1748265 Members
4019 Online
108760 Solutions
New Discussion

Re: vlan 1

 
tetzPeha
Advisor

vlan 1

Hi,

im trying to understand why HP force vlan 1 everywhere on comware 5 and 7.

when i configure a trunk, comware force the vlan 1 unless i dont write "undo port trunk permit vlan 1"

if i remove the vlan 1 from the trunk, i have no flow/network on PC connected on the switch.

So, how i can remove the vlan 1 and have connections ?

interface Bridge-Aggregation1
 description VERS COEUR
 port link-type trunk
 port trunk permit vlan 1 60
 link-aggregation mode dynamic

to

interface Bridge-Aggregation1
 description VERS COEUR
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 60
 link-aggregation mode dynamic

without vlan 1, the switch cannot works ... so what i miss ? what i dont understand from HP ?

thx for your reply

 

27 REPLIES 27
johnk3r
Respected Contributor

Re: vlan 1

Hello!

As far as I know, ALL manufacturers use a Vlan1 as default, so this behavior is not specific to HPE / ARUBA.

About your problem, if you want to remove a Vlan1 from this communication, you have to ensure that the interconnect switches do not use Vlan1 for communication.

Remember that Vlan is a broadcast domain that is usually associated with an IP address ...

**************************************
ATP FLEXNETWORK V3 | ACSA
tetzPeha
Advisor

Re: vlan 1

hi !

i never had this trouble/issue on cisco"s device, when i disable vlan 1 i dont have any problems. With HP, when i disable it and shutdown interface, sometimes i need it to have some flows ... :/

sdide
Respected Contributor

Re: vlan 1

Hi,

what is at the other end of the link, and how is that other end configured?

Regards.

Søren Dideriksen, Network Administrator
Region Midtjylland
tetzPeha
Advisor

Re: vlan 1

same configuration both BAGG.

fun fact, last week, i used "port trunk permit vlan all" and PC's clients cant reach every services. (both BAGG the permit vlan all) when i configure with "port trunk permit vlan 1 200" everything works

seems weird :D

 

VoIP-Buddy
HPE Pro

Re: vlan 1

My experience with a lot of customer configs is that most specifically do not want VLAN 1 running everywhere because it is the default VLAN.

Comware breaks up the VLAN from the interface.  You can never remove VLAN 1 but VLAN 1 doesn't ever need to have an interface. 

In additon to permitting VLAN's across a trunk, you need to make sure that the ports are all in the desired VLAN.  There is also the notion of the default VLAN for a trunk.  That's the PVID.  For traffic that is not tagged, it will go out on the PVID. 

From your configuration example it appears that you have not added the ports to VLAN 60.  Go into VLAN 60 and use the port command to add the ports to the VLAN as untagged ports.  For ports that you want tagged traffic, set that up in the interface for the port in question.

Regards,

David

I work for HPE in Aruba Technical Support
Vince-Whirlwind
Honored Contributor

Re: vlan 1

Is the PC in VLAN60?
Show us the PC's switchport config.

It is completely normal to create switch-to-switch links that have no VLAN1 on them.

Having said that, you are using "dynamic" LACP (why?) which is something I have never done, so maybe that LACP negotiation protocol requires VLAN1 in order to function?

tetzPeha
Advisor

Re: vlan 1

port on device are on vlan 60.

switch can reach google, but not the pc :) i must make again the LACP and now, it's good (i dont know why).

im not an HP expert, i worked with cisco before. On every LACP, i saw "link-aggregation mode dynamic", can you explain me what is the purpose of this command ? because i can activate the lacp edge-port also. (the LACP are between 2 switches)

VoIP-Buddy
HPE Pro

Re: vlan 1

LACP could care less what runs over it.  It is just a data link.  In most cases, it is better to use Dynamic (LACP) Link Aggregation than Static as LACP maintains link state and if one has a problem it will deal with it.  If none are available the Link Agg is down.  WIth Static Link Agg, the link is always up... even when it is not.  The switch will never know that the link is gone and the bits will pile up on the floor...  ;-)

You can run anything on that datalink..  set it as a trunk or access.  Doesn't matter.

You'll want to run VLAN 60 across the link and all of the ports on the switch that will need that access need to be placed in VLAN 60 or you won't get the traffic across.  If you set it up as a trunk, most customers as I said previously, will remove VLAN 1 from the trunk since it is the default VLAN.

Regards,

David

I work for HPE in Aruba Technical Support
Vince-Whirlwind
Honored Contributor

Re: vlan 1

I have never had problems with static link aggregation. In the extremely rare situation that a physical link fails, then its interface no longer receives aggregated traffic in either direction.
I have managed many, many aggregated links over the years, adding or removing links on the fly whilst under monitoring and the situation you decribe has never arisen.
The only problems with link aggregation I have seen is when a software bug fails to hash the traffic destination properly (VMWare) or when a software bug causes MAC address tables to be populated wrongly (Nortel).
(Never had problems on HP, I almost always just use non-LACP Trunks on HP. At one point I tried switching to LACP and found it far more work and I gave up on it).

Early in my networking career, I encountered Cisco VTP and the BIG lesson from that is that your network topology should be *by design*, not subject to risk-prone dynamic protocols.
(Except for routing protocols, although I have seen people use them completely unnecessarily in some instances too).