Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

HP 5304Xl inter-vlans routing issue

SOLVED
Go to solution
Marius_rg
Advisor

HP 5304Xl inter-vlans routing issue

Hello,

I want to break my network into 8 vlans:
vlan10- 10.20.10.0/27
vlan20 -10,20,10,32/28
vlan30- 10,20,10,48/28
vlan40- 10,20,10,64/26
vlan50- 10,20,10,128/26
vlan60- 10,20,10,192/28
vlan70- 10,20,10,208/28
vlan80- 10,20,10,224/27

I have a layer 3 sw 5304XL and tree layer 2 sw 2524/2650.
On 5304xl I created those vlans. I will copy my running config to be more clear.
=======================
ip default-gateway 10.20.10.1
sntp server 10.20.10.1
ip routing
timesync sntp
sntp unicast
logging 10.20.10.34
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B11,B13-B17,B19-B24,C1-C4,D1-D4
ip address 10.20.10.3 255.255.255.0
ip helper-address 10.20.10.246
no untagged B12,B18
exit
vlan 20
name "VLAN_VideoCA"
untagged B18
ip address 10.20.10.33 255.255.255.240
tagged C3
exit
vlan 30
name "VLAN_BONUS"
untagged B12
ip address 10.20.10.49 255.255.255.240
ip helper-address 10.20.10.34
tagged C3
exit
vlan 40
name "VLAN_QA"
ip address 10.20.10.65 255.255.255.192
ip helper-address 10.20.10.34
tagged C3
exit
vlan 60
name "VLAN_ProdOEM"
ip helper-address 10.20.10.34
exit
vlan 70
name "VLAN_HR_ACC"
no ip address
ip helper-address 10.20.10.34
exit
vlan 80
name "VLAN_SERVERS"
no ip address
ip helper-address 10.20.10.34
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
ip route 10.20.10.0 255.255.255.0 10.20.10.1
ip route 10.20.10.32 255.255.255.240 10.20.10.1
ip route 10.20.10.48 255.255.255.240 10.20.10.1
ip route 10.20.10.64 255.255.255.192 10.20.10.1
ip route 0.0.0.0 0.0.0.0 10.20.10.1
management-vlan 1
router rip
redistribute static
exit
vlan 20
ip rip
ip rip receive V1-only
ip rip send V1-only
exit
vlan 30
ip rip
ip rip receive V1-only
ip rip send V1-only
exit
vlan 40
ip rip
ip rip receive V1-only
ip rip send V1-only
exit
password manager
=================================

I have 2 client, one on vlan 20 and the other on vlan 30 with static ip.
Still they cannot se each other, but I can ping in 10.20.10.33/49/65....
What I'm missing in this picture ?

My goal is to have a DHCP servers with multiple scopes (one for each vlan), but until now I couldn't make anything becouse the clients cant see the server.

Can somebody help me in this problem.

Thanks.


30 REPLIES
Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

Hi

Except for vlan 20, all IP Helper-address in position and applied to guide vlan members to the DHCP server.

Now :

Create multiple Scopes on the DHCP server for each Vlan and its IP Address Range, now make the Router attribute for each Scope is its vlan IP address.

Example:

Vlan30 ip address is 10.20.10.49, so on the DHCP after you create the Scope for the 10.20.10.49 network, make thr router attribute is Vlan30 IP address (10.20.10.49).


One more thing:
On the default route which is 10.20.10.1, add a static route for every vlan and point it to the default-vlan ip address which is 10.20.10.3 ,

Example: add on your router these static routes:

IP route 10.20.10.33 255.255.255.240 10.20.10.3 ---- this is for vlan 20

IP route 10.20.10.49 255.255.255.240 10.20.10.3 ---- this is for vlan 30


and so on .....

so now you have 2 ways routing between the 5300 and the Main Router.

I hope this information are enough.

Don;t forget to assign points, this is our thanks :)

Good Luck !!!

Science for Everyone
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

When I try to add route it give me this error:

Switch1-4thFL-HP5304XL(config)# ip route 10.20.10.33 255.255.255.240 10.20.10.3

10.20.10.33/28: Inconsistent address and mask.

Indeed, on vlan 20 is not the helper address, I've must forgot'it when I reasign all ip's to vlans.

In DHCP I created scopes exactly how you said, but the problem is yet on the switch.

Thanks.
Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

Hi again,

You are trying to add a static route for your Vlans on the Switch and thats not correct so that you got the error message.

It should be on the router, and it seems you have RIP V1 enabled, but i have no idea if you enabled RIP v1 on your Router ? so that i told you to add a static routes on this router.

For the DHCP Scopes, please be specific when you create the scopes like the IP Address range , Mask , DNS , and the Router attribute which is the most important.

