HPE Community
Switches, Hubs, and Modems
1753575 Members
6051 Online
108796 Solutions
New Discussion юеВ

Re: ip routing

 
hiii
New Member

тАО07-02-2009 12:59 PM

тАО07-02-2009 12:59 PM

ip routing

i have enabled ip routing in my 5406zl switch.all my vlans are able to share the internet.but they are communicating btw each odr.also no vlans are able to communicate with the printer in vlan 1.my vlan 1 ip is 10.29.0.10/8
and vlan are in the range of 10.29.x.x/24??
can any1 help???
0 Kudos
6 REPLIES 6
Pieter 't Hart
Honored Contributor

тАО07-02-2009 11:14 PM

тАО07-02-2009 11:14 PM

Re: ip routing

at first i would not use a 10.0.0.0/8-"supernet" on a different vlan aside the 10.x.x.0/24-subnets.
adress 10.29.n.n/8 can occur on vlan1 and 10.29.n.n.n/24 another vlan!
whereto must the switch route?
I'd advise changeing the /8 to a /24 too.

are you sure you need /8 on the printer?
in this setup the printer thinks it can address all 10.0.0.0/8 adresses directly.
So it does not send it to it's default-gateway to route to another subnet.
I'd advise changeing the /8 to a /24 once more.

if the /8 is really necessary, you may try if you can configure static router on the printer for the /24 subnets?
0 Kudos
hiii
New Member

тАО07-03-2009 01:56 AM

тАО07-03-2009 01:56 AM

Re: ip routing

actually this is a growing network,that is the reason of using 10.29.0/8.
the issue is not only about the printer,even aftr enabling the ip routing command,there is no communication btw the vlans.am not able to ping a pc vlan1 to vlan 2 or odr and vice versa.
From the core switch(5406zl)am able to reach the router,all ma vlan interace and the edge switch(2610).
Whereas frm the edge switch am able to reach the default vlan,the ip of core switch aand the router.but not possible to reach odr vlan interfaces.
also when i connect a pc to any of the vlans in the edge switch,from the pc am able to reach the router,the core switch,bt not able to reach the ip of thr edge switch.
i dnt knw wats wrong.cud u suggest any ideas???
0 Kudos
Pieter 't Hart
Honored Contributor

тАО07-03-2009 02:34 AM

тАО07-03-2009 02:34 AM

Re: ip routing

Hi there,

your subnets overlap!
a 10.0.0.0/8-host will never use any router to reach the 10.29.x.x/24-vlan.
it will think it lies within it's own subnet and try to communicate directly!
So this will never work!

The only way to make it work (keep 10.0.0.0/8 parallel to 10.29.x.x/24) then every device on the 10.0.0.0/8 network needs to know it must send data to 10.29.x.x/24 through the 5404 as router, for all vlan's!
every device needs static routes configured for every vlan you add to your network!
you may "summarize" this by a single static route for 10.29.x.x/16 to the 5404.
But on every device added to vlan you must manually add this route.
This situation technically can work but in the end is unmanageable.
you or someone else forgets this "extra" at a time and wonder why a new pc cannot communicate with the vlan's.
so don't do this at home :-)

It may be an idea to migrate to 192.168.n.0/24 subnets on your vlan's?
and keep the 10.0.0.0/8 in the old network as it is.
this will give you separate non-overlapping networks so routing will be straghtforward.


your first question only mentioned a5404zl,
now there is a "core switch" an "edge switch" and a "router".
where the coreswitch also does routing (your initial question)
more info about your network could be helpfull

Pieter


0 Kudos
hiii
New Member

тАО07-03-2009 02:57 AM

тАО07-03-2009 02:57 AM

Re: ip routing

hii peter...

thanx for da help..i vil defintly try dat and let u knw wat hpns..
actually the router cums as a built in feature of the firewall ve are using...and is used for the internet alone.no routing protocols are enabled in that..

the router is connected to the core switch(5406zl).the core switch is doin the routing part..
0 Kudos
hiii
New Member

тАО07-04-2009 10:41 PM

тАО07-04-2009 10:41 PM

Re: ip routing

hii peter...

what you told was rite...
when i changed my subnet,the intervlan communication is taking place properly.
Iappriciate the help you have given me..

Also my another qury is, if i place an acl sayn..
"permit ip any [ vlan1 address]" as out bound to evry vlan interface,
the function this acl vil be doin will b...
permitting the traffic orginating from dat particular vlan to vlan 1 alone rite???or could u suggest wat this wil do...


my actual requirement is that...

1.ALL VLAN SHOULD BE ABLE TO COMMUNICATE WITH VLAN 1 AND VICE VERSA.

2.NO ODER VLAN SHOULD COMMUNICATE TO EACH ODER.

PLZ SUGGEST SOME IDEA...
0 Kudos
Pieter 't Hart
Honored Contributor

тАО07-05-2009 11:10 PM

тАО07-05-2009 11:10 PM

Re: ip routing

that will do part of what you want.

if you aply an acl then implicitly all other trafic is disallowed.
Also traffic within the vlan itself!
so to allow hosts both in vlan-x to communicate with eachother (and not only to vlan1 !), the acl of vlan-x also must contain
"permit ip any [vlan-x subnet]".
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.