LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

Traffic not routing between VLANS

 
SOLVED
Go to solution
Highlighted
Occasional Visitor

Traffic not routing between VLANS

I have setup a 5400 series core switch with 6 VLANs.  I have done this before without issue but for some reason on this one I can't get the routing to work between VLAN's.  I cannot ping a device on VLAN 10 from VLAN 1, etc.  I have setup IP addresses on each VLAN, have added the defult static route and enabled RIP.  What am I missing?

; J9850A Configuration Editor; Created on release #KB.16.07.0003
; Ver #14:01.4f.f8.1d.fb.7f.bf.bb.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:4e
hostname "Core SW 5406"
module A type j9990a
module B type j9986a
module C type j9986a
module D type j9986a
module E type j9986a
timesync sntp
sntp unicast
sntp server priority 1 172.16.16.31
time daylight-time-rule continental-us-and-canada
time timezone -300
ip default-gateway 172.17.254.254
ip route 0.0.0.0 0.0.0.0 172.17.254.254
ip routing
snmp-server community "public" unrestricted
snmp-server contact "me"
oobm
ip address dhcp-bootp
exit
vlan 1
name "DEFAULT_VLAN"
no untagged A1,E1-E18
untagged A2-A24,B1-B24,C1-C24,D1-D24,E19-E24
ip address 172.17.17.20 255.255.0.0
ip rip 172.17.17.20
ipv6 enable
ipv6 address dhcp full
exit
vlan 2
name "GUEST-WIRELESS-INTERNET-ONLY"
untagged A1
tagged B24,D1-D17
no ip address
exit
vlan 3
name "VLAN3"
no ip address
exit
vlan 5
name "STAFF-WIRELESS-(BHS-STAFF)"
tagged B24,D1-D17
ip address 10.150.5.254 255.255.255.0
ip helper-address 172.17.17.224
ip rip 10.150.5.254
exit
vlan 10
name "CAMERA-VLAN"
tagged B24,E1-E18
ip address 10.150.10.254 255.255.255.0
ip helper-address 172.17.17.224
ip rip 10.150.10.254
exit
vlan 11
name "VOICE-VLAN"
tagged A2-A24,B1-B24,C1-C24,D18-D24,E19-E24
ip address 10.150.11.254 255.255.255.0
ip helper-address 172.17.17.224
ip rip 10.150.11.254
exit
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager

Thanks for reading!

4 REPLIES 4
Highlighted
Occasional Visitor

Re: Traffic not routing between VLANS

Update. Have removed RIP from VLANs.  No change in status.

; J9850A Configuration Editor; Created on release #KB.16.07.0003
; Ver #14:01.4f.f8.1d.fb.7f.bf.bb.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:4e
hostname "Core SW 5406"
module A type j9990a
module B type j9986a
module C type j9986a
module D type j9986a
module E type j9986a
timesync sntp
sntp unicast
sntp server priority 1 172.16.16.31
time daylight-time-rule continental-us-and-canada
time timezone -300
ip default-gateway 172.17.254.254
ip route 0.0.0.0 0.0.0.0 172.17.254.254
ip routing
snmp-server community "public" unrestricted
snmp-server contact "me"
oobm
ip address dhcp-bootp
exit
router rip
redistribute connected
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged A1,E1-E18
untagged A2-A24,B1-B24,C1-C24,D1-D24,E19-E24
ip address 172.17.17.20 255.255.0.0
ipv6 enable
ipv6 address dhcp full
exit
vlan 2
name "GUEST-WIRELESS-INTERNET-ONLY"
untagged A1
tagged B24,D1-D17
no ip address
exit
vlan 5
name "STAFF-WIRELESS-(BHS-STAFF)"
tagged A2,B24,D1-D17
ip address 10.150.5.254 255.255.255.0
ip helper-address 172.17.17.224
exit
vlan 10
name "CAMERA-VLAN"
untagged E1-E18
tagged B24
ip address 10.150.10.254 255.255.255.0
ip helper-address 172.17.17.224
exit
vlan 11
name "VOICE-VLAN"
tagged A3-A24,B1-B24,C1-C24,D18-D24,E19-E24
ip address 10.150.11.254 255.255.255.0
ip helper-address 172.17.17.224
exit
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager

Highlighted
Honored Contributor

Re: Traffic not routing between VLANS

Summary:

  • VLAN 1 has IP Address 172.17.17.20 with Subnet mask 255.255.0.0 (/16)
  • VLAN 2 has no IP Address assigned so it doesn't partecipate to IPv4 Routing provided by the Aruba Switch.
  • VLAN 5 has IP Address 10.150.5.254 with Subnet mask 255.255.255.0 (/24)
  • VLAN 10 has IP Address 10.150.10.254 with Subnet mask 255.255.255.0 (/24)
  • VLAN 11 has IP Address 10.150.11.254 with Subnet mask 255.255.255.0 (/24)
  • IP Routing is enabled so inter-VLANs routing should work automatically.
  • Last Resort Route (0.0.0.0/0.0.0.0) was defined and uses 172.17.254.254 as its Next Hop (172.17.254.254 is directly connected on VLAN 1)
  • With IP Routing enabled, IP Default Gateway setting is ignored (so you can disable it).

Try (it is just a test) with Hosts using manually assigned IP addresses:

Set a wired host (with its Firewall disabled) on VLAN 1 (example: one host connected on port A2 with an IP Address set within VLAN 1 Address Range, default gateway set to VLAN 1 IP Address) to PING another wired host (with its Firewall disabled) on VLAN 10 (example: one host connected on port E1 with an IP Address set within VLAN 10 Address Range, default gateway set to VLAN 10 IP Address) do the same in the other direction...it should work in both cases.

The other VLANs 5 and 11 have only tagged ports as members (VLAN 2 has just one port untagged BUT it is also without any IP addressing so it doesn't partecipate to IP Routing)...so to perform a simple useful test you need to be sure that attached devices "do understand" VLAN tagging (so their egress traffic to Switch's involved ports must be tagged in each VLAN they're connected to...to pass...and they will accept only tagged traffic too coming from the Switch).

Proposed test between hosts belonging to VLAN 1 and VLAN 11 is, given above facts, the most simple to perform.

 

Highlighted
Occasional Visitor
Solution

Re: Traffic not routing between VLANS

Thanks for your help.  It was a simple miscommunication on our end.  I thought we had kept the same IP address as the old IP router switch but had actually assigned a new IP address.  I simply had to update the routes in the firewall and it resolved all issues.

Highlighted
Honored Contributor

Re: Traffic not routing between VLANS

Glad you solved.