One more thing:
---------------

I have noticed that you have 2524/2650 switches in your network, please be sure to Tagg all the Vlans on each Port of these Switchs which connects them to the Core switch 5300 , otherwise it won;t get an IP Address from the DHCP because no Vlan traffci passed to the DHCP server throw switches Uplinks.
and i noticed that some vlans not tagged to some ports like C3, but no idea about the Edge switches.

Tagging should be on both sides and for all vlans.

Don;t forget points.

Good Luck !!!
Science for Everyone
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

I don't understand very well...
I don't have another router, the sw 5304XL is layer 3,so it has router functionality.

For DHCP scopes, i'll give u some examples:
Scope 20:
range:10.20.10.34/10.20.10.46
gw: 10.20.10.33
mask: 255.255.255.240
DNS:10.20.10.34

Scope30:
range: 10.20.10.50/10.20.10.62
gw: 10.20.10.49
mask: 255.255.255.240
dns: 10.20.10.34

Scope40:
range: 10.20.10.66/10.20.10.126
gw: 10.20.10.65
mask: 255.255.255.192
dns: 10.20.10.34

etc.

Yes, the link between switches is tagged, and the reason that not all vlans have C3 tagged is becouse I've made a test only on vlan20/30/40...to see if it works.
Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

First,

Scopes seem fine to me, and it should work, but it won't.

Second:

Your Main router is the one you included in the 5304 Core switch, just look to the configuration and you will see:
ip route 0.0.0.0 0.0.0.0 10.20.10.1

And this is your defaulr route, or your exit for internet.

Now routing between Vlans is enabled, and ip helper-address command excuted i neach Vlan, so if any Client sent a DHCP request, the Vlan will direct him to the DHCP Server,

And in the DHCP server you have configured DNS to point to your Main Router , the 10.20.10.1

BUT , still your clients in Vlan1 can get an IP from the DHCP because they are in the Same network of the Main Router.

Vlan1 IP is : 10.20.10.3
Router IP is: 10.20.10.1

Summary:
--------

Just look for the Router which connects you to the Internet, and there you should add the static Routes i told you about before , for each Vlan.

Note:
-----

Some Home users ADSL Modem/Routers doesn't support NAT for multiple subnets, so clients in Vlan1 can get internet but not clients on other Vlans.

Good Luck !!!
Science for Everyone
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

I think we've started on wrong foot.
My routes on the running-config
(ip route 10.20.10.0 255.255.255.0 10.20.10.1
ip route 10.20.10.32 255.255.255.240 10.20.10.1
ip route 10.20.10.48 255.255.255.240 10.20.10.1
ip route 10.20.10.64 255.255.255.192 10.20.10.1
ip route 0.0.0.0 0.0.0.0 10.20.10.1)
wore added a couple of days before, but they have no effect on our network enviroment.Now they are removed and everyting is Ok, except my test vlans.
Second, the 10.20.10.1 is a linux server, our gateway,firewall and proxy.

Let's forghet for now that we need internet on these vlans, and focus on routing between them and on DHCP.

This I don't understand "And in the DHCP server you have configured DNS to point to your Main Router , the 10.20.10.1 " ???

My clients don't have a chance to receive a DHCP response from the server ( 10.20.10.34) becouse they can't see it.

I've told you that I can't ping from one into another, but I can ping in all vlan interfaces. ( .33 / .49 / . 65 ), but not 10.20.10.1 becouse in Vlan1 ( default vlan) a don't have a tagged port (Here I can't do enything without affecting all my running netowork enviroment)

thank you.

Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

Why ip routing isn't enough to route between vlans? What else do I have to do ?
Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

Hi

Sorry for not replying back, kinda busy.

I noticed that you have enabled RIP on your Switches, and for what ? i have no idea !!!

I think you have configured RIP to redistribute the connected Vlans Routing Table to the Routers, anyway , You still don't need this RIP enabled.

Disable RIP on the Vlans (anyway its not enabled for all of them), and check the routing between the Vlans.

The command:
ip route 0.0.0.0 0.0.0.0 10.20.10.1
is needed as a default Route.

Now, i want you to do 2 tests for me.

1- Plug your PC in Vlan1 port, and see if you can get an IP address.

2- Plug your PC in Vlan20 port, but before doing that, assign a static IP address for you which is 10.20.10.35 255.255.255.240 and Gatwaway 10.20.10.33 ,

- and try to ping 10.20.10.33
- and ping the DHCP server 10.20.10.34
- and try to ping 10.20.10.1
- and try to ping 10.20.10.3

Give me the results !!!

