HPE Community
Aruba & ProVision-based
1752364 Members
5530 Online
108787 Solutions
New Discussion юеВ

VLAN problem across multiple switches

 
SOLVED
Go to solution
gvadmin
Occasional Visitor

тАО07-07-2015 09:19 AM

тАО07-07-2015 09:19 AM

VLAN problem across multiple switches

Hi,


I want to create a new VLAN for our new WIFI WLAN on a completely separated VLAN 102.
We want to use this WLAN for guests (and some sales people who only need internet access when they are in the office).

So i created a new VLAN 102 on the HPLANS1 and HPLANS3.

On the HPLANS3 we have our Wifi Controller device and 4x AccessPoints connected and
on the HPLANS1 our gateway/firewall/router and a simple DHCP Linux server installed for handing out IP's to
the WLAN clients on VLAN102 (DHCP *only* for VLAN102 !)

The Wifi controller and 4x AP's are connected on the default VLAN1 of on the switches for management.
The WLAN is created on the new VLAN 102 so i have these completely separated.

I already tagged the ports on the HPLANS3 where the wifi controller and the 4x AP's are connected for VLAN102
and tagged the Trunk Trk3 for VLAN102. For the default VLAN1 all ports are untagged.

And on the HPLANS1 tagged the port on VLAN102 where the gateway/firewall/router/dhcp is connected.
The trunk Trk1 is also tagged for VLAN102 and untagged for default VLAN1.

HPLANS1,S3 configs (just the relevant parts ... i think):

HPLAN1:
ip routing
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-22,A1-A2,B1-B2,Trk1
   ip address 10.24.8.231 255.0.0.0
   exit
vlan 102
   name "WIFI_VLAN"
   tagged 1,Trk1
   ip address 192.168.66.1 255.255.255.0
   exit
spanning-tree
spanning-tree Trk1 priority 4


HPLANS3:
ip routing
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-22,A1-A2,B1-B2,Trk3
   ip address 10.24.8.233 255.0.0.0
   exit
vlan 102
   name "WIFI_VLAN"
   tagged 9-11,Trk3
   ip address 192.168.66.3 255.255.255.0
   exit
spanning-tree
spanning-tree Trk3 priority 4



The question:
If i try to ping the HPLANS3 on VLAN 102 from the gateway/firewall/router/dhcp server on the HPLANS1 i get no reply.

If i ping to 192.168.66.3 (HPLANS3 VLAN102 ip) from the gateway/firewall/router/dhcp server i get the reply back.


What do i need to get this setup working?
I think i need to do something with the HPCORE1 as well but i am not sure what to do?
VLAN is new to me so i have no experience with this.

 

Basic setup we have in the office:

HPCORE1   = 1x HP Switch 5406zl (J8697A)
HPLANS[x] = 7x HP 2910al-24G-PoE Switch (J9146A)

The HPCORE1 is used as a core switch and has 2x 24port modules (A1-24 and B1-24) for redundancy.

  HPCORE1-----+ 
	      | 
	      | Trk1
	      +-------- HPLANS1
	      | 
	      | Trk2
	      +-------- HPLANS2
	      | 
	      | Trk3
	      +-------- HPLANS3
	      | 
	      |


For uplinks to the HPCORE1 switch i created a LACP type trunk (Trk1,2,3...) group of the last 2 ports (p23-24) on each HPLANS[x] switch
and connected them to the HPCORE1 switch.
And on the HPCORE1 switch i also created LACP type trunk groups for each Trk1,2,3... for both modules (A1-24,B1-24).

So for example the Trk1 trunk on port 23 of HPLANS1 is connected to port A1 on the HPCORE1
and the Trk1 on port 24 of HPLANS1 is connected to B1 on the HPCORE1 switch.

Each Trk[x] Trunk on the HPLANS[x] switches is setup with Spanning Tree enabaled in "MSTP" mode.

 

0 Kudos
2 REPLIES 2
Vince-Whirlwind
Honored Contributor

тАО07-07-2015 04:03 PM

тАО07-07-2015 04:03 PM

Solution

Re: VLAN problem across multiple switches

You have created VLAN102 on HPLANS1 and HPLANS3 switches.

You have added VLAN102 as a tagged VLAN to the Trk1 interface on HPLANS1.

You have added VLAN102 as a tagged VLAN to the Trk3 interface on HPLANS3.

 

HPLANS Trk1 is patched to HPCORE Trk1 (A1,B1).

HPLANS Trk3 is patched to HPCORE Trk3 (A3,B3).

 

Question1:

Have you 

 - created VLAN102 on HPCORE?

 - added VLAN102 to HPCORE Trk1 & Trk3?

 

Question2:

Why is IP routing enabled on HPLANS1 & 3?

Why have you assigned an IP address to VLAN102 interface on HPLANS1&3?

What traffic is this routing? What purpose do these VLAN102 addresses serve within your network?

0 Kudos
gvadmin
Occasional Visitor

тАО07-08-2015 03:45 AM

тАО07-08-2015 03:45 AM

Re: VLAN problem across multiple switches

Hi,

 

I have found the solution today!

 

I already had created VLAN102 to the HPCORE1 switch but simply forgot to tag VLAN102 to the Trk1 and Trk3 on the HPCORE1 :-)  Sometimes things can be easily overlooked but this is my first time with VLANs.

 

I also removed al the "ip routing" stuff and the assigned IPs from HPLANS1,S3 and HPCORE1.

 

My DHCP server now hands out IP's to the WLAN on VLAN102, last thing i need to do now is add routing to this server so i can access the internet and make my users happy :-)

 

Thanks for your reply!

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.