Switches, Hubs, and Modems
1748203 Members
3199 Online
108759 Solutions
New Discussion юеВ

Re: vlan setup

 
Gary Peltola
Occasional Contributor

vlan setup

Heres my question, I got a HP 2524 (2 of them) and i want each port to have its own VLAN, from my understanding, doing this will cut down on broadcasts (i run a reseller colo company)

Currently I have 24 vlans setup, each named Port2 Port3 etc...

The Default Lan has all the ports as "UNTAGGED"

the problem i have, is say i put Port 2 in Port2 VLAN and mark it "TAGGED"...and then remove it from default Lan (instead of untagged, select "NO"

As soon as i do that, the port stops responding. What am i doing wrong?

How do i get each port into its own vlan, without locking myself out (already did once, all ports stopped responding after i accidently marked port 1 (uplink) as NO....
11 REPLIES 11
BP7
Occasional Contributor

Re: vlan setup

to put port 2 in port2vlan you have select no for default vlan and untagged for port2vlan.
If you want on port 6 port2vlan and port3vlan, you must have port 2 tagged and port 3 tagged.
Gary Peltola
Occasional Contributor

Re: vlan setup

to put port 2 in port2vlan you have select no for default vlan and untagged for port2vlan.
---------
I've done this as well, once i remove port 2 from default-vlan and put port 2 on port2-vlan to untagged, the port is still non responsive to traffic (im pinging every second watching the primary ip)
Dmitry G. Spitsyn
Trusted Contributor

Re: vlan setup

In its factory default configuration, the switch operates as a multiport learning bridge with network connectivity provided by the ports on the switch.
Configuring the switch with an IP address expands your
ability to manage the switch and use its features. By default, the switch is configured to automatically receive IP addressing on the default VLAN from a DHCP/Bootp server that has been configured correctly with information to support the switch.
However, if you are not using a DHCP/Bootp server to configure IP addressing, use the menu interface or the
CLI to manually configure the initial IP values.

vlan ip address

In the factory-default configuration, the switch has one, permanent default VLAN (named DEFAULT_VLAN) that
includes all ports on the switch. Thus, when only the
default VLAN exists in the switch, if you assign an IP
address and subnet mask to the switch, you are actually
assigning the IP addressing to the DEFAULT_VLAN.

If multiple VLANs are configured, then each VLAN can have its own IP address. This is because each VLAN
operates as a separate broadcast domain and requires a unique IP address and subnet mask.

A default gateway (IP) address for the switch is optional, but recommended.
There may be only one default gateway per a HP 25XX switch.

The default gateway is required when a router is needed for tasks such as reaching off-subnet destinations or forwarding traffic across multiple VLANs. The gateway value is the IP address of the next-hop gateway node for the switch, which is used if the requested destination address is not on a local subnet/VLAN. If the switch does not have a manually-configured default gateway and DHCP/Bootp is configured on the primary VLAN, then the
default gateway value provided by the DHCP or Bootp
server will be used. If the switch has a manually
configured default gateway, then the switch uses this
gateway, even if a different gateway is received via
DHCP or Bootp on the primary VLAN.
In the factory-default configuration, the switch designates the default VLAN (DEFAULT_VLAN) as the "Primary VLAN". However, you can designate another VLAN as the "Primary VLAN".

The IP addressing used in the switch should be compatible with your network.
When you move a port from DEFAULT_VLAN to its own
VLAN it will be confined by its own broadcast domain. To
access the port using a ping (Level 3) command you will
need to assign a separate IP address to its VLAN.
If you try this from another VLAN you will need a router
between the VLANs.

You must use a tagged port to connect a 802.1Q-aware device only. Otherwise use untagged port settings.

BR,
Dmitry
Ron Kinner
Honored Contributor

Re: vlan setup

You only use tagging when the other end understands it, usually when you have multiple VLANS on a single link.

I could be wrong but I don't think your 2524 does IP routing so unless you have a router which understands tagging it is not going to work. Even if it has IP routing in order to you get it to work you would need for each VLAN to have its own IP address and subnet. Then each host would have to get a new IP address in the subnet and would also have to change to a new default gateway namely that of the IP address of the VLAN. In the case of an external router you would still need to do about the same except the gateway IP addresses would be on the router.

Instead, make sure you have the latest version of the software (F.04.08) and use Isolated Port Groups which are discussed on page 99 of Release Notes: Version F.04.08 Operating System for the HP Procurve Switches 2512 and 2524
(Edition 2, February 2002) found on

http://www.hp.com/rnd/support/manuals/23xx_25xx.htm

This seems to me to be closer to what you want to do and it does not appear to require your customers to reconfigure their systems. If you put your customers' ports in Private mode and your Uplink in Uplink mode then they can not talk to each other unless something on the Uplink port does some IP routing so any broadcasts should not appear on their ports. (Might still show up on the uplink but there may be ways to block that.)

Ron
Hugo Vincent
Occasional Advisor

Re: vlan setup

here's another variant i'm interested in doing want to know if port isolation could do the trick.

a small layers firm are want to share 1 internet connection, each layer is basicly a distinct office the router currently in place doesn't do 802.1q and each mini lan is 2-3 nodes..

need suggestions.
Ron Kinner
Honored Contributor

Re: vlan setup

Isolated port groups are probably the way to go.

Ron
Hugo Vincent
Occasional Advisor

Re: vlan setup

how many groups will the switch allow me to create..

i need to set up 12 groups.
SCOOTER
Esteemed Contributor

Re: vlan setup

@Hugo

See attached file.

Regards,

SCOOTER
Hugo Vincent
Occasional Advisor

Re: vlan setup

so if i understand right i can group some ports but i'm short on group's since i could do group1 - group2 - private

or i can set multiple group1 ?