LAN Routing
1748345 Members
5195 Online
108762 Solutions
New Discussion

Re: Routing between VLANS on a 5412zl switch

 
Sean_Cowan
Visitor

Routing between VLANS on a 5412zl switch

I have recently added an 8 port 10 Gb card to my 5412zl switch.

 

I have created a separate VLAN (10 Gb) to separate the traffic from my gigabit network. The interface IP address is 192.168.10.2.

 

The Default_VLAN has the IP address of 192.168.1.242

 

There is a SonicWall Firewall acting as the DHCP server as well as the gateway to the Internet with the gateway being set to 192.168.1.1.

 

I want to be able to route from either VLAN and use the single path through the firewall to provide Internet access to the 10 Gb clients.

 

I have some connectivity, I have a test PC on the 192.168.1.0 network and if I set it's gateway to the IP address of the switch (192.168.1.242) I can ping the test machine on the 192.168.10.0 network and see out to the internet.

 

Looking out from the 10.0 network I can't ping the 192.168.1.1 gateway but I can ping the test PC on the 192.168.1.0 network and I can ping the Default_VLAN address 192.168.1.242.

 

Any insight would be appreciated.

 

 

 

 

 

 

 


Running configuration:

; J8698A Configuration Editor; Created on release #K.15.07.0008
; Ver #02:1b.2f:36

hostname "Rooster-Procurve"
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 12 type J9546A
interface L1
   name "10Gb1"
exit
interface L4
   name "To XServe"
exit
ip default-gateway 192.168.1.1
ip routing
vlan 1
   name "DEFAULT_VLAN"
   untagged A1-A24,B1-B24,C1-C24,D1-D24
   ip address 192.168.1.242 255.255.255.0
   no untagged L1-L8
   exit
vlan 2
   name "10Gb"
   untagged L1-L7
   ip address 192.168.10.2 255.255.255.0
   tagged L8
   exit
power-over-ethernet pre-std-detect
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 192.168.1.0 255.255.255.0 192.168.10.1
ip route 192.168.10.0 255.255.255.0 192.168.1.1
interface A1
   flow-control
   lacp key 500
   exit
interface A3
   lacp key 291
   exit
interface A19
   lacp key 291
   exit
interface B13
   flow-control
   lacp key 500
   exit
interface B15
   flow-control
   lacp key 500
   exit
interface D1
   flow-control
   lacp key 500
   exit
interface L1
   flow-control
   exit
interface L4
   flow-control
   exit
snmp-server community "public" unrestricted
snmp-server host 192.168.1.51 community "public"
snmp-server host 192.168.1.211 community "public"
spanning-tree
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator


                               IP Route Entries

  Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
  ------------------ --------------- ---- --------- ---------- ---------- -----
  0.0.0.0/0          192.168.1.1     1    static               1          1
  127.0.0.0/8        reject               static               0          0
  127.0.0.1/32       lo0                  connected            1          0
  192.168.1.0/24     DEFAULT_VLAN    1    connected            1          0
  192.168.10.0/24    10Gb            2    connected            1          0


 

 

 

 

3 REPLIES 3
paulgear
Esteemed Contributor

Re: Routing between VLANS on a 5412zl switch

The bottom line: your Sonicwall doesn't have a route to 192.168.10.0/24, so it can't respond to the pings from that network.

 

A couple of suggestions:

  1. Remove these routes from the 5400 config:
    ip route 192.168.1.0 255.255.255.0 192.168.10.1
    ip route 192.168.10.0 255.255.255.0 192.168.1.1
    They are redundant because you are already connected to those networks.  (Your show ip route output demonstrates this - they are connected routes, not static routes.)
  2. Configure dynamic routing between your switch and your Sonicwall.  Use OSPF if your 5400 is licensed for it, or RIPv2 if you must.

Caveat: I don't know anything about Sonicwall licensing.  If they don't support dynamic routing on your current license, then you'll have to add a static route on the Sonicwall to 192.168.10.0/24 via 192.168.1.242.

 

If you're licensed for it, now is the time to implement dynamic routing, not when you've added 3 more VLANs and have a spaghetti-mess of static routes scattered everywhere.  :-)

Regards,
Paul
Sean_Cowan
Visitor

Re: Routing between VLANS on a 5412zl switch

Thank you Paul for your reply.

 

I have a call into SonicWall as to their implementation of dynamic routing.

 

I am about to start segmenting our network into multiple VLANs so this is a good test.

 

I assume that since the default gateway for the 192.168.1.0 network is the address of the VLAN (.1.242) my


DHCP server for that segment should be giving .1.242 as the default gateway not the address of the firewall (.1.1)

 

 

paulgear
Esteemed Contributor

Re: Routing between VLANS on a 5412zl switch

Hi Sean,

A quick Google will show you that you can get both RIP and OSPF for SonicWall. The issue is whether or not you have to pay. :-)

If your SonicWall has a correct route to everything, it doesn't matter whether it is the default gateway or the switch is - both will send ICMP redirects to send the right traffic in the right directions. My personal inclination would be to leave the SonicWall as the default route for 192.168.1.0/24 and only change the default route to the switch for new VLANs.
Regards,
Paul