LAN Routing

Need help with routing on HP ProCurve 2848

 
SOLVED
Go to solution
AlmightyOne
Advisor

Re: Need help with routing on HP ProCurve 2848

Can't ping anything from the switch...

# ping 192.168.2.1
Target did not respond.
# ping 192.168.2.1
Target did not respond.

You're right the working pings and traceroute to 8.8.8.8 don't use the switch as it basicalluy goes from LAN to WAN on the Netgear itself...  However, ping's and traceroute from 192.168.2.182 to 192.168.0.120 and 192.168.1.120 basically goes from the Netgear LAN wireless to wired to the  HP and then via wired ethernet to the 120 machine from the switch...

C:\WINDOWS\system32>ping -n 1 192.168.0.120

Pinging 192.168.0.120 with 32 bytes of data:
Reply from 192.168.0.120: bytes=32 time=411ms TTL=128

Ping statistics for 192.168.0.120:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 411ms, Maximum = 411ms, Average = 411ms

C:\WINDOWS\system32>ping -n 1 192.168.1.120

Pinging 192.168.1.120 with 32 bytes of data:
Reply from 192.168.1.120: bytes=32 time=18ms TTL=128

Ping statistics for 192.168.1.120:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 18ms, Average = 18ms

C:\WINDOWS\system32>tracert 192.168.0.120

Tracing route to SOLAR [192.168.0.120]
over a maximum of 30 hops:

  1     2 ms     2 ms     3 ms  NETGEAR-R7000-1 [192.168.2.1]
  2    15 ms    20 ms    18 ms  192.168.2.100
  3    13 ms    13 ms    14 ms  SOLAR [192.168.0.120]

Trace complete.

C:\WINDOWS\system32>tracert 192.168.1.120

Tracing route to 192.168.1.120 over a maximum of 30 hops

  1     7 ms    <1 ms    <1 ms  NETGEAR-R7000-1 [192.168.2.1]
  2   236 ms    15 ms    15 ms  192.168.2.100
  3   285 ms   149 ms   461 ms  192.168.1.120

Trace complete.

So it seems the HP switch just isn't doing the default route properly.  

16again
Respected Contributor

Re: Need help with routing on HP ProCurve 2848

What's current switch config, and on which port is netgear connected?

AlmightyOne
Advisor

Re: Need help with routing on HP ProCurve 2848

I'll do a quick summary:

Port 3 - Windows XP Desktop PC (wired 192.168.0.120/192.168.1.120 and wireless to Netgear 192.168.2.120)

Port 5 - Netgear R7000 WAN
Port 47 - Comcast Business Internet Gateway (10.0.10.1/24) LAN side

Port 48 - Netar R7000 LAN

Swtich configuration is as follows after I got the console working:

Startup configuration:

; J4904A Configuration Editor; Created on release #I.10.107

time timezone -480 
time daylight-time-rule Continental-US-and-Canada 
sntp server 216.239.32.15 
ip routing 
timesync sntp 
vlan 1 
   name "DEFAULT_VLAN" 
   untagged 2-47 
   ip address 192.168.0.100 255.255.255.0 
   no untagged 1,48 
   exit 
vlan 2 
   name "VLAN 2" 
   ip address 192.168.1.100 255.255.255.0 
   tagged 1-4
   exit 
vlan 3 
   name "VLAN 3" 
   ip address 192.168.2.100 255.255.255.0 
   tagged 48 
   exit 
ip route 0.0.0.0 0.0.0.0 192.168.2.1 
ip ssh
ip ssh version 1-or-2
password manager
password operator

Few questions, what's the difference for the VLAN ports between no and forbid?  Also, if I had two different WANs in the the future that broadcasts on the LAN side, how do I force it so it will only take the DHCP from one of them and not the other? Like port 1 will be one of them and port 47 is the current one for example as the Netgear's WAN is connected to the switch.
  
The only problem is it seems ping's and traceroute's are completely broken between the VLAN's from 192.168.2.182:

C:\WINDOWS\system32>ping -n 1 192.168.0.100

Pinging 192.168.0.100 with 32 bytes of data&colon;
Reply from 192.168.2.1: Destination host unreachable.

Ping statistics for 192.168.0.100:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),

C:\WINDOWS\system32>ping -n 1 192.168.1.100

Pinging 192.168.1.100 with 32 bytes of data&colon;
Reply from 192.168.2.1: Destination host unreachable.

Ping statistics for 192.168.1.100:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),

C:\WINDOWS\system32>ping -n 1 192.168.2.120

Pinging 192.168.2.120 with 32 bytes of data&colon;
Reply from 192.168.2.120: bytes=32 time=2ms TTL=128

Ping statistics for 192.168.2.120:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 2ms, Average = 2ms

C:\WINDOWS\system32>tracert 192.168.0.120

Tracing route to 192.168.0.120 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  router.asus.com [192.168.2.1]
  2  router.asus.com [192.168.2.1]  reports: Destination host unreachable.

Trace complete.

C:\WINDOWS\system32>tracert 192.168.1.120

Tracing route to 192.168.1.120 over a maximum of 30 hops

  1     1 ms     1 ms     1 ms  router.asus.com [192.168.2.1]
  2  router.asus.com [192.168.2.1]  reports: Destination host unreachable.

Trace complete.

