Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

How to connect a vlan through 2 switches 2626

Juanjo_1
Frequent Advisor

How to connect a vlan through 2 switches 2626

I have 2 switches 2626, each one in separated buildings, connected through fiber.

In one switch I have 2 vlan's, vlan 1 (default) and 2. In the other switch there's just configured vlan 1 (default).

Now I want to extend vlan 2 to the other building. So I followed the steps:

- I've created the vlan 2 in the other switch
- I've assigned untagged ports to the vlan 2 in the switch 2
- I've tagged the fiber port on swtich 1 to the vlan 2
- I've tagged the fiber port on switch 2 to the vlan 2
- I've assigned IP's to the vlan 2 in the switches 1 and 2 of the same range

I can't ping from one switch to the other from the console, of course the two switches cannot communicate in the vlan 2, the vlan 1 works OK.

What am I missing?

I've tried enabling and disabling IP routing, creating a trunk group and tagging the trunk group to the vlan 2...
25 REPLIES
groque
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

apply gvrp on both switches then you should be good to go.

so do this

1. configure the connections between both switches make sure they can ping each other
2. enable gvrp on both switches
3. show vlan on switch 2 to make sure the vlans are there
4. once u have the vlans convert the dynamic vlan to a static vlan then your all good to go

Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

Thank you Grogue for your response.

I've tried enabling gvrp on both switches, but the result is the same, I can't ping each other switch. I thought GVRP is the protocol for dynamic vlans, I want to configure static vlan.

Should I define a Management VLAN? Or that's not important in that case?

Should I disable LACP? Or should I define one of the LACP as active?...

I'm sure I'm very near but something is missing or misconfigured.

Right now each switch has 2 IP's defined, one for vlan 1 and other for vlan 2, from the IP range of vlan 1 I can ping each switch, but using the IP range of vlan 2 ping doesn't work.
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

trunk groups lacp gvrp should be not necessary at this moment.
You don't need to create a management vlan first.

first check connecticvity between ports of different switches within the same vlan.
(vlan-1 was OK, so)
connect a workstation in vlan-2 on each switch (with adresses in same subnet) and see if they can connect.
At this time no routing is involved, only L2 connection within vlan-2.
So, if no connection, first check the vlan tagging on the connecting port(s).

if switch-2 only has a vlan-2 adress then this switch should be able to connect to switch-1's ip-adress on vlan2.

only one of the switches will do the routing, so:
enable ip routing on switch-1.

On switch-2 you can configure the default-gateway or you can create a static route on switch-2 pointing to switch-1's address (in vlan-2).

on switch-1 (that has routing enabled) the default-gateway statement is ignored, you can only use static routes (ip route ....)


on all endpoint configure swith-1's adress as default-gateway.
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

I've followed your advice, I've connected two workstations, one in each switch in vlan 2, they have an IP address of the same range but they can't ping each other.

Stations in vlan 1 (DEFAULT_VLAN) works properly.

switch 1 have ports configured in vlan 2 in that way:

Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : DMZ
Status : Port-based Voice : No

Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
19 Untagged Learn Up
20 Untagged Learn Down
21 Untagged Learn Up
22 Untagged Learn Up
23 Untagged Learn Down
24 Untagged Learn Up
25 Tagged Learn Up

And switch 2:

Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : DMZ
Status : Port-based Voice : No

Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
1 Untagged Learn Down
25 Tagged Learn Up


Ports 25 are the fiber channel, and both 25 ports are configured equal in both switches, they are tagged, so the traffic of vlan 1 and vlan 2 should work properly, but the workstation I plugged into port 1 of switch 2 can't ping any worstation of switch 1.

Any ideas?

Thank you in advance.
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

lets do one step at a time

you plug in a workstation with a vlan-2 ip-address on port-1 of switch-2
can it ping the switch2 ip-adress ?

It may help if you post a "show running-config" of both switches.
Jorge Pons
Trusted Contributor

Re: How to connect a vlan through 2 switches 2626

Hi Juanjo

Can you show both configurations?

Regards, Jorge
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

Yes, the workstation in port 1 of switch 2 can ping the IP of vlan 2 on the same switch 2.

The running config of the switches:

Running configuration Switch1:

; J4900B Configuration Editor; Created on release #H.10.50
interface 21
speed-duplex 100-full
exit
interface 25
lacp Active
exit
ip default-gateway 192.168.1.1
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1-18,25-26
ip address 192.168.2.205 255.255.255.0
no untagged 19-24
exit
vlan 2
name "DMZ"
untagged 19-24
ip address 192.168.1.205 255.255.255.0
tagged 25
exit
gvrp
no stack


Running configuration Switch2:

; J4900B Configuration Editor; Created on release #H.10.50

time timezone 2
ip default-gateway 192.168.1.205
vlan 1
name "DEFAULT_VLAN"
untagged 2-26
ip address 192.168.2.208 255.255.255.0
no untagged 1
exit
vlan 2
name "DMZ"
untagged 1
ip address 192.168.1.208 255.255.255.0
tagged 25
exit
no stack

By default all interfaces have LACP activated in Passive mode, I've disabled GVRP since I want to configure static VLAN's.

The route table of switch 1:

sho ip route

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
127.0.0.0/8 reject static 0 250
127.0.0.1/32 lo0 connected 0 0
192.168.1.0/24 DMZ 2 connected 0 0
192.168.2.0/24 DEFAULT_VLAN 1 connected 0 0


Jorge Pons
Trusted Contributor

Re: How to connect a vlan through 2 switches 2626

HI

Why you don´t put tagged port 25 in VLAN1?
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

I thouhgt one port should be untagged in at least one VLAN and tagged in all the others VLAN's.

