HPE Community
Switches, Hubs, and Modems
1753437 Members
4960 Online
108794 Solutions
New Discussion юеВ

Re: routing with vlans (switch 5304xl)

 
SOLVED
Go to solution
Hugo Tigre
Trusted Contributor

тАО11-17-2005 05:30 AM

тАО11-17-2005 05:30 AM

Re: routing with vlans (switch 5304xl)

An update to the situation:

Thanks to Olaf Borowski tip, i remember of trying something, sinse this switch also suports static NAT mapping, i had a static nat entry for one of the hosts in vlan2, like "ip nat static 172.30.0.16 172.16.0.19" and it worked the client 172.30.0.16 had internet access, this worked because this client's ip leaves the switch with the ip 172.16.0.19 (translated with nat) :)

This doesn't resolve my issue completly, it's just a temporary solution, and was just a test that proved that my problem really resides in the router that is responsable for the NAT to the internet, just like what Olaf Borowski said.

Many thanks for all your help, soon has i know more about this, i'll reply here, but i think the problem is practically resolved ;)
0 Kudos
MIBA NSD
Advisor

тАО11-17-2005 06:31 AM

тАО11-17-2005 06:31 AM

Re: routing with vlans (switch 5304xl)

sorry, silly question, but does your internet gateway know the other vlans or only 172.16.0.0/16?

peter
0 Kudos
Olaf Borowski
Respected Contributor

тАО11-17-2005 08:50 AM

тАО11-17-2005 08:50 AM

Re: routing with vlans (switch 5304xl)

Hugo,

What kind of router/internet gateway to you have (Brand/model) so I can help you map out the complete solution.
BTW: You don't need RIPV2 to route between the vlans. The box routes between vlans with just "ip routing" turned on. You use RIP or other routing protocls to tell others (like your internet router/gateway) about you locally attached networks.
0 Kudos
Hugo Tigre
Trusted Contributor

тАО11-17-2005 09:42 PM

тАО11-17-2005 09:42 PM

Re: routing with vlans (switch 5304xl)

Thomas Ahrer:

Yes it knows all vlans, like Olaf Borwoski said it learned from rip.


Olaf Borowski:

Actualiy i have several of them, but all of them cisco routers (2620 / 1710 / 3640 / etc), but for the time being, the information that leaves the switch passes through my gateway 172.16.0.1 and them is directed to a internet gateway 172.16.0.10, and this is the one i need to configure, wich is a cisco 1710 with IOS 12.3(12).

Note: this is still being tested in a lab environment, when this is implemented in the production environment i will need to update about 3 routers (internet gateways), so in fact each vlan will have it's own gateway. And in this case i'm not shure how i will insert the routes, since i can only add one 0.0.0.0/0 route
0 Kudos
MIBA NSD
Advisor

тАО11-17-2005 11:28 PM

тАО11-17-2005 11:28 PM

Re: routing with vlans (switch 5304xl)

yes but u wrote something that nat works so i think that the problem is on the 172.16.0.1
have u tried adding 2 static routes on 172.16.0.1

172.30.0.0/16 --> 172.16.15.60
172.31.0.0/16 --> 172.16.15.60
0 Kudos
Hugo Tigre
Trusted Contributor

тАО11-17-2005 11:47 PM

тАО11-17-2005 11:47 PM

Re: routing with vlans (switch 5304xl)

Thomas Ahrer:

Yes u r correct, but like i said before 172.16.0.1 allready knows my vlans, those two routes were added by rip.

In fact the problem isn't the 172.16.0.1 because this is just my first gateway, the trafic that passes through this router is directed to another router (172.16.0.10) and this is the one responsible for natting to internet.

So the router i have to configure is 172.16.0.10, but i still haven't done this, because i didn't have time yet, i have several project in hand, and some of them have a higher priority than this one, but today i should have everyting working :D

I reply has soon has i have and update.

Best regards
Hugo Tigre
0 Kudos
Ardon
Trusted Contributor

тАО11-18-2005 01:10 AM

тАО11-18-2005 01:10 AM

Re: routing with vlans (switch 5304xl)

Hi Hugo,

I quickly set up the same configuration as you described using the same IP Addresses.
This is how the routing table of my 172.16.0.1 (also 53XX) looks like:

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
127.0.0.0/8 reject static 0 250
127.0.0.1/32 lo0 connected 0 0
172.16.0.0/16 DEFAULT_VLAN 1 connected 0 0
172.30.0.0/16 172.16.15.60 1 rip 2 120
172.31.0.0/16 172.16.15.60 1 rip 2 120


As you can see it learned the two Subnets over RIP.
Like Olaf said you do not need to have RIP Enabled on VLAN 10&20 as they are Directly Connected networks wich will be advertised by RIP running on VLAN 1 (default=enabled to advertise Directly Connected Networks over RIP).
Your Gateway of 172.16.0.1 is that under your control? I get the strong impression that it is not running RIP.Preferrably you need to know the 172.16.0.1 configuration especially the output of the Routing Table.

If the 172.16.0.1 is not under your control you can also Sniff using a Monitoring Port (which I see is configured) and look for RIP Packets.
Are you sure the 172.16.0.1 is running RIP and if so, what version? I takes two to tango right?

Mind you that at least one port in a VLAN must be Up in order for you to see it appearing in the Routing Table and therefore also RIP.

You need to know the remote site!!

Regards, Ardon



ProCurve Networking Engineer
0 Kudos
Hugo Tigre
Trusted Contributor

тАО11-18-2005 01:46 AM

тАО11-18-2005 01:46 AM

Re: routing with vlans (switch 5304xl)

Hi Ardon,

Thanks for all your work.

I had the impression i needed to have rip enable on all the vlans, besides vlan1, but i'm testing that right now.

172.16.0.1 is under my control, but only recently, it wasn't me that did the initial set up, but also this router is running rip.

All of them r running rip v2

This is a pretty big and complex network and i just recently started to make changes to it's topology, and also, the 5304xl where the vlans are, is completly under my control, but my gateways (cisco routers) have more people involved, and so i can't make changes to it without previous discussion with the people involved. Everething has to be documented :)

But like i said before the routing tables are correct, the packets r reaching the desired destination, but r beeing discarted in the internet gateway, because the corrent NAT doesn't recognise vlan 2 and 3. I'm in the proccess of configuring an additional router with a dedicated internet line, for the porpose of testing, not only for this cenario of course. This is one of the reasons i haven't yet make the necessary changes to the current internet gateway.

But like i said in one of my previous messages, when i tryied the static nat entry in the 5304xl switch for vlan2, it worked, the host in vlan2 imidiatly recive internet access. This plus the correct routes, give a good ideia that the problem really resides in nat.

Best Regards,
Hugo Tigre
0 Kudos
MIBA NSD
Advisor

тАО11-18-2005 04:39 AM

тАО11-18-2005 04:39 AM

Re: routing with vlans (switch 5304xl)

Hi Hugo!
Its me again.
i think the traffic is going out but not comming back, so make some traceroutes to see where it stops.

another posibility is to use nat but i think u dont want to use it.

0 Kudos
Ardon
Trusted Contributor

тАО11-21-2005 08:11 PM

тАО11-21-2005 08:11 PM

Re: routing with vlans (switch 5304xl)

Hi Hugo,

Sorry I overlooked that NAT part. So with NAT it works OK. That makes me very much inclined to believe that (as Routing Tables look ok) that your Firewall is blocking these subnets. So it matters how the traffic is sourced. I would look into the log of your Firewall.

Regards, Ardon
ProCurve Networking Engineer
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.