HPE Community
Switches, Hubs, and Modems
1753970 Members
7519 Online
108811 Solutions
New Discussion юеВ

Re: Procurve 2824 automatic routing problem

 
Brian Debelius
Occasional Advisor

тАО03-05-2004 08:40 AM

тАО03-05-2004 08:40 AM

Procurve 2824 automatic routing problem

I am having problems with routing. I have to networks, a 10.0.0.0/23 and a 10.8.0.0/23.

When I connect servers to the switch, all the 10.0 ip's can ping each other and all the 10.8 ip's can ping each other.

The 10.0 ip's can ping all the 10.8 ip's, but none of the 10.8 ip's can ping the 10.0.

The switch is using the default configuration.

brian-
0 Kudos
11 REPLIES 11
Ron Kinner
Honored Contributor

тАО03-06-2004 02:38 PM

тАО03-06-2004 02:38 PM

Re: Procurve 2824 automatic routing problem

Something very strange going on here. If you can ping in one direction you should be able to ping in the reverse direction since the echo reply has to get back to the source of the ping and it can't do that if the routing is messed up.

Assuming your masks are correct each PC on one subnet should recognize an address on the other subnet as being a remote address and then check the routing table to see what to do. You might look at
netstat -rn
on each server and see if you see anything odd. I assume you use a default gateway - if so what is it? Is it an address on the switch or is there a router somewhere? I would suspect there is a router somewhere since you say you are using the default configuration. If this is the case then the router is probably doing your routing and is also filtering pings (ICMP echo requests). Ask your router admin to allow the pings.

If the switch were to do the routing then it would have to have two IP addresses assigned to it. Each in a separate VLAN. Then the servers would use the IP address of the switch in their VLAN as the gateway to the servers in the other subnet/VLAN.

If the default gateway on each PC is itself then your routing is being done by proxy arp. When you send out a packet the PC arps for the MAC and a router on the same LAN which knows how to get there will respond with its own MAC and route it for you. Again the router is the problem and is probably filtering the pings in one direction.

Lots of network admins have started filtering out pings because they are used by many worms to find other PCs to infect.

You can also try a trace from one of the 10.0. boxes

traceroute 10.8.x.y
or for a window box
tracert -d 10.8.x.y
where 10.8.x.y is an address on the other subnet.

Ron
0 Kudos
Jerome Henry
Honored Contributor

тАО03-07-2004 07:20 PM

тАО03-07-2004 07:20 PM

Re: Procurve 2824 automatic routing problem

You should have a router somewhere, as Ron says. It would be interesting to see its configuration.

When you say default configuration, do you mean just turn it on ? Or did you install standard VLAN settings ? A swicth should work on layer two, not bothering about IP. A layer 3 stuff is around, wether a router or a config, letting icmp 8 going a way and not icmp 0 back...

J
You can lean only on what resists you...
0 Kudos
OLARU Dan
Trusted Contributor

тАО03-07-2004 08:30 PM

тАО03-07-2004 08:30 PM

Re: Procurve 2824 automatic routing problem

Maybe "ip subnet-zero" should be set on the router, if this is a Cisco. 10.0.0.0/23 is the zero subnet of the private class A 10.0.0.0/8. Or maybe use 10.1.0.0/23 instead.

Cheers,
Dan
0 Kudos
Brian Debelius
Occasional Advisor

тАО03-08-2004 01:04 AM

тАО03-08-2004 01:04 AM

Re: Procurve 2824 automatic routing problem

I want to use the switch for routing. Trying to identify where/what the problem is, I have simplified the network down to just the switch and 2 servers.

There is not other router on the network.

The network consists of just the 2824 switch, one server with a 10.0/23 address with its nic as the gateway, and one server with a 10.8/23 address with its nic as the gateway.

The 2824 switch is in its default, out of the box and plug it in, configuration.
0 Kudos
Jerome Henry
Honored Contributor

тАО03-08-2004 01:21 AM

тАО03-08-2004 01:21 AM

Re: Procurve 2824 automatic routing problem

So it seems that you have to set up routing on your switch... :]
10.0 goes everywhere, as it's the default network, whatever is your subnet mask, as stated. But 10.8 can't as nothing routes packets from that subnet.
Set up your switch, if you can, to route 10.8 to 10.0 and reverse...

hth

J
You can lean only on what resists you...
0 Kudos
Brian Debelius
Occasional Advisor

тАО03-08-2004 01:28 AM

тАО03-08-2004 01:28 AM

Re: Procurve 2824 automatic routing problem

How do I configure the switch to do this?


>>>>>So it seems that you have to set up routing on your switch... :]
10.0 goes everywhere, as it's the default network, whatever is your subnet mask, as stated. But 10.8 can't as nothing routes packets from that subnet.
Set up your switch, if you can, to route 10.8 to 10.0 and reverse...
0 Kudos
Jerome Henry
Honored Contributor

тАО03-08-2004 02:29 AM

тАО03-08-2004 02:29 AM

Re: Procurve 2824 automatic routing problem

But this implies that you set up a router function on your switch ! It's possible only if you use VLAN. Otherwise, you switch can have only one IP address !

