HPE Community
Switches, Hubs, and Modems
1752408 Members
5612 Online
108788 Solutions
New Discussion юеВ

Re: Alternate default GW needed to let a PC internet access

 
APJ
Occasional Contributor

тАО02-16-2010 07:32 PM

тАО02-16-2010 07:32 PM

Alternate default GW needed to let a PC internet access

Hi all, been scratching this one for a few days now.. I'll try to explain..
We have a new network, just referring to 2 branches for this example.
ADMIN (2x4208vl)
Library (1x2610)
now vlans are setup on each switch and there is a trunk joining them routing is happy.
ip route 0.0.0.0 0.0.0.0 10.0.10.5 (which is our firewall/gateway to internet at admin)
Library has this ip route 0.0.0.0 0.0.0.0 172.16.1.254 which is the trunk back to admin.
works dandy for our staff PC's
BUT..
Library also has a group of PC's for public access (192.168.0.xxx with their GW being a little router 192.168.0.1 @ Library) all these devices are on their own vlan.
I need a PC @ Admin to be anble to get to the internet through the Library public router!
here's what I have so far..
test PC on admin switch is..
IP =192.168.1.222 GW= 192.168.0.1
route add 192.168.0.1 mask 255.255.255.255 192.168.1.254 metric 1

**********************************************

Router at Library that has the internet off it..

IP=192.168.0.1
route add 192.168.1.222 mask 255.255.255.255 192.168.0.254 metric 1

***********************************************

Now, with these 2 routes in place I can ping 192.168.0.1 from 192.168.1.222 fine..
and ping 192.168.1.222 from 192.168.0.1 fine..

I can also browse to 192.168.0.1 and log into the router config page via IE..

I can't get to the wider internet from 192.168.1.222 though??
I have tried 192.168.0.1 and our ISP's DNS address as the DNS server on 192.168.1.222 but neither work..
I don't know if having the DGW of 192.168.0.1 on the 1.222 PC is valid (as it's on a different address range) but thought the static route might allow 1.222 to see 0.1 router as the DGW.. like I said all pings work and can access the routers config ok.. just won't pass internet traffic.
Is there a way I can get this to work.. 'without upsetting the staff network of course'
New HP procurve's must be able to address this sort of setup.. it would be quite common for different groups to need different DGW's.
hope someone can help..
I can offer the configs of the 2 switches if needed.
thanks
AJ
0 Kudos
9 REPLIES 9
east
Occasional Contributor

тАО02-17-2010 11:57 AM

тАО02-17-2010 11:57 AM

Re: Alternate default GW needed to let a PC internet access

Can you post your configs here? Would make it easier to understand.

Also the ipconfig of the PC at Admin.
0 Kudos
jmglass
Occasional Advisor

тАО02-17-2010 07:00 PM

тАО02-17-2010 07:00 PM

Re: Alternate default GW needed to let a PC internet access

Hi,
I may be missing something but wouldn't you want on your test PC;

route add 0.0.0.0 mask 255.255.255.255 192.168.0.1 metric 1

to set default route to Library router to reach Internet. Also would verify you have dns servers that work on the test PC if using hostnames
0 Kudos
APJ
Occasional Contributor

тАО02-17-2010 07:04 PM

тАО02-17-2010 07:04 PM

Re: Alternate default GW needed to let a PC internet access

Here's the 2 switch configs followed by the ipconfig of the PC at admin..
Also attached a wonderful mud map of how it kinda sits.. excuse the artistry.. ahem
diagram mistake-trunk is vlan201.. sorry
AJ

