Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Basic inter-switch routing issue

Dave Inglis
Occasional Contributor

Basic inter-switch routing issue

Hi all

Quick one, v basic setup. Two 5406zl switches configured as per the attached JPEG. VLANs tagged across trunk.

Everything working great, but only issue is that I cannot ping switch2 IP 10.1.255.251 from any VLAN. I can only ping it from switch1 console across the trunk.

* Only switch1 is enabled for routing.
* Switch1 has an IP address on each VLAN (used by devices as default gateways for each vlan).
* Both switches' management IP addresses are on DEFAULT_VLAN, along with the HSRP Routers.

Suspect it is the route 'back' from switch2 that is not right.

Any suggestions? Perhaps the default gateway of switch2 needs changing?

Configs follow.

Thanks for any assistance.

Dave


****** SWITCH 1 CONFIG ******

Startup configuration:

; J8697A Configuration Editor; Created on release #K.11.63

hostname "ProCurve Switch 5406zl"
snmp-server location "Left hand side"
max-vlans 256
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 5 type J8702A
trunk A24,B24,C24,D24 Trk1 Trunk
ip default-gateway 10.1.254.254
sntp server 192.168.47.1
ip routing
ip directed-broadcast
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A2
ip address 10.1.255.250 255.255.0.0
tagged Trk1
no untagged A3-A23,B1-B23,C1-C23,D1-D23,E1-E24
exit
vlan 4
name "GUEST"
tagged Trk1
no ip address
exit
vlan 2
name "IPT"
untagged C1,E13-E15
ip helper-address 10.1.0.1
ip address 10.1.2.254 255.255.255.0
tagged Trk1
ip igmp
exit
vlan 3
name "PRINT"
untagged E16-E24
ip helper-address 10.1.0.1
ip address 10.1.1.254 255.255.255.0
tagged Trk1
exit
vlan 5
name "SERVERS"
ip address 10.1.0.254 255.255.255.0
tagged Trk1
exit
vlan 6
name "CLIENTS"
untagged A3-A23,B1-B23,C2-C23,D1-D23,E1-E12
ip helper-address 10.1.0.1
ip address 10.1.3.254 255.255.255.0
tagged Trk1
ip igmp
exit
vlan 7
name "DEV"
ip helper-address 10.1.0.1
tagged Trk1
no ip address
exit
vlan 8
name "COLO2"
tagged Trk1
no ip address
exit
spanning-tree
spanning-tree Trk1 priority 4
ip route 0.0.0.0 0.0.0.0 10.1.254.254
no tftp-enable
password manager



****** Switch 2 Config ******

Startup configuration:

; J8697A Configuration Editor; Created on release #K.12.16

hostname "ProCurve Switch 5406zl"
snmp-server location "Right hand side"
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 5 type J8702A
module 6 type J8702A
trunk A24,B24,C24,D24 Trk1 Trunk
ip default-gateway 10.1.254.254
sntp server 192.168.47.1
ip directed-broadcast
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
ip address 10.1.255.251 255.255.0.0
tagged Trk1
no untagged A1-A23,B1-B23,C1-C23,D1-D23,E1-E24,F1-F24
exit
vlan 4
name "GUEST"
tagged A2,A4,Trk1
no ip address
exit
vlan 2
name "IPT"
untagged F24
tagged A4,Trk1
no ip address
ip igmp
exit
vlan 3
name "PRINT"
untagged B1-B12
tagged Trk1
no ip address
exit
vlan 5
name "SERVERS"
untagged D1-D12,F1-F12,F23
tagged A4,Trk1
no ip address
exit
vlan 6
name "CLIENTS"
untagged A1-A23,B13-B23,C1-C23,D13-D23,E1-E24,F13-F22
tagged Trk1
no ip address
ip igmp
exit
vlan 7
name "DEV"
tagged Trk1
no ip address
exit
vlan 8
name "COLO2"
tagged Trk1
no ip address
exit
spanning-tree
spanning-tree Trk1 priority 4
no tftp client


****** END ******
5 REPLIES
Shadow13
Respected Contributor

Re: Basic inter-switch routing issue

hi,

I can see for the pic that you have to cisco routers configured with HSRP and they are the default-gateway for the management VLAN.

Why did you enable routing in switch 1 when you have other default-gatway and 2 routers handling the routing ?

and why did you use /16 subnet in VLAN 1 adn all the other vlans has /24 subnet ?

try to configure the defualt gate-way int switch 2 to the ip address of switch 1 like below

ip default-gateway 10.1.255.250

and see if it works.

one more thing, can you please post the output of " show ip route" from switch 1


Regards,
Shadow13
Respected Contributor

Re: Basic inter-switch routing issue

Another thing,
remove ip default-gateway 10.1.254.254
from switch 1 coz it's already routing so no need for default gateway, and also you have a static route configured to that gateway.
Dave Inglis
Occasional Contributor

Re: Basic inter-switch routing issue

Hi,

This is a single site on an MPLS IPVPN.

The whole LAN of this site was configured as 10.1.0.0/16, the gateway (cisco routers) being 10.1.254.254/16.

Since assuming responsibility for this I wanted to carve up the big /16 into smaller /24's using VLANs.

So the routing on the MPLS ring points 10.1.0.0/16 to the cisco routers in this site. These routers then route traffic for 10.1.0.0/24, 10.1.1.0/24, 10.1.2.0/24 etc. to the routing switch at 10.1.255.250. I just wanted to get rid of the big 10.1.0.0/16 on this site's LAN.