It would be easier to set up a real router... Tell us if your really want to try VLAN setting up...
All manuals are her, BTW
http://www.hp.com/rnd/support/manuals/2800.htm

J
You can lean only on what resists you...
0 Kudos
Ron Kinner
Honored Contributor

тАО03-08-2004 05:52 AM

тАО03-08-2004 05:52 AM

Re: Procurve 2824 automatic routing problem

Your switch is by default set to use DHCP/bootp to get an IP address. If there is no server then you have to manually give it an IP address. This first address is usually on VLAN 1 which is the default VLAN. To get routing to work you would have to also create a VLAN 2 and assign a second IP address to it. Then you would tell the server connected on the VLAN1 port to use the first IP address as its default gateway and the server on the VLAN2 port to use the second IP address as its default gateway. Then everybody will be happy.

When you create VLAN2 do not tag the ports.
vlan 1 name test1
vlan 1 untagged 1-12
vlan 2 name test2
vlan 2 untagged 13-24

To assign an IP address with 23 bit mask to a VLAN x the command is:

vlan x A.B.C.D 23

so if you want to assign 10.0.0.1 to vlan 1

vlan 1 10.0.0.1 23

and 10.8.0.1 to VLAN 2

vlan 2 10.8.0.1 23

Now tell the server on vlan 1 (plugged into port 1) to use 10.0.0.1 as its default gateway. Tell the server on vlan 2 to use 10.8.0.1 as its default gateway. (If the server on 1 is an HPUX 10.3 or newer you may need to turn off subnet checking with ndd.)

Ron
0 Kudos
Brian Debelius
Occasional Advisor

тАО03-08-2004 09:02 AM

тАО03-08-2004 09:02 AM

Re: Procurve 2824 automatic routing problem

>>>>>Your switch is by default set to use DHCP/bootp to get an IP address. If there is no server then you have to manually give it an IP address.<<<<

Ok, I did this. Below is the configuration of the switch and servers. I noticed something new also.

Vlan1 is 10.0.0.2/23
Vlan2 is 10.8.0.1/23
Server1 is 10.0.0.10/23 GW 10.0.0.2
Server2 is 10.8.0.10/23 GW 10.8.0.1

Server1 can ping VLAN1(10.0.0.2) and VLAN2(10.8.0.1) and Server2(10.8.0.10)

Server2 can ping VLAN2(10.8.0.1) and VLAN2(10.0.0.2) but *not* Server1(10.0.0.10)

New behavior: When Server2(10.8.0.10) pings Server1(10.0.0.10) I get a 'Request timed out'. But if I disconnect the cable for Server1, the response changes to 'Destination Unreachable'.

**Network Configs below - also attached if the formatting gets screwed up**

**** 2824 Configuration ****

P ProCurve Switch 2824# show config

Startup configuration:

; J4903A Configuration Editor; Created on release #I.07.31

hostname "HP ProCurve Switch 2824"
cdp run
ip default-gateway 10.0.0.1
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-4,9-24
ip address 10.0.0.2 255.255.254.0
no untagged 5-8
exit
vlan 2
name "Test Network"
untagged 5-8
ip address 10.8.0.1 255.255.254.0
exit


**** VLAN 1 ****

Server IP 10.0.0.10/23
Gateway IP 10.0.0.2/23

===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.2 10.0.0.10 10
10.0.0.0 255.255.254.0 10.0.0.10 10.0.0.10 10
10.0.0.10 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.10 10.0.0.10 10
255.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 1
Default Gateway: 10.0.0.2
===========================================================================


Pinging 10.0.0.2 with 32 bytes of data:

Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64

Pinging 10.8.0.1 with 32 bytes of data:

Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64

Pinging 10.8.0.10 with 32 bytes of data:

Reply from 10.8.0.10: bytes=32 time=1ms TTL=127
Reply from 10.8.0.10: bytes=32 time<1ms TTL=127
Reply from 10.8.0.10: bytes=32 time<1ms TTL=127
Reply from 10.8.0.10: bytes=32 time<1ms TTL=127

**** VLAN 2 ****

Server IP 10.8.0.10/23
Gateway IP 10.8.0.1/23

===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.8.0.1 10.8.0.10 10
10.8.0.0 255.255.254.0 10.8.0.10 10.8.0.10 10
10.8.0.10 255.255.255.255 127.0.0.1 127.0.0.1 10
10.255.255.255 255.255.255.255 10.8.0.10 10.8.0.10 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.8.0.10 10.8.0.10 10
255.255.255.255 255.255.255.255 10.8.0.10 10.8.0.10 1
Default Gateway: 10.8.0.1
===========================================================================

Pinging 10.8.0.1 with 32 bytes of data:

Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64
Reply from 10.8.0.1: bytes=32 time<1ms TTL=64


Pinging 10.0.0.2 with 32 bytes of data:

Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64
Reply from 10.0.0.2: bytes=32 time<1ms TTL=64


Pinging 10.0.0.10 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.




0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.