Points are the way to say thanks :)
Science for Everyone
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

No problem,
I enabled Rip from HP examples
http://www.hp.com/rnd/support/config_examples/5300xl_portbase.pdf

And YES rip is configured to redistribute the connected vlans.

Now,
the vlan 1 is fully operational, in this vlan is the entire firm.
I've created those vlans for test, to prepare for transition.
So, all the computers are connected to vlan1.
In vlan20 is working, I'm getting ip from DHCP and I cand ping in DHCP,in all interfaces (.33/.49/.65). In 10.20.10.1 i can't ping. Perhaps is because I don't have a tagged port (C3 who is present in all the others) in this vlan.

So, how I can route to something that I can't reach.
Port C3 is the link to another switch, on withc are all servers, so I can't play with this port on vlan1.

Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

what i have done with you, is a scenario i done so many times without no issues ,

anyway, your network map that you attached before is not clear since no link between the main 2 switches, and its a simple , so hard to figure out what kind of setup you did.

good luck :)
Science for Everyone
Matt Hobbs
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

The reason that you can't ping VLAN 1 from other VLANs is because you have this line configured in your running-config:

management-vlan 1

When you set a management VLAN it disables routing functionality for that VLAN.

Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

Hello guys,

the problem was from arp, I think.

This morning I didn't do anything except for "show arp", and than boom, it works.
Still it's strange because I've runed this command before, but...now suddenly it worked.
Now I can really start to arrange vlans and to make shure that the VLAN_IT can manage the switches.


Mohieddin Kharnoub
Honored Contributor
Solution

Re: HP 5304Xl inter-vlans routing issue

Congrats.

Assigning points is your thanks :)
Science for Everyone
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

It seems that I still have problems.
It's from arp allright, but I don't understand whats happening.
In the same situation, with 2 clients with static ip's, ping fron one to each other doesn't work, and, after I run clear arp, it works.
After a while...the same problem appears.

What could be the issue?

Matt Hobbs
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

Can you attach a copy of:

1. Your current running-config from all procurve switches.
2. Detailed network map showing what ports are connected to what
3. ipconfig /all output of the clients you are testing with.
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

Ok, I've attached a text file.
Antonio Milanese
Trusted Contributor

Re: HP 5304Xl inter-vlans routing issue

Hello,

>vlan 1
> name "DEFAULT_VLAN"
> untagged A1-A24,B1-B11,B13-B17,B19-B23,C1-C4,D1-D4
> ip address 10.20.10.3 255.255.255.0
> ...
>vlan 20
> name "VLAN_VideoCA"
> untagged B18,B24
> ip address 10.20.10.33 255.255.255.240
>vlan 30
> name "VLAN_EXTRA"
> untagged B12
> ip address 10.20.10.49 255.255.255.240

maybe your problem is the subnetting:
the native VLAN has a wider netmask even if you have assigned the correct
addressing on the vlan interfaces i'll avoid this kind of "overlapping"
expecially if the assigned tagged ports are members of multiple vlans.

> vlan 20
> ip rip
> ip rip receive V1-only
> ip rip send V1-only
Rip v1 support only classfull netmask i.e. no VLSM is this your goal?
Maybe as suggested in a previuos replay you can skip RIP at all
and use only the static default gateway (ip route 0.0.0.0 0.0.0.0)
or turn on RIPv2.

Is this the "running-config" or the stored one? i'll double check that
proxy arp is not enabled anywhere in the network.

Can you post the "show ip route" and the arp entries on the PCs and
switches?

Best regards,

Antonio

p.s. as usual sorry for my broken english
Mohieddin Kharnoub
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

Hi

Antonio, since IP routing is enabled, then RIP is not used for InterValn Routing.

And i already told Marius than its not required unless he has his reasons for using RIP.

What Matt posted before, about Management Vlan is True because it disables routing to this VLAN 1, and it will not be included in the Routing Table.

For Professional Scenario:

1- Change your default Vlan to Someother Vlan (maybe Vlan2006) , and accordingly Change any native Vlan for any cisco devices to this vlan2006 , so your management Vlan is 2006 now.

2- Do whatever you want with Vlan1, if you want to still use it before you shift tio the System.

3- Be sure to check tagging and untagging for Vlan1 after you shift to new System.

