Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

routing with 5400zl, one local vlan, three external vlans on single port

SOLVED
Go to solution
Ron At MRO
Occasional Contributor

routing with 5400zl, one local vlan, three external vlans on single port

I've been fighting this for a while, and need help.

I have three remote sites, connected via 3 VLANs on port A1 of the 5400zl. All 5400 ports are VLAN1 and untagged, except A1. Port A1 is tagged for VLANS1,320-322. I've enabled routing, setup the VLANS with ip addresses, and enabled dhcp helper addresses. I'm unable to ping any of the other VLANS, even the local VLAN IP address from a client attached to the local 5400zl. I can ping all local VLAN IP addresses from the local switch. My dhcp server, local and untagged on VLAN1, is receiving requests from the other VLANS, but doesn't seem to be able to talk back.

Pls look over my config, below and tell me what to do to fix the issue. If it helps, I have 2824s on the other ends. All of their ports are untagged for their VLAN, with routing turned on.

; J8697A Configuration Editor; Created on release #K.13.51

hostname "SW-ROB-MAIN"
time timezone -420
time daylight-time-rule Continental-US-and-Canada
fastboot
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 5 type J8702A
ip default-gateway 10.10.0.254
ip routing
ip directed-broadcast
ip udp-bcast-forward
timesync sntp
sntp unicast
vlan 1
name "ROB"
untagged A2-A24,B1-B24,C1-C24,D1-D24,E1-E24
ip address 10.10.0.10 255.255.252.0
tagged A1
exit
vlan 320
name "ROBWCL"
qos priority 0
ip helper-address 10.10.0.253
ip address 10.10.4.1 255.255.252.0
tagged A1
exit
vlan 321
name "ROBISF"
qos priority 0
ip helper-address 10.10.0.253
ip address 10.10.8.1 255.255.252.0
tagged A1
exit
vlan 322
name "RIDGE"
tagged A1
no ip address
exit
qos type-of-service diff-services
mirror 1 port C19
logging 10.10.0.238
sntp server priority 1 10.10.0.239
ip dns domain-name "mro.nmt.edu"
ip dns server-address priority 1 10.10.0.253
no ip ssh
ip route 0.0.0.0 0.0.0.0 10.10.0.254
ip router-id 10.10.0.10
ip multicast-routing
router ospf
area 0.0.0.1
area 0.0.0.2 stub 1
area 0.0.0.2 range 10.10.0.0 255.255.252.0 type summary
area 0.0.0.4 stub 1
area 0.0.0.4 range 10.10.4.0 255.255.252.0 type summary
area 0.0.0.8 stub 1
area 0.0.0.8 range 10.10.8.0 255.255.252.0 type summary
area backbone
redistribute connected
no rfc1583-compatibility
exit
router rip
distance 25
redistribute static
redistribute ospf
exit
spanning-tree
spanning-tree priority 1
vlan 320
ip ospf 10.10.4.1 passive
ip ospf 10.10.4.1 area 0.0.0.4
ip ospf 10.10.4.1 priority 0
ip rip 10.10.4.1
ip rip 10.10.4.1 receive V1-or-V2
ip rip 10.10.4.1 send V1-compatible-V2
exit
vlan 321
ip ospf 10.10.8.1 passive
ip ospf 10.10.8.1 area 0.0.0.8
ip ospf 10.10.8.1 priority 0
ip rip 10.10.8.1
ip rip 10.10.8.1 receive V1-or-V2
ip rip 10.10.8.1 send V1-compatible-V2
exit
management-vlan 1
no tftp client
password manager
password operator
3 REPLIES
Pieter 't Hart
Honored Contributor
Solution

Re: routing with 5400zl, one local vlan, three external vlans on single port

better put the config in attachement.

your config looks more complicated then neccessary.

if you only want the vlans "tagged" to the other side, only assigning ip-adresses to the vlan's + "ip routing" is sufficient.
ospf and rip are not needed for this.

you do not mention the config of the connected switch.
this also needs the same vlans "tagged" on the port that connect to this switch.
and then the ports of endpoints should be untagged in the right vlan (320-322).

also check the dchp configuration.
you need a scope for each subnet/vlan.
in the dhcp-options the default-gateway of a client in vlan320 must point to this switch's interface in vlan 320 ->10.10.4.1.
evenso for vlan 321 to 10.10.8.1 etc.
NOT to the default-gateway 10.10.0.254!!!!

-------------------
if this 5400 it the router in your local network, there is no need for OSPF or RIP.
this switch allready knows all routes to the connected subnets/vlans.

if the 2824's route to other subnets, then they also must publish their route's
either by ospf or rip, why use both?

rip is a classfull routing protocol, so by default it summarizes to 10.0.0.0/8 subnet, unless all subnets use the same mask (here /23).
Ron At MRO
Occasional Contributor

Re: routing with 5400zl, one local vlan, three external vlans on single port

To clarify, the 5406zl has three external vlans on a single port, A1 - all of which are tagged. I do not own the network that the vlans operate over. The remote 2824's do not require the incoming/outgoing port to be tagged, so I assume that the campus network switches have an tagged ports that I am attached to.

I've reverted to a simpler config so that I can understand what is happening. I want to focus on a one internal VLAN and one external for now. I've attached configs for both the 5406 and 2824. I can ping/telnet to the remote switch from the 5406, but not from a workstation on the VLAN 4048. I want to be able to do so from any subnet. What do I do?
Ron At MRO
Occasional Contributor

Re: routing with 5400zl, one local vlan, three external vlans on single port

Okay, I feel like an idiot. I put default routes onto the remote switches and I can now ping and telnet.