HPE Community
LAN Routing
1752653 Members
5977 Online
108788 Solutions
New Discussion юеВ

providing internet access to vlan tagged ports on hp v1910-16g switch

 
manit123
Regular Visitor

тАО06-20-2017 12:55 AM

тАО06-20-2017 12:55 AM

providing internet access to vlan tagged ports on hp v1910-16g switch

Here is the situation
I have an ethernet cable coming out from my modem which I connect to my PC , then internet works on that PC. BTW , my PC is set to get ip and dns server via DHCP. It gets IP as 192.168.1.x/24 and gateway=DNS=192.168.1.10
Now I want to give internet access to six servers connected directly to this HP v1910-16g switch.
Note that - these six servers will have static IP (say 192.168.2.x) so that they can communicate with each other.These servers are simply PC's running some software (like asterisk) .
So far , I have thought that
I will make 6 ports untagged with same vlan (say 1001). vlan1001 interface on switch will have IP 192.168.2.1 .

Then I have to also give vlan 1002 internet access , vlan 1002 will go from trunk port of switch to a device that accepts tagged packets.
Guess , if 1001 works then I will be able to extend it to 1002 and others.
I am managing switch via web GUI.
Currently its 16th port is trunk allowing all tagged packets.

How should I go about giving vlan1001 internet access ?
Thanks.
Please let me know , if some other info is needed.

0 Kudos
6 REPLIES 6
Vince-Whirlwind
Honored Contributor

тАО06-20-2017 05:14 PM

тАО06-20-2017 05:14 PM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

The description is a bit vague on what you are connecting to what.

You need each VLAN to have a router address/default gateway. If both are on your firewall/router, then your switch will need to trunk both VLANs to the firewall/router, and the switch doesn't need any IP address in both VLANs. The FW/router will need a VLAN interface for each, with the router address/default GW on it. The FW/router will need to NAT for both subnets.
If you want to do the routing on your switch, then you should have a 3rd subnet to do the switch<---->FW/router point to point link, a default route on your switch poitning at the FW IP address, and routes on the FW point at the switch for your two internal subnets.

Don't use VLAN 1001, 1002, etc... Those often don't work, eg, with Cisco they are special reserved VLANs.

0 Kudos
manit123
Regular Visitor

тАО06-20-2017 11:42 PM

тАО06-20-2017 11:42 PM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

Thanks for replying .
I will clarify my requirement .
Say I am using vlan1500 (ip 192.168.1.134/24) and vlan1600(ip 192.168.2.1/24)
Vlan 1500 is access on port 5 , vlan 1600 is access on port 2.
Port 5 is connected to a modem that has access to DNS server 192.168.1.10
From switch console I am able to ping 192.168.1.10
I want to ping 192.168.1.10 from a device connected to port2 having IP 192.168.2.2/24 gw 192.168.2.1
What static route should I add ?
I tried destination 0.0.0.0 , mask 0.0.0.0 , next hop=192.168.1.10 with interface vlan1600 , vlan1500 , no interface .
Didn't get that ping working.

0 Kudos
Vince-Whirlwind
Honored Contributor

тАО06-21-2017 12:23 AM

тАО06-21-2017 12:23 AM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

You don't need any static route. What is 192.168.1.10's default GW?

0 Kudos
manit123
Regular Visitor

тАО06-21-2017 12:54 AM

тАО06-21-2017 12:54 AM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

yeah ,
That's the problem , the default gateway for 192.168.1.10 isn't 192.168.1.134.

0 Kudos
Vince-Whirlwind
Honored Contributor

тАО06-21-2017 02:50 AM

тАО06-21-2017 02:50 AM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

OK, so the DNS server's default gateway is on the thing you call a "modem"?

So this "modem" needs a route for 192.168.2.0/24 pointing at 192.168.1.134. 

Or sort it out so you don't have all different bits doing routing.

0 Kudos
manit123
Regular Visitor

тАО06-22-2017 12:03 AM

тАО06-22-2017 12:03 AM

Re: providing internet access to vlan tagged ports on hp v1910-16g switch

Looks like I started it all wrong.
Here is the configuration that works.

HP switch
[quote]

<HP>display current-configuration
#
 version 5.20, Release 1513P62
#
 sysname HP
#
 domain default enable system
#
 telnet server enable
#
 mirroring-group 1 local
#
 password-recovery enable
#
vlan 1
#
vlan 1001
#
vlan 1500
#
vlan 1600
#
vlan 1700
#
vlan 2001       
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-group system
#
local-user admin
 password cipher $c$3$0SHE/oG0nOPMqvU94abGChapLF68co8Bb+g=
 authorization-attribute level 3
 service-type ssh telnet terminal
 service-type web
#
interface NULL0
#
interface Vlan-interface1
 ip address 192.168.10.2 255.255.255.0
#
interface Vlan-interface1500
 ip address 192.168.7.3 255.255.255.0
#               
interface Vlan-interface1600
 ip address 192.168.2.1 255.255.255.0
#
interface GigabitEthernet1/0/1
#
interface GigabitEthernet1/0/2
 port access vlan 1600
#
interface GigabitEthernet1/0/3
 port access vlan 1700
#
interface GigabitEthernet1/0/4
 port access vlan 1600
#
interface GigabitEthernet1/0/5
 port access vlan 1500
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
 port access vlan 2001
#
interface GigabitEthernet1/0/8
#
interface GigabitEthernet1/0/9
 port access vlan 1500
#
interface GigabitEthernet1/0/10
#
interface GigabitEthernet1/0/11
 port access vlan 1001
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14
 mirroring-group 1 monitor-port
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
 port link-type hybrid
 port hybrid vlan 1001 1500 1600 1700 2001 tagged
 port hybrid vlan 1 untagged
 mirroring-group 1 mirroring-port both
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
 ip route-static 0.0.0.0 0.0.0.0 192.168.7.1
#
 ssh server enable
#
user-interface aux 0
user-interface vty 0 15
#
return

[/quote]
Explanation :
Switch's default route is to 192.168.7.1
VLAN 1500 is configured with IP 192.168.7.3/24
VLAN 1600 is configured with IP 192.168.2.1/24
To an untagged port of vlan1500 , a NAT router must be connected.
This NAT router gives 192.168.7.x IP to devices on LAN port.
It has a static route - destination 192.168.2.0 mask 24 gw 192.168.7.3
PC's with IP 192.168.2.x/24 gw 192.168.2.1 can be connected to untagged port of vlan 1600 of HP switch
These PC's should set their DNS server as 192.168.7.1
Here , we assume that WAN port of NAT router is connected to internet.

The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.