4- Your configuration will be after i checked the 1st configuration you posted:
----------------------------------------------
ip default-gateway 10.20.10.1
sntp server 10.20.10.1
ip routing
timesync sntp
time timezone 120
time daylight-time-rule Middle-Europe-and-Portugal
sntp unicast
logging 10.20.10.34
snmp-server community "public" Unrestricted
snmp-server host 10.20.10.143 "public"
snmp-server host 10.20.10.36 "public"
vlan 1
name "VLAN_1"
untagged A1-A24,B1-B11,B13-B17,B19-B24,C1-C4,D1-D4
ip address 10.20.10.3 255.255.255.0
ip helper-address 10.20.10.246
no untagged B12,B18
exit
vlan 20
name "VLAN_VideoCA"
untagged B18
ip address 10.20.10.33 255.255.255.240
tagged C3
exit
vlan 30
name "VLAN_BONUS"
untagged B12
ip address 10.20.10.49 255.255.255.240
ip helper-address 10.20.10.34
tagged C3
exit
vlan 40
name "VLAN_QA"
ip address 10.20.10.65 255.255.255.192
ip helper-address 10.20.10.34
tagged C3
exit
vlan 60
name "VLAN_ProdOEM"
ip helper-address 10.20.10.34
exit
vlan 70
name "VLAN_HR_ACC"
no ip address
ip helper-address 10.20.10.34
exit
vlan 80
name "VLAN_SERVERS"
no ip address
ip helper-address 10.20.10.34
exit
vlan 2006
name "VLAN_Mngmt"
ip address a.b.c.d
ip helper-address 10.20.10.34
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
ip route 0.0.0.0 0.0.0.0 10.20.10.1
management-vlan 2006
password manager
----------------------------------------------

Now please check the configuration according to your requirements, some vlans in your first post removed from the last one, and check the Vlan1 tagginf and untagging.

If you want to keep Vlan1 as your default Vlan without changing to Vlan 2006, then remove the management-vlan command line from your configuration.

Good Luck !!!
Science for Everyone
Matt Hobbs
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

I think the reason you have to keep on doing a 'clear arp' is because you have an IP address conflict, both the 5300 and 2500 are using 10.20.10.33 on VLAN 20. You should remove this from the 2500.

I also agree with Antonio regading VLAN1, you should change it's subnet to not overlap. Change it to 255.255.255.240 or something else that fits in with your addressing scheme.

If you are planning for VLAN1 to also participate in routing, you will need to set 'no management-vlan 1'.
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

I think the reason you have to keep on doing a 'clear arp' is because you have an IP address conflict, both the 5300 and 2500 are using 10.20.10.33 on VLAN 20. You should remove this from the 2500.

Remove the IP fron the other switches ? And what ip address should I use for all vlans on the other switches??

On vlan1 I can't do any changes because this is the current vlan in witch are all servers,clients in the firm. And if I make something wrong ....

I don't want to use vlan1. After all the vlans are created then all the network will be on these vlans, no vlan1.
And, I removed the management vlan1...

Matt Hobbs
Honored Contributor

Re: HP 5304Xl inter-vlans routing issue

The 2500 doesn't really require an IP address on VLAN 20 at all. You can manage it from the VLAN 1 address.

If you do want an IP address on VLAN 20, then you need to use a unique address, maybe 10.20.10.34?
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

So on the other switches I need only to have the vlans, with ip config DISABLED ??

And, for test I've removed the ip from all my vlans, but still I have to make an clear arp to make'it work, for a while :(

HP5304XL- ip route
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
10.20.10.0/24 DEFAULT_VLAN 1 connected 0 0
10.20.10.32/28 VLAN_VideoCA 20 connected 0 0
10.20.10.48/28 VLAN_EXTRA 30 connected 0 0
127.0.0.0/8 reject static 0 250
127.0.0.1/32 lo0 connected 0 0
Marius_rg
Advisor

Re: HP 5304Xl inter-vlans routing issue

Everyting seems to be ok, but after a while, it stops routing.
If I clear arp is working, and then...NO

What is wrong ?
Antonio Milanese
Trusted Contributor

Re: HP 5304Xl inter-vlans routing issue

Hello,

Matt Hobbs :
>I think the reason you have to keep on
>doing a 'clear arp' is because you have an
>IP address conflict, both the 5300 and 2500
>are using 10.20.10.33 on VLAN 20. You
>should remove this from the 2500.
good point..i've missed this one when i've read the configs!

Mohieddin Kharnoub:

sure yours observations are correct but i
still suggest to avoid subnet overlapping
at least if dont have a good reason to
summarize the routing tables or some other
needs.When i deal with ip addressing i'm
a big fan of KISS approach!

Marius_rg:

Well your routing table show the overlapping
entries i've told above..i really suggest
to adjust the subnet mask for VLAN 1.
Another observation is that port 25 on the
2500 as uplink trunk is member of both tagged VLANs and unttaged
VLAN 1: since the 2500 series has a
single istance forwarding database this
may cause problem with the overlapping
routing table aforementioned.

As suggested by Matt remove the duplicate ip
on the 2500 and if you still need to clear
the arp cache post those entries and
the table of MAC learned by each VLAN on
trunk port.

Best regards,

Antonio