HPE Community
Comware Based
1752292 Members
5007 Online
108786 Solutions
New Discussion юеВ

Re: Partitioning ports using VLANs

 
meldrum
Occasional Advisor

тАО11-17-2009 12:39 PM

тАО11-17-2009 12:39 PM

Partitioning ports using VLANs

Fact: SuperStack 42xx series.



I want to partition a few ports on a switch as an independent switch. By that I mean, I want to run a separate subnet on those ports form the the other ports. I am trying to do it using VLANS. What I did was assign a few ports to VLAN2, I then removed those ports from VLAN1. I thought that would do it, but I find that when I plug things into the ports for VLAN2, they do not seem to speak to each other. They are on a different subnet than the subnet that I am administering the switch. Do I need to do something at the IP level to get the ports on VLAN2 to talk to each other?



After I get that working I want to do the same on a second "Linked" switch. I was hoping I would just add both VLAN1 and VLAN2 to the ports that connect the switches together.

0 Kudos
9 REPLIES 9
Fred_Mancen_1
Super Advisor

тАО11-17-2009 12:55 PM

тАО11-17-2009 12:55 PM

Re: Partitioning ports using VLANs

You need to create a VLAN Interface, that is actually the IP level you mentioned - Layer 3. On 4200G switches you have to issue the command:



interface vlan 2

ip address



After this, when you connect a host to one of these ports assigned with the VLAN 2, the interface protocol will came up, and inter-VLAN routing will start automatically.



To connect a second switch to this one, and share the traffic between both switches, you will need to setup a port as a trunk:



interface gi 1/0/N

port link-type trunk

port trunk permit vlan 1 2



That's it. If you need help further, let me know.



HTH
Regards,
Fred Mancen
0 Kudos
meldrum
Occasional Advisor

тАО11-17-2009 01:13 PM

тАО11-17-2009 01:13 PM

Re: Partitioning ports using VLANs

OK, this sounds great. I will try it. One further question though... I have never seen a "Trunk" command. I have seen aggregate commands. I assume the ports that connect the switches together (The high speed port on the right hand side) are the "trunk" ports. Assuming I assign the interface to these ports, they will be "trunked"



0 Kudos
meldrum
Occasional Advisor

тАО11-17-2009 09:07 PM

тАО11-17-2009 09:07 PM

Re: Partitioning ports using VLANs

The switches are 42xx series (S/W ver 3.05) and I am unsure how to enter the commands you mention.



To add the interface is it?



protocol -> ip -> interface -> modify



 



Note, there is no ADD.  This gives me the prompt: Select IP interface (1-2):



If I enter summary, I get:



Select menu option (protocol/ip/interface): summary


Select IP interface (1-2,all): all





The IP address for interface 1 has been configured Manually.





Index   Type       IP address        Subnet mask       State   VLAN ID


---------------------------------------------------------------------------


1       Network    192.168.1.30      255.255.0.0       Up      1


2       SLIP       192.168.101.1     255.255.255.0     Up      n/a



My question is, Am I in the right place?  Do I modify the 'SLIP' interface to be my other subnet?



One note, I changed the subnet mask from 255.255.255.0 to 255.255.0.0 with the thought that the switch would now pass all traffic on all the 192.168.NNN.xxx subnets.



 



0 Kudos
Fred_Mancen_1
Super Advisor

тАО11-18-2009 07:07 AM

тАО11-18-2009 07:07 AM

Re: Partitioning ports using VLANs

Meldrum, since you entered this 16 bit subnet mask, you are assuming that this subnet 192.168.0.0 is the only segment you have. It's the subnet mask that segments the network, and you have to use masks according your project needs. Let┬┤s try this: connect your notebook to the switch console. Enter the following commands.



vlan 1


name


interface vlan 1


ip address 192.168.1.30 255.255.255.0


description





vlan 2


name


interface vlan 2


ip address 192.168.101.1 255.255.255.0


description





In the ports connected to the other switches (and you will have to setup these ports on the neighbor switches also):





interface gi 1/0/N


port link-type trunk


port trunk permit vlan 1 2


description





Remember that:





1. The VLAN IP protocol will came up only if one host is connected to a port that has the related VLAN assigned.





2. The trunk ports need to be configured exactly the same parameters on both peers.





3. The IP routing is automatic, it starts since the protocols are up.



HTH



P.S.: You can edit this script, copy and paste to the console.



