HPE Community
Switches, Hubs, and Modems
1753758 Members
4884 Online
108799 Solutions
New Discussion юеВ

Re: 2626 switchs and VLAN config

 
Stafford_3
Occasional Advisor

тАО11-04-2005 07:48 AM

тАО11-04-2005 07:48 AM

2626 switchs and VLAN config

Greetings,
I have 2 ProCurve 2626 PoE switches that I need to configure for voice and Data VLANs. This is my first experience with VLANs.

We have a Mitel 3300 phone system being installed and I need to create a seperate VLAN for voice. Phone connections will share cables/ports with internet data.

I am looking for a bit of guidance/recommendations to implement the correct configuration.

Attached is an image of the topology draft and
current procurve settings are:
Firewall:
WatchGuard Firebox X50.
Primary WAN connection - T1
Failover WAN connection - DSL
IP 192.168.1.1

Switch (HP ProCurve 2626 (5)):
HP ProCurve 2626 PWR:
VLAN 1 - Primary DEFAULT_VLAN (static)
Default data LAN.
IP: 192.168.1.5
Default Gateway: Not Set
Ports: 1, 3-26 untagged
Port 2 set to NO on VLAN 1

VLAN 2 - PhoneSystem (static)
IP Phone LAN
IP: 192.168.2.5
Default Gateway: 192.168.1.1 Not sure if this is correct
Broadcast domain: 192.168.2.0
Ports: 1-26 tagged

Ports:
VLAN 1:
1 - Connection from Firewall
2 - None (connects Mitel 3300 on VLAN 2)
3-24 - client connections
26 - Link with HP ProCurve 6 port 1

VLAN 2:
1 - Connection from Firewall
2 - Link with Mitel 3300
3-24 - client connections
26 - Link with ProCurve 6 port 1

QoS Priority:
Priority set by VLAN ID
VLAN1: No-override | No-override
VLAN2: Priority | 7

Switch (HP ProCurve 2626 (6)):
HP ProCurve 2626 PWR:
VLAN 1 - Primary DEFAULT_VLAN (static)
Default data LAN.
IP: 192.168.1.6
Default Gateway: Not Set

Ports: 1-26 untagged

VLAN 2 - PhoneSystem (static)
IP Phone LAN
IP: 192.168.2.6
Default Gateway: 192.168.1.1 Not sure if this is correct
Ports: 1-26 tagged

Ports:
VLAN 1:
1 - Link ProCurve 5 port 24
2 - None (connects Mitel 3300 on VLAN 2)
3-24 - client connections

VLAN 2:
1 - Link ProCurve 5 port 26
2 -24 - client connections

QoS Priority:
Priority set by VLAN ID
VLAN1: No-override | No-override
VLAN2: Priority | 7


Am I on the right track?
Also should I add priority to the specific port that the Mitel will be connected to on VLAN 2?
0 Kudos
6 REPLIES 6
Preston Gallwas
Valued Contributor

тАО11-04-2005 10:01 AM

тАО11-04-2005 10:01 AM

Re: 2626 switchs and VLAN config

Okay, first off
where to start...
Your default gateway for the firewall (Vlan1) is 192.168.1.1

What subnet masks are you using?
Switch (HP ProCurve 2626 (5)):
VLAN1 and VLAN 2 cannot have the same IP address
The default gateway on VLAN1 would be 192.168.1.1, the IP would be 192.168.1.5

VLAN 2 would need a different network (example, if your subnet mask is 255.255.255.0, you could do 192.168.2.5, and the default gateway (at the firewall, you make a subint) 192.168.2.1
if your firewall wont do subints, you'll want to turn (5) into a router by typing IP ROUTING and defining a static route ni your routers to redistribute.


Example

2626 (5)
IP ROUTING
VLAN1 192.168.1.5 255.255.255.0
DEFAULT GATEWAY 192.168.1.1
VLAN 2 192.168.2.1 255.255.255.0
default route 0.0.0.0 0.0.0.0 192.168.1.1

the clients ports and port where SWITCH (6) is would need to be
VLAN 1
Untagged
VLAN 2
tagged

I hope this makes sense.
0 Kudos
Preston Gallwas
Valued Contributor

тАО11-04-2005 10:02 AM

тАО11-04-2005 10:02 AM

Re: 2626 switchs and VLAN config

Also to clarify, If you do not use [5] as a router, but rather your firewall is a router and you need data and voice to flow on switch5 port 1,

port 1 would be untagged vlan 1
and tagged vlan2
0 Kudos
Stafford_3
Occasional Advisor

тАО11-07-2005 03:10 AM

тАО11-07-2005 03:10 AM

Re: 2626 switchs and VLAN config

Preston, Thank you for your input! Yes it is starting to make sense to me now.

