logical interface (trk1) for a Link Aggregation Group made of just one physical port (port 2)? it seems to me you confused trunk with cisco trunk...if you have just one interconnection link (port 2 to port 2 is one link) between your two Switches just tag direcly port 2: interface ethernet 2 untagged vlan 1 (to set Port 2 as untagged member of VLAN 1) and then interface ethernet 2 vlan tagged 100,200 (to set Port 2 as tagged member of VLANs 100 and 200)...clearly - in your case - you first need to remove Port 2 from Trk1 (or erase Trk1).

Summarizing...port 2 will interconnect Switch A and Switch B, it will carry VLANs 1 ( untagged), 100 (tagged) and 200 (tagged)...no trunks are needed (at least until you use a single link uplink between Switch A and B)...you should fix IP routing (just one Switch - Switch A or B - should be responsible of IPv4 Routing) and you must fix the VLANs IP Addressing overlap errors (set IP Addresses for intended VLANs on the Switch that will be the IP Router)...there will be also other areas to improve running configurations (e.g. Spanning Tree configuration, Access ports security)...but, at this stage, fix the basics to have correct running configurations.

Highlighted
parnassus
Honored Contributor

Re: Problem trying access hosts in another VLAN

To further help you consider these two running configurations (reflecting the scenario I wrote above: sinlge link uplink from Switch A - doing IP Routing - to Switch B - not doing IP routing, VLAN IDs are shared and the uplink is tagged to carry all of them, VLAN IP Addressing is set only on Switch A...eventually you can add non-overlapping IP Addresses on Switch B too but that isn't strictly needed):

Switch A:

 

hostname "SW-A"
ip routing
snmp-server community "public" unrestricted
vlan 1
name "DEFAULT_VLAN"
no untagged 3-4
untagged 1-2,5-28
ip address 192.168.1.1 255.255.255.0
exit
vlan 100
name "VLAN-100-Floor-1"
untagged 3
tagged 2
ip address 172.100.0.1 255.255.0.0
exit
vlan 200
name "VLAN-200-Floor-2"
untagged 4
tagged 2
ip address 172.200.0.1 255.255.0.0
exit

 

Switch B:

 

hostname "SW-B"
snmp-server community "public" unrestricted
vlan 1
name "DEFAULT_VLAN"
no untagged 3-4
untagged 1-2,5-28
ip address 192.168.1.2 255.255.255.0
exit
vlan 100
name "VLAN-100-Floor-1"
untagged 3
tagged 2
exit
vlan 200
name "VLAN-200-Floor-2"
untagged 4
tagged 2
exit

 

lautrec
Occasional Contributor

Re: Problem trying access hosts in another VLAN

So, i need to add new ip routes? Because i cant ping in the hosts connected to the other switch.

parnassus
Honored Contributor

Re: Problem trying access hosts in another VLAN

No, no (any/new) IP routes are required.

Can you share actual modified running configurations after you implemented instructions given above? 

lautrec
Occasional Contributor

Re: Problem trying access hosts in another VLAN

I got it. I did according to the instructions you gave me, the problem was in some Linux hosts who weren't "pinging" for some reason. Thanks for all, really really thanks.