 



This message was edited by Fred_Mancen on 11-18-09 @ 7:08 AM
Regards,
Fred Mancen
0 Kudos
meldrum
Occasional Advisor

тАО11-18-2009 08:25 AM

тАО11-18-2009 08:25 AM

Re: Partitioning ports using VLANs

Ok, I understand what you are saying, but my problem is that the command line does not accept straight commands,  It is a series of promt/questions, e.g.



Menu options: --------------3Com SuperStack 3 Switch 4200---------------


 bridge             - Administer bridge-wide parameters


 gettingStarted     - Basic device configuration


 logout             - Logout of the Command Line Interface


 physicalInterface  - Administer physical interfaces


 protocol           - Administer protocols


 security           - Administer security


 system             - Administer system-level functions


 trafficManagement  - Administer traffic management





Type  ? for help


-----------------------------------Spare, Spare (1)---------------------


Select menu option:



Is there a way out of this menu system, so I can enter the commands you mention?


BTW thank you for your paitience



 



0 Kudos
Fred_Mancen_1
Super Advisor

тАО11-18-2009 09:07 AM

тАО11-18-2009 09:07 AM

Re: Partitioning ports using VLANs

Ok, I understand. I think your 4200 is an older model than the 4200G, am I right? You need to specify the new VLAN ID on Bridge Parameters, to assign this new VLAN ID to the ports, use the physicalInterface  menu, and to create the IP interface, I think the protocol option will let you do it. But at first, check if this switch supports Layer 3 functions; otherwise you will need a L3 device to route between these two VLANs.



HTH



Regards,
Fred Mancen
0 Kudos
meldrum
Occasional Advisor

тАО11-18-2009 09:38 AM

тАО11-18-2009 09:38 AM

Re: Partitioning ports using VLANs

Switch versions are:


3c17300A 4200,  3C1702 4250T & 3C17304 4228G  all running ver 3.04 Firmware.


I have routers that are mangaging the separate subnets,  All I want from the switches is to act as two partioned switches, where each partition will carry the traffic for its connected router.  The idea is that router1 will feed VLAN1 and router2 will feed VLAN2, but the the traffic will be kept separate so that VLAN2 people can't get to VLAN1 people without going through the router.  On top of that I want to stack the switches so each building gets the two VLANs... spearated of course.



0 Kudos
Fred_Mancen_1
Super Advisor

тАО11-18-2009 09:49 AM

тАО11-18-2009 09:49 AM

Re: Partitioning ports using VLANs

Well, sou you need to enable 802.1Q in the router port connected to the switches in order to enable trunking between the devices.





After that, you'll need to create sub-interfaces on the configuration of the router Ethernet port, to enable routing through the VLANs. Only traffic forwarded to the router will be routed to another network segments. By default the VLAN traffic is isolated until you enable IP routing - in a multilayer switch or in a router. These sub-interfaces will act as the Layer 3 (VLAN IP interfaces).





The stack settings does not have nothing related to these settings, and can be implemented easily.





Regards



Regards,
Fred Mancen
0 Kudos
meldrum
Occasional Advisor

тАО12-23-2009 11:19 AM

тАО12-23-2009 11:19 AM

Re: Partitioning ports using VLANs

I found the solution! After digging deeper into the documentation, what I found out is that 3Com has two versions of VLANs.  One is with tagging, where the packets are tagged with the VLAN number and it requires routers and attached gear to know about which VLAN they are on.  There is a second type of VLAN called UNTAGGED, and this is what I was looking for.  Untagged VLANs are names that the switch gives to ports and only packets that arrive on a particular UNTAGGED VLAN port can exit from a similarly VLANd ports, thus partitioning the switch.  The next trick was to find out how you assign an untagged VLan to a a port, and again down in the small print I found out you can do it through the telnet interface.


bridge valn modify addPort


.....


Enter tag type (untagged, tagged):





The switches pass both VLANs over the Gigabit backbone.  I was trying to use a GUI configuration tool and that tool hides the tagged/untagged VLans from the user.



0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.