HPE Community
Switches, Hubs, and Modems
1753629 Members
5825 Online
108798 Solutions
New Discussion юеВ

Re: Inter vlan communication 3500yl - Sharing named newtork share across 2 vlans same switch

 
Owen Griffiths
New Member

тАО04-17-2008 01:35 AM

тАО04-17-2008 01:35 AM

Inter vlan communication 3500yl - Sharing named newtork share across 2 vlans same switch

I need a linux server to belong to two vlans on the the same witch (vlans 1&3).

This is a file server for vlan 1 - which has 12 Video editing workstations attached.

I require access to a named network share from this server to an addtional lan (our office network), currently residing on an entirely different layer 2 switch.

NB I require a direct path from our editing workstations to the server, and from the server to either vlan 3 or this additional lan or switch.

The server is fully populated so it is not possible to add another NIC for comms to the office network.

Currently we are using a workstation with 2 NICs, one on each lan, as a file dumping ground to transfer files between editing and office lans.

The major obsticle is that the video editing PCs can not run with security, i.e. no anti-virus etc.

So, in short I require a solution that makes the server visible to our office network whilst hiding / securing our editing PCs.

A quick research of these forums suggests that I need to set IP on each of the vlan and set up routing between vlans, and enable rules to specify that only the path to the server is accessable from vlan 3.

To elaborate, our linux video server attaches to the procurve switch via 2 10Gb Copper links.

The switch has been configured by the server manufacture as follows:

vlan ID 1:
ports 1 to 12 'untagged'
13 to 24 set to 'NO'
a1, a2, & a4 (10Gb ports) 'untagged'
a3 set to 'NO'

vlan ID 2:
ports 1 to 12 set to 'NO'
13 to 24 'untagged'
a1, a2, & a4 (10Gb ports) 'NO'
a3 set to 'untagged'

So I would lkie to set up a third vlan, i.e

vlan ID 3:
.... this is where I am stuck!

I would like port 1 available as part of this vlan (to connect to another unmanaged switch) sharing a netowrk resource from our linux server on the 10Gb port a2.

Basically I want to share a2 on to vlan 3 without being able to see any other IP addresses on vlan 1.

Thanks
0 Kudos
2 REPLIES 2
Colonelk
Frequent Advisor

тАО04-18-2008 01:33 AM

тАО04-18-2008 01:33 AM

Re: Inter vlan communication 3500yl - Sharing named newtork share across 2 vlans same switch

Owen

If the network card in your Linux server is vlan aware then you can make it a tagged member of one vlan and an untagged member of another.

Normally though, computers are configured to be untagged members of one vlan. So in that case 2 NIC's would be required in your linux server (one configured as an untagged member of vlan 1, and the other as an untagged member of vlan 3)

Another way of segregating traffic on modern switches is by use of Access control lists (ACL). I've not got into that though so you would need to refer to documentation for further help. Perhaps someone with more experience of these things can help you (i'm still a relative noob to be honest!) :)

Regards

Tino
0 Kudos
Joel Belizario
Trusted Contributor

тАО04-18-2008 08:18 AM

тАО04-18-2008 08:18 AM

Re: Inter vlan communication 3500yl - Sharing named newtork share across 2 vlans same switch

Hi Owen,

Your description is a bit hard to follow (at least for me), would it be possible to diagram what you have and what you are proposing to do?

Is VLAN 2 your office VLAN? It's not stated explicitly. Also it's unclear where the unmanaged switches are in your network.

Cheers,
Joel
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.