Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

Aaron Park
Occasional Visitor

HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

We are having some strang issues with an HP network. This is the first time we are using HP, prior was Cisco. I have already noticed a lot of differences one of the main things that is off topic is why doesnt a layer 3 switch have a DHCP server if HP compares the 3500yl to Cisco Catalyst 3560g?

Anyway I have included the running configs, please look at them and tell me what is wrong.

Equipment:
Cisco ASA 5505
3500 yl
2810 24g
2810 48g
2610 PWE

I would like the 3500yl provide all the routing.

The issues I am seeing include:
1. slow transfers from one pc to another within the local network on the same switch.
2. With equipment on the 2810 48g switch clients sometimes loss there DNS, even when everything is statically assigned. When I telnet into the management interface I can not ping the ISP DNS servers unless I reload the switch.
3. Some clients on the network communicate with each other over ports 41794 and 41795, I am not seeing loss packets but again communication is very slow. These clients are on the same switch.
4. the port attached to the asa is within vlan 1, how can I make this into a routed port (Cisco) ?

As far as I can tell the configs I provided are a very basic configuration and I shouldnt have these problems, please let me know what Im doing wrong.
8 REPLIES
Mohammed Faiz
Honored Contributor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

Hi,

A diagram outlining the switch inter-links and layouts would help diagnose the issue. On first glance I'd recommend updating the firmware on your 3500 as it's _very_ old.
You'll have to do this anyway if you decide to go through HP support so you may as well get it out of the way.
What are the end devices that are having issues (PC's, servers, etc?)
Aaron Park
Occasional Visitor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

AV equipment made by Crestron. Processors and touch panels, they recommend the setting to be 100 full.

Here is a ruff diagram.
Renico
Occasional Advisor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

Hi Aaron,

In addition I would recommend enabling spanning-tree to protect against any potential loops. By default it is not enabled on ProCurve.

The command are: "spanning-tree" on all the switches with the additional command "spanning-tree priority 0" on the 3500yl to configure it as the root.
Mohammed Faiz
Honored Contributor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

Ok, your right in that your setup is fairly straight forward so you shouldn't have any problems with this.
Have you checked for errors on the ports of devices you having issues with? "show interface x"
Can you check what speed/duplex the AV kit thinks it has negotiated to and compare it to the switch ("show interface brief x" and "show interface conf")?
The clients aren't using multicast to communicate are they? (it's common for most AV kit to do this) I'd enable IGMP snooping in the AV vlans ("vlan x ip igmp").

HTH
Aaron Park
Occasional Visitor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

Thanks for the comments guys, and I will send out some points:)

I did enable spanning-tree and I made the 3500yl the root. I did also enable igmp on vlan30.

I am still experiencing problems with the DNS.

Here are a few more questions; thanks in advance....

1. I have port 01 on the 3500yl connected to a cisco ASA fireall. The port on the cisco firewall is in vlan1. Ip is 10.10.10.1, the ip for the 3500yl is 10.10.10.2. Can you tell me from looking at the config for the 3500yl is the routing correct?

2. I am not having problems getting out to the internet, but in Cisco land i would make port 01 on the switch a "routed port" and I can assign the routed port any ip address I wanted but within the same subnet to the connected firewall. With this HP setup I enable IP routing but interface 01 connected to the firewall is assigned vlan 1. Is this correct? Shouldnt that switchport not be within a vlan?

3. Say if I have two clients on the 3500yl, one client is on vlan 30 the other in vlan 40. What should be the tcp/ip settings for the client? I was debating with another co-worker so just needed and I couldnt explain myself that well but what I have the clients set as is this:

vlan30 client 1:
IP: 10.20.30.50
SN:255.255.255.0
GW: 10.20.30.1
DNS: ISP provided

vlan40 client 1:
IP: 10.20.40.40
SN:255.255.255.0
GW:10.20.40.1
DNS:ISP provided

My co-worker is convinced it should be this:

vlan30 client 1:
IP:10.20.30.50
SN:255.255.255.0
GW: 10.10.10.1 (IP of the firewall)
DNS: 10.10.10.1 (IP of the firewall)
DNS2: ISP provided

From what I think isnt the GW always going to be the interface vlan IP of switch providing the routing.

He thinks its the last hop to the internet

some clarification please:
Mohammed Faiz
Honored Contributor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:


> 1. from looking at the config for the
> 3500yl is the routing correct?

That looks fine. You don't need the second line "ip route 69.5.27.250 255.255.255.255 10.10.10.1" though as it's using the same route as the default route.

> 2. Is this correct? Shouldnt that
> switchport not be within a vlan?

It works but it's not neat. You should have the link between the cisco and the HP as a /30 routed link.
So you'd have a seperate VLAN, for example VLAN 200, tagged on port 1 on the HP and an IP on that VLAN of 10.0.0.2/30.
Create the same VLAN on the Cisco, tag it on the link to the HP and add the address of 10.0.0.1/30 to it. Then update your routing on the switches appropriately.

> 3. Say if I have two clients on the
> 3500yl, one client is on vlan 30 the other
> in vlan ..

> some clarification please:

Your co-worker is incorrect (and you are right :) ). The point of a gateway is to allow a client to communicate with devices that are not on it's own subnet. If the gateway address the client is trying to reach is not on the same subnet as itself how can it talk to it?
The DNS servers can be on on a different subnet (and usually are). In the second example the firewall would have to be acting as a DNS server.
Aaron Park
Occasional Visitor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

"It works but it's not neat. You should have the link between the cisco and the HP as a /30 routed link.
So you'd have a seperate VLAN, for example VLAN 200, tagged on port 1 on the HP and an IP on that VLAN of 10.0.0.2/30.
Create the same VLAN on the Cisco, tag it on the link to the HP and add the address of 10.0.0.1/30 to it. Then update your routing on the switches appropriately."

So if I did this wouldnt I need to change the ip default gateways within the other switches?

and further more would that port be tagged for all the vlans?
Mohammed Faiz
Honored Contributor

Re: HELP NEEDED: Inter Vlan Switching, what is wrong with the following:

No, you'd still have the 10.10.10.2 address on the 3500 under vlan 1 (you're just not untagging vlan 1 on the port to the cisco anymore).
You'd only want routed traffic going over the cisco-3500 link so the only vlan tagged on there should be the new one.
I'm not 100% familiar with cisco setups but I believe you can tag just one vlan on a port rather than all of them (cisco "trunking").