HPE Community
Switches, Hubs, and Modems
1753767 Members
5426 Online
108799 Solutions
New Discussion юеВ

VLAN Routing on ProCurve 2900

 
BJ Selman
New Member

тАО03-19-2008 10:57 AM

тАО03-19-2008 10:57 AM

VLAN Routing on ProCurve 2900

I have set up 2 Vlans: Default for our corp network (172.17.2.x) and iSCSI for our SAN traffic (10.80.2.x). By adding a route on my computer using the route add command, I can see the iSCSI subnet. However, isn't there a way to set the route on the 2900 itself, so that the traffic is "hard-routed" and a user cannot just add a route and gain access to the iSCSI vlan? I cannot find a CLI Command Line reference to this.
Also, I changed the IP of my iSCSI Vlan and the first IP I set (172.17.200.6) is still showing in the config. How do I remove it?
Thanks in advance,
BJ

Here is my show config:

Startup configuration:

; J9049A Configuration Editor; Created on release #T.12.52

hostname "ProCurve Switch 2900-24G"
snmp-server contact " "
snmp-server location " "
max-vlans 12
time timezone -6
time daylight-time-rule Continental-US-and-Canada
console baud-rate 57600
console inactivity-timer 20
web-management ssl
module 1 type J86xxA
module 3 type J90XXA
interface 1
flow-control
exit
interface 2
flow-control
exit
trunk 1-2 Trk1 Trunk
ip routing
ip timep manual 172.17.2.15
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 3-22,A1-A4,Trk1
ip address 172.17.2.5 255.255.255.0
no untagged 23-24
jumbo
exit
vlan 2
name "iSCSI"
untagged 23-24
ip address 172.17.200.5 255.255.255.0
ip address 10.80.2.6 255.255.255.0
exit
router rip
exit
spanning-tree Trk1 priority 4
0 Kudos
2 REPLIES 2
Geir Olav Skei .
Advisor

тАО03-19-2008 12:36 PM

тАО03-19-2008 12:36 PM

Re: VLAN Routing on ProCurve 2900

Hi BJ

If you had a switch supporting Access Control Lists, you could filter traffic using that.

But with only these two VLANs in your configuration I do not quite see _why_ you have routing enabled if clients in vlan 1 is not supposed to have access to the iSCSI vlan anyhow.

Maybe just turn off ip routing?
- Command: No ip routing


Also, I changed the IP of my iSCSI Vlan and the first IP I set (172.17.200.6) is still showing in the config. How do I remove it?
- Command: 2900(config)# no vlan 2 ip address 172.17.200.5 255.255.255.0


Hope this helps.

--Gos
0 Kudos
BJ Selman
New Member

тАО03-24-2008 09:03 AM

тАО03-24-2008 09:03 AM

Re: VLAN Routing on ProCurve 2900

We are deploying vmware, so the SAN will be on its own subnet. The management stations will need to be able to traverse between the subnets. So going back to my original question: can you route the IP's on the switches themselves?

I think the 2900's use ACL's, and I will probably utilize that either way...

That command did remove the other IP. Thanks.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.