hostname "PrimarySwitchAdmin"
max-vlans 256
module 5 type J8768A
module 4 type J8768A
module 3 type J8768A
module 1 type J8768A
module 6 type J8768A
module 2 type J9033A
interface D19
speed-duplex 100-full
exit
ip routing
snmp-server community "public" Unrestricted
snmp-server host 10.0.1.159 "public"
vlan 1
name "PC"
untagged A4-A24,B1-B12,B21-B24,C1-C24,E1-E24,F1-F23
ip address 10.0.1.254 255.255.255.0
ip helper-address 10.0.10.7
no untagged A1-A3,B13-B20,D1-D24,F24
exit
vlan 10
name "Server"
untagged B13-B20,D1-D20
ip address 10.0.10.254 255.255.255.0
tagged B24,C1-C3
exit
vlan 99
name "Management"
ip address 10.0.99.254 255.255.255.0
tagged B24,C1-C3
exit
vlan 7
name "Voice"
ip address 10.0.7.254 255.255.255.0
ip helper-address 10.0.10.7
tagged A4-A24,B1-B24,C1-C24,E1-E24,F1-F23
voice
exit
vlan 77
name "VoiceServers"
untagged D21-D24
ip address 10.0.77.254 255.255.255.0
tagged B24,C1-C3
exit
vlan 201
name "VLAN201"
untagged A1
ip address 172.16.1.254 255.255.255.0
exit
vlan 202
name "VLAN202"
untagged A2
ip address 172.16.2.254 255.255.255.0
exit
vlan 204
name "VLAN204"
untagged A3
ip address 172.16.4.254 255.255.255.0
exit
vlan 500
name "Internet"
ip address 142.1.10.250 255.255.255.0
exit
vlan 80
name "Public_ADMIN"
untagged F24
ip address 192.168.1.254 255.255.255.0
tagged C1-C3
exit
ip route 10.1.0.0 255.255.0.0 172.16.1.253
ip route 10.3.0.0 255.255.0.0 172.16.1.253
ip route 172.16.3.0 255.255.255.0 172.16.1.253
ip route 10.2.0.0 255.255.0.0 172.16.2.253
ip route 10.4.0.0 255.255.0.0 172.16.4.253
ip route 0.0.0.0 0.0.0.0 10.0.10.5
ip route 192.168.0.0 255.255.0.0 172.16.1.253
spanning-tree
spanning-tree priority 1
password manager
*********************************************

hostname "LibrarySwitch"
interface 26
speed-duplex 100-full
exit
ip routing
snmp-server community "public" Unrestricted
snmp-server host 10.0.1.159 "public"
vlan 1
name "PC"
untagged 2-23,27-28
ip address 10.1.1.254 255.255.255.0
ip helper-address 10.0.10.7
no untagged 1,24-26
exit
vlan 99
name "Management"
ip address 10.1.99.254 255.255.255.0
exit
vlan 7
name "Voice"
ip address 10.1.7.254 255.255.255.0
ip helper-address 142.1.10.7
ip helper-address 10.0.10.7
tagged 2-23
voice
exit
vlan 10
name "Servers"
untagged 25
ip address 10.1.10.254 255.255.255.0
exit
vlan 77
name "VoiceServers"
ip address 10.1.77.254 255.255.255.0
exit
vlan 201
name "WAN"
untagged 1
ip address 172.16.1.253 255.255.255.0
exit
vlan 203
name "VLAN203"
untagged 26
ip address 172.16.3.254 255.255.255.0
exit
vlan 80
name "Public_LIB"
untagged 24
ip address 192.168.0.254 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 172.16.1.254
ip route 10.3.0.0 255.255.0.0 172.16.3.253
spanning-tree
password manager
*******************************************

Windows IP Configuration

Host Name . . . . . . . . . . . . : HPTEST
Primary Dns Suffix . . . . . . . : vpk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : vpk

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168D(P)/8111D(P) PCI-E G
igabit Ethernet NIC
Physical Address. . . . . . . . . : 00-24-1D-18-XX-XX
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.222
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . :
xxx.xxx.xxx.xxx(valid and tested DNS entries)
yyy.yyy.yyy.yyy


