HPE Community
Switches, Hubs, and Modems
1751720 Members
3399 Online
108781 Solutions
New Discussion юеВ

Re: problems with 3rd party transparent mode device on Procurve router

 
Bruce Campbell_3
Valued Contributor

тАО02-04-2009 10:56 AM

тАО02-04-2009 10:56 AM

problems with 3rd party transparent mode device on Procurve router


We use Procurve 3500yl/5400zl routers,
and are trying to add a 3rd party
transparent mode device, in this
case a Cisco ACE 4710 server load balancer.

It appears the Procurve switch gets confused when
it sees the same MAC address on 2 vlans, as
would be the case with a transparent mode
device bridging 2 vlans.

We can get it to work if we use the ACE
in routed mode, or if we use the HP device
in purely layer 2 mode (no routing). In that
latter case, the HP is fine when it sees the
same MAC on 2 vlans.

I've put additional information here,
including how to replicate this. We haven't
opened a case yet.

https://strobe.uwaterloo.ca/~twiki/bin/view/ISTNS/ProcurveL2L3Table
Bruce Campbell
Director, Network Services
Information Systems and Technology
MC 1018
(519)888-4567 x38323
University of Waterloo, Waterloo, ON
0 Kudos
6 REPLIES 6
Tabasco
New Member

тАО02-04-2009 11:11 PM

тАО02-04-2009 11:11 PM

Re: problems with 3rd party transparent mode device on Procurve router

Are both the routes on the 3500/5400 default for their respective vlans? Being the case, it sounds as if the issue has to do with the CPU engine getting confused when it needs to route and sees a mac pop up differnt vlan ports. I have seen this before. It was noted as an ASIC limitation. You can try setting the client default route to be a device upstream of the 3500. That should work and confirm my guess.
0 Kudos
Marcus J
Frequent Advisor

тАО02-04-2009 11:19 PM

тАО02-04-2009 11:19 PM

Re: problems with 3rd party transparent mode device on Procurve router

Hi,

Yes i have seen the exact same thing trying to install a juniper device in transparent mode.
I ended up using it i routemode instead.

The problem would be solved if you could change the mac address on the interfaces on the cisco, but i don't know if this is possible when used in transparent mode.

Would be interesting to see if this setup would work on any other brand of switch, 3com, cisco or whatever?
0 Kudos
Bruce Campbell_3
Valued Contributor

тАО02-05-2009 10:18 AM

тАО02-05-2009 10:18 AM

Re: problems with 3rd party transparent mode device on Procurve router


I've confirmed Procurve works if the route
point is upstream of the 3500yl doing
the bridging. But, if the bridged
vlans traverse the Procurve doing
the routing, it fails.

I've also confirmed that a Cisco 3750
works fine doing bridging and routing
simultaneously. Cisco config and
results added to:

https://strobe.uwaterloo.ca/~twiki/bin/view/ISTNS/ProcurveL2L3Table
Bruce Campbell
Director, Network Services
Information Systems and Technology
MC 1018
(519)888-4567 x38323
University of Waterloo, Waterloo, ON
0 Kudos
Tabasco
New Member

тАО02-05-2009 12:37 PM

тАО02-05-2009 12:37 PM

Re: problems with 3rd party transparent mode device on Procurve router

The problem replication you have is great. I suggest you open a case with support, give them the replication information, and insist they fix it. If they claim it is a hw/asic limitation, insist they explain to you in detail why it is a limitation of the device. Definately point out that Cisco doesnt have this problem. That will get you the most comprehensive answer possible. (Don't let them push back on giving you details) Once you find out, please post here for our education.
0 Kudos
Bruce Campbell_3
Valued Contributor

тАО02-06-2009 11:43 AM

тАО02-06-2009 11:43 AM

Re: problems with 3rd party transparent mode device on Procurve router


I opened a case (3604783742) and was advised
the Procurve supports a single layer 3
forwarding database, and would not support
this environment.

But, I did some more tests, and found
the Procurve does in fact support the same
MAC on different vlans, for both layer
2 and layer 3.

ProCurve Switch 3500yl-48G# show arp

IP ARP table

IP Address MAC Address Type Port
--------------- ----------------- ------- ----

129.97.142.100 00188b-d0bdfb dynamic 11
129.97.14.100 00188b-d0bdfb dynamic 35


Details added to end of:

https://strobe.uwaterloo.ca/~twiki/bin/view/ISTNS/ProcurveL2L3Table

This suggests the ASIC can support the
environment, but there may be a firmware
bug related to populating the ARP table,
when the same MAC/IP combination appears
on 2 vlans. (This recent test saw the
same MAC, but different IPs, on the 2 vlans)


Bruce Campbell
Director, Network Services
Information Systems and Technology
MC 1018
(519)888-4567 x38323
University of Waterloo, Waterloo, ON
0 Kudos
Matt Hobbs
Honored Contributor

тАО05-29-2009 06:04 PM

тАО05-29-2009 06:04 PM

Re: problems with 3rd party transparent mode device on Procurve router

Bruce, I think you can workaround this issue by setting a different mac-address for one of your VLAN interfaces.

5400(vlan-1)# ip-recv-mac-address
MAC-ADDR The L3-mac-address to be associated with a VLAN.

I had to do this once for a similar transparent proxy/filtering device and it worked very nicely.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.