Switches, Hubs, and Modems
Showing results for 
Search instead for 
Did you mean: 

Help with routing VLANS

Occasional Contributor

Help with routing VLANS

I am trying to configure my switch to allow vlan2 (iscsi) to see traffic on the default vlan (vlan1) on the 2910al switch in order to access a NTP & DNS server.

We currently have a HP5406zl switch (connected to the backbone and this gets us out on the internet via a cisco router) configured with only a default vlan.

Default Vlan – all ports untagged (A1-D-24)
This primary switch connects (from port A5) to a HP2010al-48 switch (on port 47) that contains 3 vlans.

Vlan1 Default_vlan (actual ip of the swicth)
Untagged Ports 12,15,17,19,21,23,25-36,38,40,42,44-48
Tagged Ports 2,6,10,41,43 (part of VLAN2)

Vlan2 – ISCSI
Untagged 1-12, 37,39,41,43
(ports 2,6,10,41,43 Nodes need to see traffic on VLAN1 in order to see a DNS and NTP server)

Vlan3 – Vmotion (this vlan is fine & needs to continue to be isolated)
Untagged 14,16,18,20,22,24

I think I need to turn on “ip routing” on the 2910al switch. How do I disable this ip-routing if this doesn’t work? What is the proper command through the CLi since I cannot do this in the GUI.

If I turn ip routing on, will this allow the assigned ports from VLAN2 to connect to the DNS & NTP servers that reside on the default Vlan in my current configuration? Does this create a huge amount of traffic on the network.

I also think that I need to set each VLANs proper gateway. Is the gateway the ip address that I have assigned to each VLAN? E.g., vlan 2 ip address subnetmask gateway setting (from the IP configuration screen in the GUI)

I also think all nodes connecting to it’s VLAN needs to have it's gateway properly assigned;
e.g., ISCSI SAN would have as the gateway under it’s TCPIP settings.

Since VLAN1 is the default vlan on both switches and carry the same gateway settings (as well as all nodes that connect to both default vlans on each switch), do I need to reconfigure anything on the ports that connect the 2 switches (A5 and port 47)? Or do I need to create an whole new vlan on the 2910al and replace the default vlan with a whole new gateway? If I do this, how do I make sure that this new vlan can access the other switch?

I will be scheduling downtime to actually do this since this is all in production. I do not have any layer 3 switches that I can test this on.
Pieter 't Hart
Honored Contributor

Re: Help with routing VLANS

the following information can be found in many posts on this forum:

1) give each vlan an ip address (and put ports untagged in the vlan)
vlan 1
untagged A1-A4
ip address
vlan 2
name "NEW_VLAN"
untagged A5-A9
ip address

2) then enable routing
ip routing
(disable = "no ip routing")

3) if an external router is present add a default route
(eg internet router on default vlan with adress ".2")
ip route

this router must also "know" the subnet behind the switch (a route back)
ip route

hosts in default vlan must have as default gateway
hosts in vlan-2 vlan must have as default gateway
(both to the switch)
The switch redirects traffic to the external router if neccessary.

does this help?

(addjust ports and adresses for your situation)
Respected Contributor

Re: Help with routing VLANS


to turn on routing via cli

conf t
ip routing
wr mem

disable routing with

conf t
no ip routing
wr mem

the clients in vlan 2 needs to have the as there gateway
the cisco router needs a route to vlan 2
ip route
whithout that route the dns and ntp server can't answer

caution... then you all systems on vlan 1 and vlan 2 can communicate..