0 Kudos
EckerA
Respected Contributor

тАО02-17-2010 10:11 PM

тАО02-17-2010 10:11 PM

Re: Alternate default GW needed to let a PC internet access

I really don't see how this should work. your testPC needs a default gateway in his subnet. the ping only works cos of the extra route, but when you want to go to the internet the route
route add 192.168.0.1 mask 255.255.255.255 192.168.1.254 metric 1
doesn't help at all, cos the internet is on different subnets ;-)
why not just change the gw to 192.168.1.254

hth
alex
0 Kudos
APJ
Occasional Contributor

тАО02-17-2010 11:10 PM

тАО02-17-2010 11:10 PM

Re: Alternate default GW needed to let a PC internet access

OK, have tried the PC (192.168.1.222) with a DGW of 192.168.1.254... still no go.
symptoms the same.
using DGW 192.168.1.254.. how would the PC then know to hit 192.168.0.1 at the other end for internet access?
ta
AJ
0 Kudos
EckerA
Respected Contributor

тАО02-17-2010 11:29 PM

тАО02-17-2010 11:29 PM

Re: Alternate default GW needed to let a PC internet access

your device with 192.168.1.254 needs to have a null route to the 192.168.0.1 subnet.

i will try to explain but my englisch is bad..
your test pc want to ping the 192.168.0.1. ok he looks in his routing table and finds 192.168.0.1 is at 192.168.1.254 that works just fine.
but internet goes like this:
you want to go to lets say www.hp.com (15.192.45.28). your pc looks in his routing table and bang there is the null route pointing to 192.168.0.1 ok, but hell the pc doesn't know that subnet, so he drops the packet. the pc doesn't look than where to find 192.168.0.1 cos thats not where you wanted to go in the first place. only that is important.
hope you get the idea.
hth
alex
0 Kudos
EckerA
Respected Contributor

тАО02-17-2010 11:35 PM

тАО02-17-2010 11:35 PM

Re: Alternate default GW needed to let a PC internet access

just to add a little thing
the device with 192.168.1.254 needs to be able to route the traffic.
0 Kudos
APJ
Occasional Contributor

тАО02-18-2010 06:35 PM

тАО02-18-2010 06:35 PM

Re: Alternate default GW needed to let a PC internet access

OK, I think whats happening is windows/IE can only have a DGW that lives on the same IP subnet as the PC itself ie: it won't get to a DGW via a static route.. crappy!
anyway.. the way these switches have been setup is via a trunk between sites on vlan201. is there a way to add the 192.168.0.x address range across that trunk?
like can vlan201 have 2 address ranges assigned?
or.. the fibre link is transparent.. so anything can traverse between sites, can I plug the fibre links into a dumb switch at each end then the pc and the trunk port into the dumb switch at admin and the router and public switch into the dumb switch at the library end.. pc @ admin can then be 192.168.0.222 DGW 192.168.0.1 and all be sweet.. will this work? what issues are there in doing this?
any other ideas welcome.
I can't believe that the HP gear cannot do such a simple task??
can't you assign a DGW to a specific vlan or something.
AJ
0 Kudos
EckerA
Respected Contributor

тАО02-18-2010 10:01 PM

тАО02-18-2010 10:01 PM

Re: Alternate default GW needed to let a PC internet access

Hi,
i would simple extend that 192.168.0.0/24 subnet to your admin switch, then you don't need that 192.168.1.0/24 subnet.
at the admin switch:
conf
vlan 80
no ip address
tagged 1 <-if this is the uplink to the library
exit
wr mem
and at the library switch
conf
vlan 80
tagged 1 <-see comment above
exit
wr mem
then your pc gets an ip in the 192.168.0.0/24 subnet with the default gateway 192.168.0.1
and that should be it.

i guess your problem has nothing to do with the hp switches.
the gateway entry on the switch is only to manage the switch from different subnets and not for the systems attached. i don't think there is any switch on the market who con have more then one DGW cos the DGW is always only for the system itself.

hth
alex
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.