Should port 25 be tagged in all VLAN's?
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

do a "show lacp"
lacp is enabled on portlevel, but also configured globally?

from mgmtconfig guide:
In the default configuration, all ports are configured for passive LACP. However,
if LACP is not configured, the port will not try to detect a trunk configuration
and will operate as a standard, untrunked port.
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

about vlan tagging
yes, one vlan untagged others tagged is a valid configuration.

but to avoid misconfigs where ports at both sides are untagged in different vlan's, you may consider to use tagged-only traffic on ports enabled for multiple vlans.
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

On friday I configured LACP of port 25 in Active mode, I readed somewhere that One of the port should be configured as Active, but it didn't work.

#sho lacp

LACP

PORT LACP TRUNK PORT LACP LACP
NUMB ENABLED GROUP STATUS PARTNER STATUS
---- ------- ------- ------- ------- -------
1 Passive 1 Up No Success
2 Passive 2 Up No Success
3 Passive 3 Up No Success
4 Passive 4 Up No Success
5 Passive 5 Up No Success
6 Passive 6 Up No Success
7 Passive 7 Up No Success
8 Passive 8 Up No Success
9 Passive 9 Up No Success
10 Passive 10 Up No Success
11 Passive 11 Up No Success
12 Passive 12 Up No Success
13 Passive 13 Up No Success
14 Passive 14 Up No Success
15 Passive 15 Up No Success
16 Passive 16 Up No Success
17 Passive 17 Up No Success
18 Passive 18 Up No Success
19 Passive 19 Up No Success
20 Passive 20 Down No Success
21 Passive 21 Up No Success
22 Passive 22 Up No Success
23 Passive 23 Down No Success
24 Passive 24 Up No Success
25 Active 25 Up Yes Success
26 Passive 26 Up No Success
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

Your output shows LACP does work :
25 Active 25 Up Yes Success

trunking on procurve is LACP Link Agergation, it's not vlan-trunking as on Cisco.
for Link Agregation you need a second port connected between the two switches (eg. port-26).
then LACP can dynamically trunk the two ports.
this stands apart from using vlan's.

see attachment
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

Yes, that's not my case, I just want to work with VLAN's, I don't care about LACP, I suppose it could be even disabled.

Any ideas why I can't ping two workstations through the the tagged ports?
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

don't see it yet,

vlan1 is untagged, vlan2 is tagged on the connecting ports (port-25) of both switches, that should be enough.
lacp should not block this
gvrp (still enabled on switch1) should not block this.
you haven't posted the whole config, but i asume you haven't any portbased ACL's or "forbid" rules configured.

I want to check if both vlan's are active on the interconnecting link.
please do a "show vlan" or "show vlan port 25" on both switches

you can also use "show logging" (both switches) to see if any clues are found in the switches eventlog.
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

Switch 1# sho vlan 2

Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : DMZ
Status : Port-based Voice : No

Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
19 Untagged Learn Up
20 Untagged Learn Down
21 Untagged Learn Up
22 Untagged Learn Up
23 Untagged Learn Down
24 Untagged Learn Up
25 Tagged Learn Up

Switch 2#sho vlan 2

Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : DMZ
Status : Port-based Voice : No

Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
4 Untagged Learn Up
25 Tagged Learn Up
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

thanks, but i suggested using another command.

apearently you changed switch-2's config?
you suplied previously this info:

switch 2:

Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : DMZ
Status : Port-based Voice : No

Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
1 Untagged Learn Down
25 Tagged Learn Up


vlan 2
name "DMZ"
untagged 1
ip address 192.168.1.208 255.255.255.0
tagged 25
exit

So no port-4 in vlan-2.
What are the current config's
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

I've changed the port in switch 2 for the vlan 2 because port 1 is in use for another service.

So the good config is the last I have posted.

Thank you,
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

I've changed again the port of the vlan 2 in the switch 2, now I'm using port 15.

Is there any way I could monitor why there's no traffic between the two switches? Because the log's output is very short...

---- Reverse event Log listing: Events Since Boot ----
I 09/08/09 09:53:47 ports: port 15 is now off-line
I 09/08/09 09:42:27 ports: port 15 is now on-line
I 09/08/09 09:42:27 ports: port 15 is Blocked by LACP
I 09/08/09 09:42:25 ports: port 15 is now off-line
I 09/08/09 09:42:23 ports: port 15 is Blocked by LACP
I 09/08/09 09:39:46 ports: port 15 is now off-line
I 09/08/09 09:33:35 ports: port 15 is now on-line
I 09/08/09 09:33:32 ports: port 15 is Blocked by LACP

Port 15 goes on-line and off-line because the workstation that's plugged into goes to hibernate very frequently.

If you need more information or you need more config information tell me how can I help you to help me.
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

ProCurve> show logging
Lists recorded log messages since last reboot.
ProCurve> show logging -a
Lists all recorded log messages, including those before the last reboot.

Yes the logging seems very short.
try the -a option, offcourse i'm specially interested in lines regarding port-25 vlan2 and vlan1
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

you can increase the logging level using :
console events
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

I've attached the log of the last 3 days of the 2 switches.
Juanjo_1
Frequent Advisor

Re: How to connect a vlan through 2 switches 2626

Problem solved, It had to be a nonsense.

A "sho cdp neighbor" has showed me the error, port 25 of the switch 1 is NOT connected to switch 2...

I've made the necessary changes and now it works perfectly.

Thank you everybody.
Pieter 't Hart
Honored Contributor

Re: How to connect a vlan through 2 switches 2626

Yes looks like it was port-26

I 01/01/90 00:00:24 ports: port 26 is now on-line