So you could think of the 10.1.0.0/16 as an umbrella 'supernet' of the individual /24 VLANs.

Please correct me if i have gone about this the wrong way! Problem with in-house IT is that i am a 'jack of all trades', and master of none.....

The reason the 10.1.0.0/16 is used on the management VLAN is to avoid making more complicated (and expensive) routing changes at the MPLS provider, as well as enabling us to keep the same HSRP ip address on the ciscos.

The reason i wanted the switches to do the inter-vlan routing was just for ease of configuration as well as ease of dhcp relay. It kinda made sense to me... but perhaps that is a bad idea? My rationale was to avoid requesting routing changes on the MPLS routers, and to use one of the switches so that I had control myself (rather than painful 3rd party change control process). Also, we had the switches already and just weren't using the routing functionality.

I have configured the ip default-gateway on switch2 to 10.1.255.250, as you suggested. But no change unfortunately.

On switch 1, which is performing the routing, when I type 'no ip default-gateway' it tells me i must disable routing first. If i then type 'no ip route 0.0.0.0 0.0.0.0 10.1.254.254', i lose connectivity to the MPLS ring. Perhaps a restart is required? I know what you mean about having both 'ip default-gateway' AND an 'ip route 0.0.0.0 0.0.0.0 xxxxx' configured, but if i remove the ip route, the 'ip default-gateway' does not seem to be in effect. Perhaps a restart is required? or more patience!

Output of 'show ip route' on switch1:

ProCurve Switch 5406zl(config)# show ip route

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 10.1.254.254 1 static 1 1
10.1.0.0/16 DEFAULT_VLAN 1 connected 1 0
10.1.0.0/24 SERVERS 5 connected 1 0
10.1.1.0/24 PRINT 3 connected 1 0
10.1.2.0/24 IPT 2 connected 1 0
10.1.3.0/24 CLIENTS 6 connected 1 0
127.0.0.0/8 reject static 0 0
127.0.0.1/32 connected 1 0


ProCurve Switch 5406zl(config)#


Thanks very much for your help so far, any other suggestions or advice would be much appreciated. Like I said functionally all our VLANs and routing etc. are working great - just that I can't (and therefore our snmp tools can't) see switch2 from one of the vlans.

Cheers.

Dave

Dave Inglis
Occasional Contributor

Re: Basic inter-switch routing issue

OK interestingly I seem to have resolved this.

on switch 2 (that is NOT doing any routing), I have 'ip default-gateway' set to 10.1.255.250. Result of 'show ip route' on switch 2 was:

ProCurve Switch 5406zl(config)# show ip route

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 10.1.255.250 1 static 1 1
10.1.0.0/16 DEFAULT_VLAN 1 connected 1 0
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0


ProCurve Switch 5406zl(config)#



This suggests that all traffic, even traffic destined for say 10.1.3.0/24, would go via 10.1.255.250?

So. If I leave the default-gateway as is, but add a static route for 10.1.3.0/24 'ip route 10.1.3.0 255.255.255.0 10.1.255.250' then my pings from 10.1.3.x start responding. Show IP route shows:

ProCurve Switch 5406zl(config)# ip route 10.1.3.0/24 10.1.255.250
ProCurve Switch 5406zl(config)# show ip route

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 10.1.255.250 1 static 1 1
10.1.0.0/16 DEFAULT_VLAN 1 connected 1 0
10.1.3.0/24 10.1.255.250 1 static 1 1
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0


ProCurve Switch 5406zl(config)#

So looks like the ip default-gateway is not quite having the effect i thought it would.

Anwyay so by manually adding entries for each /24 subnet (there are only 8 or so) I can get everything working.

Any other suggestions please post them!!

Thanks

Dave
Pieter 't Hart
Honored Contributor

Re: Basic inter-switch routing issue

>>>
IP Route Entries
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- -----0.0.0.0/0 10.1.255.250 1 static 1 1
10.1.0.0/16 DEFAULT_VLAN 1 connected 1 0
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0
======================
This suggests that all traffic, even traffic destined for say 10.1.3.0/24, would go via 10.1.255.250?
<<<
no, there is an order in wich routes are searched.

1) a static route has the highest priority
(10.1.3.0/24 10.1.255.250 1 static 1 1)
2) connected networks come next.
(10.1.0.0/16 DEFAULT_VLAN 1 connected 1 0)
3) the rest goes to the default-gateway.
(0.0.0.0/0 10.1.255.250 1 static 1 1)

your problem comes from things like this :
>>>
vlan 1
ip address 10.1.255.250 255.255.0.0
exit
vlan 2
ip address 10.1.2.254 255.255.255.0
exit
<<<
you use mixed 10.1.255.250 in subnet 10.1.0.0/16 and 10.1.2.254 in 10.1.2.0/24,
where 10.1.0.0/16 is a "supernet" to 10.1.2.0/24 and both /16 and /24 networks are on the same switch directly connected.

switch-2 thinks it can send packets to 10.1.2.x directly without using a gateway.
so pings from 10.1.2.0/24 are forwarded by switch1 wich routes this to 10.1.0.0/16 network and packets arrive at switch-2.
return packets are sent directly to 10.1.2.0 (10.1.0.0/16 !) and NOT routed by switch-1 back to 10.1.2.0/24 .
When you add the static route, these packets are sent to switch-1 and then routed to 10.1.2.0/24.