HPE Community
Aruba & ProVision-based
1753882 Members
7626 Online
108809 Solutions
New Discussion

Re: 5400 Port Problem

 
David_Corrigan
Visitor

‎08-11-2017 06:58 PM

‎08-11-2017 06:58 PM

5400 Port Problem

Seemlinly simple problem here. I've got a 5400 as our core switch and have a 3500 attached to one of the ports. I was adding a vlan, 103, and configuring it across the switches. The 3500 was on port F10 with a few vlans already setup. Added 103 as tagged and configured it on the 3500 as such. No traffic passed between them on that vlan. I tried a few different things on the 3500 with no luck. Out of desparation I moved the 3500 to port F11 on the 5400 and configured it the same as F10 and it all starts magically working. Thoughts? Anything no the config print out that could cause the issue? Here's the config of the 5400:

 

; J8697A Configuration Editor; Created on release #K.15.02.0005


time timezone -8
time daylight-time-rule Continental-US-and-Canada
console inactivity-timer 60
ip access-list extended "Restricted-1"
10 permit udp 0.0.0.0 255.255.255.255 10.1.4.50 0.0.0.0 eq 67
20 permit tcp 0.0.0.0 255.255.255.255 10.1.4.50 0.0.0.0 eq 53
30 permit udp 0.0.0.0 255.255.255.255 10.1.4.50 0.0.0.0 eq 53
40 permit tcp 0.0.0.0 255.255.255.255 10.1.4.51 0.0.0.0 eq 53
50 permit udp 0.0.0.0 255.255.255.255 10.1.4.51 0.0.0.0 eq 53
60 permit tcp 0.0.0.0 255.255.255.255 10.1.4.57 0.0.0.0 eq 443
70 permit tcp 0.0.0.0 255.255.255.255 10.1.4.54 0.0.0.0 eq 80
80 permit tcp 0.0.0.0 255.255.255.255 10.1.4.55 0.0.0.0 eq 80
90 permit tcp 0.0.0.0 255.255.255.255 10.1.4.55 0.0.0.0 eq 443
100 permit tcp 0.0.0.0 255.255.255.255 10.1.4.59 0.0.0.0 eq 443
110 permit tcp 0.0.0.0 255.255.255.255 10.1.4.60 0.0.0.0 eq 8880
120 permit tcp 0.0.0.0 255.255.255.255 10.1.4.60 0.0.0.0 eq 8843
130 permit tcp 0.0.0.0 255.255.255.255 10.1.4.54 0.0.0.0 eq 8880
140 permit tcp 0.0.0.0 255.255.255.255 10.1.4.54 0.0.0.0 eq 8843
150 permit tcp 0.0.0.0 255.255.255.255 10.1.5.8 0.0.0.0 eq 80
160 permit tcp 0.0.0.0 255.255.255.255 10.1.5.8 0.0.0.0 eq 443
161 permit tcp 0.0.0.0 255.255.255.255 10.1.5.8 0.0.0.0 eq 1640
162 permit tcp 0.0.0.0 255.255.255.255 10.1.5.8 0.0.0.0 eq 2195
163 permit tcp 0.0.0.0 255.255.255.255 10.1.5.8 0.0.0.0 eq 2196
200 deny ip 0.0.0.0 255.255.255.255 10.1.4.0 0.0.3.255
210 deny ip 0.0.0.0 255.255.255.255 10.1.8.0 0.0.3.255
220 deny ip 0.0.0.0 255.255.255.255 10.1.12.0 0.0.3.255
230 deny ip 0.0.0.0 255.255.255.255 192.168.7.0 0.0.0.255
300 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
ip access-list extended "D8"
exit
qos dscp-map 101110 priority 6
module 1 type J8702A
module 2 type J8705A
module 3 type J8702A
module 4 type J8705A
module 5 type J8702A
module 6 type J9535A
interface B23
speed-duplex 100-full
exit
interface C23
name "Reception Phone Console PC"
exit
interface D17
poe-lldp-detect enabled
exit
interface D23
name "B Bldg Fiber"
exit
interface D24
name "D Bldg"
exit
interface F10
name "Modular"
exit
interface F22
name "C Bldg Fiber"
exit
trunk D21,F24 Trk1 LACP
ip default-gateway 192.168.10.1
ip routing
vlan 1
name "DEFAULT_VLAN"
no untagged A1-A24,B1-B24,C1-C24,D1-D20,D22-D24,E1-E24,F1-F23,Trk1
no ip address
exit
vlan 10
name "MCDATA"
untagged A1-A17,A19,A22,A24,B2,B4,B6,B8-B24,C1-C14,C16,C18-C22,C24,D1-D20,D22-D24,E1-E8,E10-E24,F1,F3-F23,Trk1
ip forward-protocol udp 10.1.11.255 9
ip address 10.1.4.1 255.255.252.0
exit
vlan 11
name "NCDATA"
untagged E9
ip helper-address 10.1.4.50
ip address 10.1.8.1 255.255.252.0
tagged A9
exit
vlan 50
name "INTERNET"
ip address 192.168.10.254 255.255.255.0
tagged A9
exit
vlan 12
name "WIRELESS"
ip helper-address 10.1.4.50
ip address 10.1.12.1 255.255.252.0
tagged A9,A18,A20-A21,A23,B1,B3,B5,B7,C15,C17,D22-D24,E9,F10-F11,F20,F22,Trk1
exit
vlan 13
name "RESTRICTED"
ip helper-address 10.1.4.50
ip address 10.0.0.1 255.255.240.0
tagged A9,A18,A20-A21,A23,B1,B3,B5,B7,C15,C17,D22-D24,E9,F10-F11,F20,F22,Trk1
ip access-group "Restricted-1" vlan
exit
vlan 14
name "TECH"
ip helper-address 10.1.4.50
ip helper-address 10.1.5.8
ip address 192.168.7.1 255.255.255.0
tagged A9,A18,A20-A21,A23,B1,B3,B5,B7,C15,C17,D22-D24,E9,F10-F11,F20,F22,Trk1
exit
vlan 91
name "AV C212"
ip helper-address 10.1.4.50
ip address 192.168.91.1 255.255.255.0
tagged A9,F22
exit
vlan 90
name "VLAN90"
no ip address
exit
vlan 92
name "AV NC190"
ip helper-address 10.1.4.50
ip address 192.168.92.1 255.255.255.0
tagged A9,E9
exit
vlan 93
name "AV Fireside"
ip helper-address 10.1.4.50
ip address 192.168.93.1 255.255.255.0
tagged A9
exit
vlan 150
name "Commons Crestron"
ip address 192.168.1.1 255.255.255.0
tagged A9,F22,Trk1
exit
vlan 94
name "AV DAMP"
ip helper-address 10.1.4.50
ip address 192.168.94.1 255.255.255.0
tagged A9,D24
exit
vlan 95
name "AV NC-AMPH"
ip helper-address 10.1.4.50
ip address 192.168.95.1 255.255.255.0
tagged A9,E9
exit
vlan 96
name "Worship Center Sound Board"
ip address 192.7.7.1 255.255.255.0
tagged A9
ip proxy-arp
exit
vlan 97
name "AV NC180"
ip helper-address 10.1.4.50
ip address 192.168.97.1 255.255.255.0
tagged A9,E9
exit
vlan 98
name "BBldg AppleTV"
ip helper-address 10.1.4.50
ip address 192.168.98.1 255.255.255.0
tagged A9,D23
exit
vlan 99
name "ABldg AppleTV"
ip helper-address 10.1.4.50
ip address 192.168.99.1 255.255.255.0
tagged A9
exit
vlan 100
name "VOIP"
untagged C23,F2
qos priority 6
ip helper-address 10.1.4.50
ip address 10.1.100.1 255.255.255.0
tagged A2-A24,B1-B24,C1-C22,C24,D1-D20,D22-D24,E1-E24,F1,F3-F23,Trk1
voice
exit
vlan 101
name "AC"
ip helper-address 10.1.4.50
ip address 192.168.101.1 255.255.255.0
tagged A9,F22,Trk1
exit
vlan 102
name "Outdoor Plugs"
ip helper-address 10.1.4.50
ip address 192.168.102.1 255.255.255.0
tagged A9,D22-D24,F22,Trk1
exit
vlan 103
name "AP Manage"
untagged A18,A20-A21,A23,B1,B3,B5,B7,C15,C17
ip helper-address 10.1.4.50
ip address 192.168.103.1 255.255.255.0
tagged A7,A9,D22-D24,E9,F10-F11,F22,Trk1
exit
qos type-of-service diff-services
dhcp-snooping
dhcp-snooping authorized-server 10.1.4.50
dhcp-snooping authorized-server 10.1.5.8
dhcp-snooping authorized-server 192.168.7.17
dhcp-snooping vlan 10-14
power-over-ethernet pre-std-detect
radius-server host 10.1.4.50
timesync sntp
sntp unicast
sntp server priority 1 10.1.4.50
ip timep manual 10.1.4.50
ip route 0.0.0.0 0.0.0.0 192.168.10.2
ip route 192.168.8.0 255.255.255.0 192.168.7.205
ip route 192.168.9.0 255.255.255.0 10.1.4.5
ip route 192.168.20.1 255.255.255.255 192.7.7.240
ip route 192.168.20.2 255.255.255.255 192.7.7.240
interface A9
dhcp-snooping trust
exit

