LAN Routing
1748128 Members
3721 Online
108758 Solutions
New Discussion

HPE Router - IP addressing

 
ABZ78
Advisor

HPE Router - IP addressing

My question pertains to active active or active passive firewalls and or servers.

Take for example a Cisco router.  Each physical interface is programed with a unique IP address.  That physical interface may have subinterfaces, however those subinterfaces are a seperate network.  You can not program the same IP address on two interfaces.

Now take for example an HPE Aruba 5412 ZL2 with routing.  You can program the VLAN in the switch and tag/ untag ports to that VLAN as you like. 

From a cisco standpoint you would have to use a layer 2 switch in between the router and firewalls.

My questions are:  If you have a firewall cluster (both firewalls have same IP address) can you plug those firewalls into an HPE switch configured wtih routing or would that be problematic? 

Another example would be you have 2 servers configured as a failover, both servers use the same IP address. 

Could those be plugged into an HPE 5412 ZL2 confifured with routing? 

 

3 REPLIES 3
akg7
HPE Pro

Re: HPE Router - IP addressing

Hello @ABZ78 ,

I am not expert in Firewalls but as per my understanding same IP cannot be configured.

Virtual IP (VRRP) is the expection used for HA.

"My questions are:  If you have a firewall cluster (both firewalls have same IP address) can you plug those firewalls into an HPE switch configured wtih routing or would that be problematic? "  --It depends how you are connecting both firewalls  to switch.? I believe same IP cannot be used.

"Another example would be you have 2 servers configured as a failover, both servers use the same IP address. " -- How you are connecting these servers to switch? Teaming or Bonding would be on server side. I believe same IP cannot be used.

 

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
ABZ78
Advisor

Re: HPE Router - IP addressing

The firewalls are in an active passive HA.  So yes they both share same IP.  Sorry I missed that part origianly in my explanation.

The servers simply have static IPs and are on thier own 10GB fibre connections. No teaming, etc. 

Right now both firewall and servers are passing into a 5412 ZL2 which is configured with NO routing. 

 

I guess another way to ask is:  If you create the following on an HP 5412 ZL2 configured with routing which interface is the ip address assigned to?   On a cisco you would assign this to say the interface itself. 

VLAN 5
ip address 10.1.1.1 255.255.255.0
untagged A1-A10

 

akg7
HPE Pro

Re: HPE Router - IP addressing

Hello @ABZ78,

Here you have configureed SVI on VLAN 5 and interface A1-A10 mapped with VLAN5 as access port.

One more thing, Tagged=Trunk and Untagged=Access port in Aruba/Procurve switches.

Thanks!

 

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo