- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Re: Routing between VLANS on a 5412zl switch
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2012 03:12 PM
09-06-2012 03:12 PM
Routing between VLANS on a 5412zl switch
I have recently added an 8 port 10 Gb card to my 5412zl switch.
I have created a separate VLAN (10 Gb) to separate the traffic from my gigabit network. The interface IP address is 192.168.10.2.
The Default_VLAN has the IP address of 192.168.1.242
There is a SonicWall Firewall acting as the DHCP server as well as the gateway to the Internet with the gateway being set to 192.168.1.1.
I want to be able to route from either VLAN and use the single path through the firewall to provide Internet access to the 10 Gb clients.
I have some connectivity, I have a test PC on the 192.168.1.0 network and if I set it's gateway to the IP address of the switch (192.168.1.242) I can ping the test machine on the 192.168.10.0 network and see out to the internet.
Looking out from the 10.0 network I can't ping the 192.168.1.1 gateway but I can ping the test PC on the 192.168.1.0 network and I can ping the Default_VLAN address 192.168.1.242.
Any insight would be appreciated.
Running configuration:
; J8698A Configuration Editor; Created on release #K.15.07.0008
; Ver #02:1b.2f:36
hostname "Rooster-Procurve"
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 12 type J9546A
interface L1
name "10Gb1"
exit
interface L4
name "To XServe"
exit
ip default-gateway 192.168.1.1
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B24,C1-C24,D1-D24
ip address 192.168.1.242 255.255.255.0
no untagged L1-L8
exit
vlan 2
name "10Gb"
untagged L1-L7
ip address 192.168.10.2 255.255.255.0
tagged L8
exit
power-over-ethernet pre-std-detect
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 192.168.1.0 255.255.255.0 192.168.10.1
ip route 192.168.10.0 255.255.255.0 192.168.1.1
interface A1
flow-control
lacp key 500
exit
interface A3
lacp key 291
exit
interface A19
lacp key 291
exit
interface B13
flow-control
lacp key 500
exit
interface B15
flow-control
lacp key 500
exit
interface D1
flow-control
lacp key 500
exit
interface L1
flow-control
exit
interface L4
flow-control
exit
snmp-server community "public" unrestricted
snmp-server host 192.168.1.51 community "public"
snmp-server host 192.168.1.211 community "public"
spanning-tree
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator
IP Route Entries
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 192.168.1.1 1 static 1 1
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0
192.168.1.0/24 DEFAULT_VLAN 1 connected 1 0
192.168.10.0/24 10Gb 2 connected 1 0
- Tags:
- VLAN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-06-2012 05:12 PM
09-06-2012 05:12 PM
Re: Routing between VLANS on a 5412zl switch
The bottom line: your Sonicwall doesn't have a route to 192.168.10.0/24, so it can't respond to the pings from that network.
A couple of suggestions:
- Remove these routes from the 5400 config:
ip route 192.168.1.0 255.255.255.0 192.168.10.1
ip route 192.168.10.0 255.255.255.0 192.168.1.1
They are redundant because you are already connected to those networks. (Your show ip route output demonstrates this - they are connected routes, not static routes.) - Configure dynamic routing between your switch and your Sonicwall. Use OSPF if your 5400 is licensed for it, or RIPv2 if you must.
Caveat: I don't know anything about Sonicwall licensing. If they don't support dynamic routing on your current license, then you'll have to add a static route on the Sonicwall to 192.168.10.0/24 via 192.168.1.242.
If you're licensed for it, now is the time to implement dynamic routing, not when you've added 3 more VLANs and have a spaghetti-mess of static routes scattered everywhere. :-)
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-07-2012 07:20 AM
09-07-2012 07:20 AM
Re: Routing between VLANS on a 5412zl switch
Thank you Paul for your reply.
I have a call into SonicWall as to their implementation of dynamic routing.
I am about to start segmenting our network into multiple VLANs so this is a good test.
I assume that since the default gateway for the 192.168.1.0 network is the address of the VLAN (.1.242) my
DHCP server for that segment should be giving .1.242 as the default gateway not the address of the firewall (.1.1)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2012 01:04 AM
09-08-2012 01:04 AM
Re: Routing between VLANS on a 5412zl switch
A quick Google will show you that you can get both RIP and OSPF for SonicWall. The issue is whether or not you have to pay. :-)
If your SonicWall has a correct route to everything, it doesn't matter whether it is the default gateway or the switch is - both will send ICMP redirects to send the right traffic in the right directions. My personal inclination would be to leave the SonicWall as the default route for 192.168.1.0/24 and only change the default route to the switch for new VLANs.
Paul