Aruba & ProVision-based

System connected to VLAN unable to reach anything

 
helpo11
Occasional Collector

System connected to VLAN unable to reach anything

Hi,

I have a bit of a dilemma, and not sure why it's happening. I have created a new vlan on an access switch(Procurve), that is connected to a core switch that is connected to a firewall. When I connected a system(server) to a port and assign it the new vlan on the access switch, the system can't seem to ping any thing, even the firewall. Checking the switch to show the mac address of that port, show me nothing.

MAC Address   VLANs       
------------- ------------

 

The system is using the firewall as it's gateway. The vlan is configured no differnt then the other vlans, with the following,

vlan 34
   name "Server34"
   untagged 19, 21
   tagged Trunk2
   no ip address
   exit

 

I have a trunk that connects to core switch, 

trunk 30-31 Trunk2 trunk

 

There are no routes on the access switch, and I'm just not clear  Why this VLAN is failing to ping when other vlans with the same  config are working fine. Any help would be appreciated, as I'm just not seeing what is missing.

Thanks

6 REPLIES 6
drk787
HPE Pro

Re: System connected to VLAN unable to reach anything

Hi @helpo11

Since the mac-address itself is not learnt on the switch interface,  have you tried testing with a different cable, what is the LED status on the port, try disabling and enabling the interface.  If there is any patch pannel between the server and switch, try connecting it directly to the switch. If possible configure an ip address on vlan 34 temporarily and try to ping the switch from the server and test the reachability.

 

Thank You!
I am an HPE Employee

Accept or Kudo

parnassus
Honored Contributor

Re: System connected to VLAN unable to reach anything

Hi! is the VLAN 34 permitted on the Port Trunk Trk2 (logical link that is used to uplink your access switch to your core switch)?

To verify, perform a show vlan port ethernet Trk2 detail to see if the Trk2 (type: trunk) is properly tagged with VLAN id 34 up to the core switch.

Perform also a show vlan port ethernet 19 detail and a show vlan port ethernet 21 detail to see the VLAN tagging membership (untag/tag) of those two edge ports.

Check status of involved edge ports, is the physical link good?

Is the server port using the default VLAN (untagged on VLAN id 1)?


I'm not an HPE Employee
Kudos and Accepted Solution banner
helpo11
Occasional Collector

Re: System connected to VLAN unable to reach anything

Hi @parnassus,

I've run, show vlan port ethernet Trk2 detail, and I can see that the vlan is tagged to the the trunk. As per all the other vlans, taht are working.

VLAN ID Name                 | Status     Voice Jumbo Mode    
------- -------------------- + ---------- ----- ----- --------
34    Server34              | Port-based No    No    Tagged

I ran show vlan port ethernet 19 detail, see the following:

 Status and Counters - VLAN Information - for ports 19

  VLAN ID Name                 | Status     Voice Jumbo Mode    
  ------- -------------------- + ---------- ----- ----- --------
  34    Server34              | Port-based No    No    Untagged
 

 

Yes, the physical link does look good.

No, the server port isn't using the deafult VLAN. I ran the command show vlan 1, port 34 isn't present.

helpo11
Occasional Collector

Re: System connected to VLAN unable to reach anything

Hi @drk787 ,

Yes, I've tested with different cables, and tried connecting a laptop, but still no success. I have not disabled and reenabled the interface, but changing the port from tagged to untagged seemed to show the mac address now, witht he command show mac-address vlan 34. Not sure, why that worked but still unable to ping the firewall.

There's no patch panel, it's directly connected to the access switch. 

 

 

parnassus
Honored Contributor

Re: System connected to VLAN unable to reach anything

Hi,

You wrote:


@helpo11 wrote: No, the server port isn't using the deafult VLAN. I ran the command show vlan 1, port 34 isn't present.

I don't understand your reference to a "port 34".

What is the Switch port to which the server is connected to?

If the port is the port 19 (and port 19 is untagged member of VLAN id 34 so it could not be also untagged member of VLAN 1 as it was in default state) then the server should not tag any outgoing packet...this means that the server should have its port as default (default means it doesn't tag)...that way the server is VLAN unaware and all its outgoing packets will be accepted by port 19 (since they are incoming not tagged) and they will be tagged internally on the switch on VLAN id 34.  

To recap:

Server NIC port (Untagged) <--> Switch port 19 (Untagged member of VLAN id 34) --- SWITCH (internally: packets arriving on port 19 are tagged with VLAN id 34) --- Switch port Trk2 (Tagged member of VLAN id 34) <--> Core (port should clearly match the tagging of Trk2, so it should be tagged on VLAN id 34 too).

If you set another port (say port 20) untagged member of VLAN id 34 and set your Server and an Host on that port 20 with static IP Addressing do they ping each others? I believe so...


I'm not an HPE Employee
Kudos and Accepted Solution banner
helpo11
Occasional Collector

Re: System connected to VLAN unable to reach anything

Hi @parnassus 

My appologizes for the confusion, I meant port 19 not 34. The server is connected to port 19, on VLAN 34.

So i'm not sure, I understand what you mean by, "Core (port should clearly match the tagging of Trk2, so it should be tagged on VLAN id 34 too).". The core's vlan 34 is tagged. So I have taken laptop, and connected it directly to the core switch and put it on the same vlan, and everything is working as expected from the core switch. From the laptop I can ping to and from the stystem. 

I will have to set up the laptop to the access switch on another port and verify that I can ping both systems on the same vlan.