Online Expert Day - HPE Data Storage - Live Now
April 24/25 - Online Expert Day - HPE Data Storage - Live Now
Read more
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Switch VLAN Interfaces

LS1971
Frequent Advisor

Switch VLAN Interfaces

Hi,

I have a A5120-48G-PoE+ EI (JG237A) switch running Comware Software, Version 5.20.99, Release 2220P02 configured with two VLAN interfaces:

interface Vlan-interface19
 description VLAN19
 ip address 10.190.80.251 255.255.255.0
#
interface Vlan-interface20
 description VLAN20
 ip address 10.10.80.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 10.10.80.254

In both VLANs, there is a gateway:

VLAN 20: 10.10.80.254

VLAN 19: 10.190.80.254

How do I tell the switch to use the gateway for the corresponding VLAN, when it is pinged on one of the VLAN interfaces?

Regards, Leonardo

Regards, Leonardo
4 REPLIES
16again
Respected Contributor

Re: Switch VLAN Interfaces

Configure additional, more specific, routes  towards networks behind the gateway on VLAN19

example: to reach 192.168.168.0/24 behind 10.190.80.254, configure
ip route-static 192.168.168.0 255.255.255.0  10.190.80.254

LS1971
Frequent Advisor

Re: Switch VLAN Interfaces

Both gateways are on a firewall (VPN tunnels), the same nets are reachable behind both gateways. When I ping the switch on the VLAN19 interface, it replies through the VLAN20 interface. That's the problem.
Regards, Leonardo
16again
Respected Contributor

Re: Switch VLAN Interfaces

By design the switch will send packets from the interface closest to the destination.

Why not let the L3 switch handle the internal routing, and use a single FW interface?

Vince-Whirlwind
Honored Contributor

Re: Switch VLAN Interfaces

A 0.0.0.0 0.0.0.0 n.n.n.n route is a default route. This tells the switch to send all packets to n.n.n.n unless there is a specific route for it.

From what you are saying, you have a bunch of remote subnets, with two paths to reach them.
The remote subnets can be reached either,
by configuring a default route and all traffic will take that route
or
configure routes for each subnet, pointing to the desired link you want traffic to be routed to.

Routing works by looking at the destination IP address in a packet, checking the routing table, and forwarding the packet accordingly.

What you are asking for is for the the *source* IP address to be looked at before making a routing decision. This is not how routing works.
 

If you want to look at the *source* IP address before making a routing decision, you will need to implement PBR.
Check your switch manual, under "Using ACLs".

PBR should not be used unless there is a very good reason.