HPE Community
LAN Routing
1752679 Members
5332 Online
108789 Solutions
New Discussion

Re: Intra vlan routing between two 5406zl switches, shortest path question

 
rongtenx
Occasional Visitor

‎01-02-2013 02:59 AM

‎01-02-2013 02:59 AM

Intra vlan routing between two 5406zl switches, shortest path question

Hello,

 

 I am very new to networking so I am looking for pointers in the right direction for a network that I have inherited at work.

 

 Our network has at its core a 5406zl that is connected to our firewall and that is configured for ip routing.

 

 All other hp switches (5412zl) do not have ip routing enabled and have the vlan 1 ip of the 5406zl as default gateway.

 

 There are different vlans enabled on the switches, each switch has its own ip on each vlan, and each machine on each different vlan has the vlan ip address of the 5460zl as default gateway.

 

 Now everything works correctly, but when I do a traceroute from a machine in vlan2 to a machine in vlan3, the route shows as first line the default gw in vlan2  that is the vlan2 ip of the 5406zl.

 

This happens even if the two machines are on the same 5412zl switch.

 

Forgive my ignorance, but does that means that when data is exchanged between these two machines on vlan2 and vlan3 on one 5412zl switch, all traffic is actually routed by the 5406zl?

 

If this is the case, it would be very inefficient since the trunk between the two switches could be better used.

 

Is there any technique to improve this routing? I read about RIP, OSPF etc., I wanted just to know if you could point me in the direct direction to avoid studying things that do not bear the desired results.

 

Thanks for your attention

 

 

 

 

 

0 Kudos
5 REPLIES 5
Fredrik Lönnman
Honored Contributor

‎01-02-2013 09:15 AM

‎01-02-2013 09:15 AM

Re: Intra vlan routing between two 5406zl switches, shortest path question

You are correct, the routing will be done on the device you've configured as default gateway, which seems to be your 5406zl. Not knowing your topology there might be some improvements to do routingwise, but it also might not.

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

0 Kudos
rongtenx
Occasional Visitor

‎01-02-2013 11:53 PM

‎01-02-2013 11:53 PM

Re: Intra vlan routing between two 5406zl switches, shortest path question

Hello Fredrik,

 

 thanks for your answer.

 

 The network topology is quite simple: it is about a single site with one procurve switch for each building and a star based topology.

 

##########                    ##########

#Building1#                    #Building2#

##########                    ##########

                    \             /

                  ##########

                  #Building3#

                  ##########

                 /                 \

##########                    ##########

#Building4#                    #Building5#

##########                    ##########

 

There are no redundant links at the moment.

 

So, if I understand correctly, if I were to activate the ip routing on the other 5412zl and change the default gateway of the machines building wise I would avoid a lot of unnecessary traffic...

 

This could be done, I was hoping however that there was already some technology in place to take care of such scenario automatically..

 

Thanks again for the suggestion.

 

 

 

0 Kudos
paulgear
Esteemed Contributor

‎01-03-2013 02:09 PM

‎01-03-2013 02:09 PM

Re: Intra vlan routing between two 5406zl switches, shortest path question

Hi rongtenx,

If your VLANs are present on every site, then moving to a routed setup will not achieve much unless you also change your clients to use a different default gateway for each site.  This becomes tricky if you have Windows clients on your VLANs, because there will be multiple routers on each VLAN, and by default Windows ignores ICMP redirects, even from its default gateway.  This means that if the switches decide that there's a closer route for a given client, the client will ignore it.

To fix this by moving to a routed setup, you would also need to change your VLAN/IP addressing scheme to use independent VLANs for each site, choose an IP addressing scheme that allocates IP addresses topologically, change your switch-to-switch links to dedicated VLANs (which act like point-to-point links), and set up dynamic routing.  This would be my preferred setup in your situation, but if it has been in place a while, it's a lot of work to change it from a multi-site VLAN structure.

 

Keep in mind that the switches will track which MAC addresses are on which ports, so only broadcasts and inter-VLAN traffic should cross your switch-to-switch links.

Regards,
Paul
0 Kudos
Matcol
Frequent Advisor

‎03-04-2013 09:15 PM

‎03-04-2013 09:15 PM

Re: Intra vlan routing between two 5406zl switches, shortest path question

The first thing you need to understand is how ethernet works:

 - your hosts on the same subnet talk to each other by means of an ARP request/MAC-addressed frames.

 - hosts on different subnets issue no ARP, but automatically address their frames to the MAC address of the IP address that is configured as their default gateway.

 

So, as far as your network goes - the big question is this: *why* do you have devices on the same switch, but on different VLANs?

A secondary question is: why do you think hosts need to communicate with each other? Surely the services consumed by the hosts are all on servers, presumably segregated into their own VLAN somewhere?

Also, why do your switches have IP addresses in every VLAN? That's wrong - get rid of them and just keep one IP address on each switch in your management VLAN.

 

I think a redesign might be in order.

 

Each building should be on its own VLAN.

The switch in Building 3 can be your "core" - presumably somebody has been sensible and presented your WAN services there?

0 Kudos
paulgear
Esteemed Contributor

‎03-04-2013 11:07 PM

‎03-04-2013 11:07 PM

Re: Intra vlan routing between two 5406zl switches, shortest path question

Hi Matcol,

 

I'm not trying to start an argument here, but i don't think it's reasonable to tell rongtenx that it's time for a redesign.  The whole point of VLANs is that they decouple the logical topology from the physical topology.  This means that it's perfectly reasonable for VLANs to span switches, and to have multiple VLANs within a single switch.  One very common reason for this is campus-wide VoIP systems, but there are plenty of other reasons - and every network is different.  So i don't think it's up to us to tell rongtenx how it must be done.

Regards,
Paul
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.