aaa authentication port-access eap-radius
aaa port-access authenticator active
spanning-tree Trk1 priority 4
spanning-tree priority 0
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator

 

0 Kudos
1 REPLY 1
parnassus
Honored Contributor

‎08-12-2017 04:50 AM - edited ‎08-12-2017 04:53 AM

‎08-12-2017 04:50 AM - edited ‎08-12-2017 04:53 AM

Re: 5400 Port Problem

Truly hard to understand the root cause of your issue...but, looking at your Switch running software version (K.15.02.0005), as it appears on reported configuration:

@David_Corrigan wrote:

; J8697A Configuration Editor; Created on release #K.15.02.0005

a thing is pretty clear: your Switch is running an almost 7 years old firmware (K.15.02.0005 was released on October 2010)...please correct me if I'm wrong here (a show flash and show version would clear things up with that regard)...so anything "strange" is truly possible...especially considering how many releases (K.15.xx and newer K.16.xx) were published in that very long timeframe.

I suggest you to revise old Release Notes (of K.15.04 or K.15.06. software branches, as example) - it's a time consuming task - to look for if a similar issue involving VLAN tagging was found and eventually fixed...but then, if you find it, don't limit yourself to upgrade to the nearest (old) fixing version...instead go ahead - that's a relatively fast procedure - and decide to keep your Switch software current (as example updating it to latest K.15.18 or better to latest K.16.02).


I'm not an HPE Employee
Kudos and Accepted Solution banner
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.