Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

3500yl Vlan Routing (Router on a Stick)

TazDevil
Occasional Visitor

3500yl Vlan Routing (Router on a Stick)

I am trying to get my Vlan's to route to a router (which is providing NAT & DHCP services).

Vlan 1 - default (10.1.1.x)
vlan 10 - VoIP (172.16.1.x)
Vlan 50 - Data (172.16.2.x)
Valn 200 - WiFi-access (192.168.1.x)

I can connection and ping the default gateways of the different networks, but I cannot get out past.

The router is to be providing nat funcitons for the 172.16.x.x and 192.168.x.x networks, it was working perfect on a Cisco 3550, but I wanted to get this going on the 3500yl as it has PoE for my AP's which I want to get up and running.

I have the vlans created on the switch and the sub interfaces created on the router, I just cannot get from 192.168.1.x network past the 10.1.1.x of the router onto the rest of the network.

3500yl; config


; J8693A Configuration Editor; Created on release #K.14.47

hostname "ProCurve_3500_Lab"
module 1 type J86yyA
module 2 type J86xxA
module 3 type J8694A
ip default-gateway 10.1.1.1
vlan 1
name "DEFAULT_VLAN"
untagged 17-45,47-48,A1-A4
ip address 10.1.1.13 255.255.255.0
tagged 16
no untagged 1-15,46
exit
vlan 10
name "Voice"
ip address 172.16.1.3 255.255.255.0
tagged 1-16
voice
exit
vlan 30
name "ProCurve"
tagged 16
no ip address
exit
vlan 50
name "Data"
untagged 1-15
ip address 172.16.2.3 255.255.255.0
tagged 16
exit
vlan 200
name "WiFi-Access"
untagged 46
ip address 192.168.1.3 255.255.255.0
tagged 16
exit
ip route 0.0.0.0 0.0.0.0 10.1.1.1
snmp-server community "public" unrestricted
snmp-server host 10.1.1.214 "public"

Router Config;

interface FastEthernet0/0
no ip address
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 10.1.1.27 255.255.255.0
ip nat outside
ip virtual-reassembly
interface FastEthernet0/0.10
description Voice Vlan
encapsulation dot1Q 10
ip address 172.16.1.1 255.255.255.0
ip virtual-reassembly
interface FastEthernet0/0.50
description Data Vlan
encapsulation dot1Q 50
ip address 172.16.2.1 255.255.255.0
ip virtual-reassembly

ip route 0.0.0.0 0.0.0.0 10.1.1.1

Any help would be appreciated. Please let me know what you require for assistance.
10 REPLIES
Shadow13
Respected Contributor

Re: 3500yl Vlan Routing (Router on a Stick)

Can you post the topology diagram and mention where exactly is the router is connected (my guess is in port 16)

Also can you tell me where is this ip address 10.1.1.1 which you have configured as the default gateway ?

on the clients, what is the gateway configured for each vlan ?

Can you tell me what was the configuration on the 3550 which was before the 3500yl switch ?





TazDevil
Occasional Visitor

Re: 3500yl Vlan Routing (Router on a Stick)

Network

Internet->(ISP IP) ->Router(10.1.1.1)->10.1.1.27(Lab Router)->lab networks

10.1.1.1 network connects for 48 on ProCurve 3500 in Vlan1, Router is on Port 16, WiFi AP port 46 (Vlan 200), Phones Ports 1-16 (Voice Vlan 10, Data Vlan 50) all other ports Vlan 1 (10.1.1.x network)

3550 Config;
Building configuration...

Current configuration : 8428 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Lab_Switch
!
!
username admin privilege 15 password 7 03404C03571B23550D
no aaa new-model
ip subnet-zero
ip domain-name whitby.local
!
!
!
crypto pki trustpoint TP-self-signed-3642570752
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3642570752
revocation-check none
rsakeypair TP-self-signed-3642570752
!
!