OK..It did appear that I had the bulk of it set up correctly.

Our firewall does not support subnets but does do static routing so I will opt to add routing to switch 5.

VLAN 1 and 2 are on seperate networks.
vlan1 - 192.168.1.0 subnet 255.255.255.0
vlan2 - 192.168.2.0 subnet 255.255.255.0

switch 5
vlan1 IP 192.168.1.5
vlan2 IP 192.168.2.5

switch 6
vlan1 IP 192.168.1.6
vlan2 IP 192.168.2.6

vlan1 all ports untagged (port 2 disabled on switch 5)
vlan2 all ports tagged

If I understand your comments, I need to change the gateway on VLAN2 to 192.168.2.1 and add/enable static routing on switch 5, correct?

In your example:

2626 (5)
IP ROUTING
VLAN1 192.168.1.5 255.255.255.0
DEFAULT GATEWAY 192.168.1.1
VLAN 2 192.168.2.1 255.255.255.0
default route 0.0.0.0 0.0.0.0 192.168.1.1

Why do you use 192.168.2.1 for VLAN 2 and not 192.168.2.6?

Thanks again, this has been very helpful.
0 Kudos
Preston Gallwas
Valued Contributor

тАО11-07-2005 11:08 AM

тАО11-07-2005 11:08 AM

Re: 2626 switchs and VLAN config

VLAN2 exists as the "gateway" of that subnet - being the router, and that is typically the first usable address of a network (ergo, 192.168.2.1)

Someone correct me if theres a better way to do it, but thats to the best of my knowledge.
0 Kudos
Preston Gallwas
Valued Contributor

тАО11-07-2005 11:13 AM

тАО11-07-2005 11:13 AM

Re: 2626 switchs and VLAN config

Also,
"switch 5
vlan1 IP 192.168.1.5
vlan2 IP 192.168.2.5

switch 6
vlan1 IP 192.168.1.6
vlan2 IP 192.168.2.6

vlan1 all ports untagged (port 2 disabled on switch 5)
vlan2 all ports tagged"

Also, if a device is on a port that does not need both voice and data networks (say, a server end node or something) you don't need to tag that port. Not tagging it will reduce the traffic to that port and thus reduce overhead and processing on the physical node NIC as well (as tagged packets it doesnt use are dropped)

Hope that helps :)
0 Kudos
Stafford_3
Occasional Advisor

тАО11-08-2005 10:49 AM

тАО11-08-2005 10:49 AM

Re: 2626 switchs and VLAN config

I am still missing somethin here.
I reset both switches and started over.
If you haven't figured it out yet, I'm pretty new to all this.

switch 5
Default Gateway 192.168.1.1
vlan1 IP 192.168.1.5 untagged (for data)
vlan2 IP 192.168.2.5 tagged (for voice)

switch 5
Default Gateway 192.168.1.1
vlan1 IP 192.168.1.6 untagged (for data)
vlan2 IP 192.168.2.6 tagged (for voice)

all servers and workstations are attached to vlan1 and running fine.

I enabled routing on switch 5 but did not add any additional routes to the table and left the default route unaltered.

If I wanted to attach a host to vlan 2 and be able to ping it from vlan 1 or vice versa, what am I missing.

I tried this.
On a host system, I changed the following:
Test 1
host ip address: 192.168.2.112 (vlan2)
host mask: 255.255.255.0
host default gateway: 192.168.2.5 (vlan2)
ping 192.168.1.10 (host on vlan1)
ping result: request time out.

ping 192.168.1.5
request timeout

ping 192.168.2.6 (switch ip of same vlan)
request time out.

Test 2
host ip address: 192.168.2.112
host mask: 255.255.255.0
host default gateway: 192.168.1.5
ping 192.168.1.10 (host on vlan1)
ping result: request time out.

ping 192.168.1.5
request timeout

ping 192.168.2.6 (switch ip of same vlan)
request time out.

I can ping the switch ips for vlan1 from a host on vlan1, but I cant ping the switches on vlan2 from a host on vlan2.

Attached is the config setting from the switches for the vlans.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.