C:\WINDOWS\system32>tracert 192.168.2.120

Tracing route to solar.DNALOGIC.NET [192.168.2.120]
over a maximum of 30 hops:

  1   300 ms     1 ms     1 ms  solar.DNALOGIC.NET [192.168.2.120]

Trace complete.
16again
Respected Contributor
Solution

Re: Need help with routing on HP ProCurve 2848

Assigning VLANs to ports is your problem, for instance this should fix switch<->netgearGW connectivity

vlan 3 
   untagged 48 

AlmightyOne
Advisor

Re: Need help with routing on HP ProCurve 2848

Thanks, that fixed it.  The reason I used tagged instead of untagged was when using the menu interface, it seems to only allow one untagged per port so when I try to have untagged on port 3 for example on VLAN 1 and VLAN 3, it said I can only have the port untagged in one VLAN only.   Here's a question, how do I do it if I wanted port 3 for example to be a member of  VLAN 1 and 2?  

Routing to the internet from the switch works now:

# trace 8.8.8.8
traceroute to 8.8.8.8 ,
              1 hop min, 30 hops max, 5 sec. timeout, 3 probes
 1 192.168.2.1            0 ms       0 ms       0 ms
 2 10.1.10.1              0 ms      25 ms       0 ms
 3 96.120.88.205         25 ms      25 ms      25 ms
 4 68.85.190.217         25 ms      25 ms       0 ms
 5 162.151.79.81         25 ms      25 ms      25 ms
 6 68.85.154.253         25 ms68.85.57.177          25 ms68.85.154.253         2
5 ms
 7 68.86.90.93          125 ms      25 ms * 
 8 68.86.86.26           25 ms68.86.86.70           25 ms68.86.86.166           
0 ms
 9 66.208.228.70         25 ms      25 ms      25 ms
10 216.239.49.11         25 ms      50 ms216.239.50.191        25 ms
11 216.239.43.239        25 ms216.239.49.83         25 ms216.239.56.127        2
5 ms
12 8.8.8.8               25 ms      25 ms      25 ms


In any case, if there was DHCP on both port 1 and port 47, how do I make the switch DHCP only from port 47 and ignore the one on port 1?   If I am correct, it is basically configuring VLAN 4 and then put a untagged on the port I want the DHCP to come from and use DHCP instead of defining a IP address.   

16again
Respected Contributor

Re: Need help with routing on HP ProCurve 2848

Only one VLAN can be untagged on a port.  All other VLANs on the port must be tagged. And the connected devices must use tagging as well.

If your 2 DHCP servers are for different networks, just make sure their switch port is set to correct VLAN.  That way, each VLAN has it's own isolated DHCP server

 

AlmightyOne
Advisor

Re: Need help with routing on HP ProCurve 2848

Still trying to understand what exactly tag is since I'm not even sure if the Netgear can do tagged or not.  I just know without VLAN, it would seem every host would need to be a member of the different /24's but with VLAN, it seems like I can just put the DSL modem (port 1) on it's own VLAN as 192.168.1.254/24 with the switch being 192.168.1.100/24 and I should be able to connect to it from the other VLANs without problems.  Will things like NAS and printer/file sharing work when it's not the same /24 and routing via a local VLAN though?  Also, what exactly is the difference between setting something to no untagged vs forbid which I think is the term.  I wonder though, instead of doing a VLAN, couldn't I just on the switch, make the IP address 192.168.0.100 and then set the netmask to 255.255.0.0, that way, it will seem I will get all 256 /24's running though.  

What I meant to say was if I have 2 DHCP servers but it's really for the Netgear to get the DHCP, I can either physically connect the cable to the connection on the WAN side or as it is now, the Netgear connects from WAN to switch, I can just do a VLAN and then just untag the netgear port and the switch port set to the port of the connection it should get it's VLAN from.  Since it seems like for the Netgear for example, instead of defining the IP of 192.168.2.100, I can just set that VLAN to DHCP and then set port 48 which is the Netgear LAN to untagged and it should get the 192.168.2.100 which is automatically assigned by the Netgear to the HP Switch and also send the route info.    The Netgear WAN side which is connected to the switch at port 5 would basically be on it's own VLAN so I can untag port 5 and the port that the upstream connection is on.  It seems like if I knew how to do it, I can even use the HP Switch to basically use two outgoing connections.

16again
Respected Contributor

Re: Need help with routing on HP ProCurve 2848

VLAN wiki:   https://en.wikipedia.org/wiki/IEEE_802.1Q
For networking selfstudy Cisco CCNA entry-level course is a great starting point. Lots of CCNA tutorials are floating the web.

AlmightyOne
Advisor

Re: Need help with routing on HP ProCurve 2848

I actually was networking before VLAN was even a standard in the late 1980's and early 1990's as I own and run a ISP but we don't do VLAN's as all our connections are on routers we built on our own so it goes through a WAN and all we do is route the entire CIDR block to the customer..  I don't even need the 192.168.1.x/24 anymore since I no longer have that connection so it was more of connecting to the web interface of that modem at 192.168.1.254 even though that modem can be a router and handle the 192.168.1.0/24 block.  What I meant to ask was it seems that for each port, it can be tagged, untag, off or forbid.  Off is obviously off but I'm trying to figure out what forbid is exactly.  

16again
Respected Contributor

Re: Need help with routing on HP ProCurve 2848

afaik, the use case for forbid-mode is on dynamic LACP trunks, where default VLAN shouldn't be present on the link.