quit
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface FastEthernet0/1
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/2
description Lab Desk Phone
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/3
description Other Lab Phone
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 50
switchport mode access
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/16
description Connection to CME Router
switchport access vlan 50
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 10
spanning-tree portfast
!
interface FastEthernet0/17
description i7-920 PC (MJ Line Out)
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/18
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/19
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/20
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/21
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/22
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/23
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/25
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/26
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/27
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/28
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/29
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/30
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/31
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/32
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/33
switchport trunk encapsulation dot1q
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/34
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/35
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/36
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/37
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/38
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/39
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/40
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/41
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/42
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/43
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/44
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/45
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/46
description Lab WiFi AP (Cisco)
switchport access vlan 200
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/47
switchport mode dynamic desirable
spanning-tree portfast
!
interface FastEthernet0/48
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,50
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode dynamic desirable
!
interface GigabitEthernet0/2
description Connection to Main House Network
switchport mode dynamic desirable
!
interface Vlan1
ip address 10.1.1.28 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
login local
transport input telnet ssh
line vty 5 15
login local
transport input telnet ssh
!
end
TazDevil
Occasional Visitor

Re: 3500yl Vlan Routing (Router on a Stick)

I forgot to mention, if I trunk the 3500yl to the 3550 everything works fine, I am just looking to migrate to the 3500yl. I need the router for Voice and DHCP service for the voice VLAN, if there is a better way to do this let me know as well. This is a non-production network and just a lab for testing.
Coliban
Advisor

Re: 3500yl Vlan Routing (Router on a Stick)

Hello TazDevil,

since i am suffering from the same behavior of the 3500yl switch, i would like to ask, if someone, or you, have found a workaround for this phenomen, that the 3500yl is not able to route between different vlans?

Thank you in advance.
EckerA
Respected Contributor

Re: 3500yl Vlan Routing (Router on a Stick)

Well, the 3500yl is capable of doing so, but you have to enable routing to achieve that.
Without the command the switch is just L2.
hth
alex
Coliban
Advisor

Re: 3500yl Vlan Routing (Router on a Stick)

@EckerA

Yes, i suppose, that the 3500yl is able to route, but it doesn´t. Maybe mine is broken? I have a rather simple network.

Off curse, "ip routing" is enabled on my system, but the 3500yl is not routing, thought it can reach the default gateway and all net members can reach the router.

I don´t know....

regards
EckerA
Respected Contributor

Re: 3500yl Vlan Routing (Router on a Stick)

hi,
it could help if you attach your config..
the switch needs to be the default gateway for your clients.
hth
alex
Coliban
Advisor

Re: 3500yl Vlan Routing (Router on a Stick)

Hello EckerA,

yes, i have by chance, something, or all, missconfigured :-(

I can ping, from the switch, the gateway and all subnets.

From all subnets, i can ping the switch ip.

But i can not ping from the subnets the gateway.

Here is the config File:
----------------------------------------
; J9310A Configuration Editor; Created on release #K.14.52

hostname "ProCurve Switch 3500yl-24G-PoEP"
module 1 type J93xxA
ip default-gateway 170.1.193.254
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1-4,6-10,12-15,17,21-24
ip address 172.168.1.1 255.255.255.0
no untagged 5,11,16,18-20
exit
vlan 2
name "Extern"
untagged 16
ip address 170.1.193.3 255.255.255.0
exit
vlan 20
name "WASS"
untagged 18-20
ip address 182.28.103.1 255.255.0.0
exit
vlan 30
name "FIRMA"
untagged 5,11
ip address 182.21.47.1 255.255.255.128
exit

gvrp
console baud-rate 19200
exit

----------------------------------------
EckerA
Respected Contributor

Re: 3500yl Vlan Routing (Router on a Stick)

moin,

have you configured the routes at your gateway?
you need a route to that gateway:
ip route 0.0.0.0 0.0.0.0 170.1.193.254
the default gateway config on the switch doesn't work if you enable ip routing.

have you configured the routes at your gateway(170.1.193.254)? something like:
ip route 172.168.1.1 255.255.255.0 170.1.193.3
ip route 182.28.103.1 255.255.0.0 170.1.193.3
ip route 182.21.47.1 255.255.255.128 170.1.193.3

hth
alex
Coliban
Advisor

Re: 3500yl Vlan Routing (Router on a Stick)

Moin EckerA :-))

I have to apologize. Due to weird circumstances, i´ve found the mistake. From the routers subnet, i was able to ping to the gateway, from the subnet of a client, it was not possible.

This, because the Gateway had a different route to the clients subnet, so he routed all clients requests to the old switch, a HP Procurve 2810.

For that, it had weird results, but when i deleted the route from the gateway, i was able to ping, and, from there, i was able to route outside.

Many thanks for your hints!

regards