HPE Community
HPE Aruba Networking & ProVision-based
1820291 Members
3123 Online
109622 Solutions
New Discussion

Procurve 2848 and loop

 
SOLVED
Go to solution
billmx
Occasional Contributor

‎04-22-2014 06:41 AM - last edited on ‎04-22-2014 06:36 PM by

‎04-22-2014 06:41 AM - last edited on ‎04-22-2014 06:36 PM by

Procurve 2848 and loop

Our configuration has a sonicwall router connected to our HP 2848 on two ports, 33 and 44. Port 44 connects to the lan interface on the sonicwall and has been running fine for a long time. However, I recently configured port 33 to connect to the wireless interface on the Sonicwall. Port 34 and 35 have wireless access points connected.

 

When it's all connected everything works, however it seems this setup creates a loop it seems under a specific scenario.

 

When VPN users connect to the sonicwall, they intermittently lose access to machines on the network. A packet capture on the sonicwall shows pings that go out on the lan interface to port 44, but are sometimes returning via port 33. Then they are blocked as spoofed.

 

It seems the only issue is with VPN connections. Internal users do not show this issue.

 

 

Here is the config for the procurve: 

 

hostname "ProCurve Switch 2848"
max-vlans 10
interface 33
name " "
no lacp
exit
interface 34
name " "
exit
interface 35
name " "
exit
trunk 33 Trk1 LACP
ip default-gateway 192.168.1.1
ip routing
snmp-server community "public" Unrestricted
snmp-server host 192.168.1.77 "public"
snmp-server host 10.10.0.120 "public"
snmp-server host 10.10.0.139 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-18,30-31,34-35,38-40,42-45,47,Trk1
ip address 192.168.1.251 255.255.255.0
no untagged 19-29,32,36-37,41,46,48
exit
vlan 10
name "VLANCorp"
untagged 19-29
ip address 10.10.0.2 255.255.0.0
ip helper-address 192.168.1.28
exit
vlan 2
name "VLANEng"
untagged 37,46
ip address 10.20.0.2 255.255.0.0
ip helper-address 192.168.1.28
exit
vlan 3
name "VLANMnf"
untagged 36,48
ip address 10.30.0.2 255.255.0.0
ip helper-address 192.168.1.28
exit
vlan 5
name "VLANThermal"
untagged 41
ip address 10.50.0.2 255.255.0.0
ip helper-address 192.168.1.28
exit
vlan 6
name "VLANPub"
untagged 32
ip address 10.60.0.2 255.255.0.0
ip helper-address 192.168.1.28
exit
vlan 101
name "VLANGuest"
tagged 34-35,Trk1
exit
vlan 100
name "VLANStaff"
tagged 34-35,Trk1
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
gvrp
ip route 0.0.0.0 0.0.0.0 192.168.1.1
filter source-port "32" drop 1-31,34-43,45-48
spanning-tree
spanning-tree Trk1 priority 4
password manager

 

 

 

Any thoughts are appreciated !

 

Thanks !

 

 

P.S. This thread has been moved from Switches, Hubs, Modems (Legacy ITRC forum) to ProCurve / ProVision-Based. -HP Forum Moderator

0 Kudos
1 REPLY 1
billmx
Occasional Contributor

‎05-01-2014 07:05 AM

‎05-01-2014 07:05 AM

Solution

Re: Procurve 2848 and loop

In case this helps someone else - I eventually figured this out. I did not need to create a trunk. In my mind I was trunking together ports 33-35, but that was not the case. I now understand that a trunk would be used if I had multiple ports passing VLAN traffic to the main switch and in my case I only had one port (33).  It seems that creating a trunk with only one port was causing my loop ??

 

In any case, I removed the trunk that I had setup (Trk1) and the following config for Vlan 100 and 101 has things working :

 

vlan 101
name "VLANGuest"
tagged 33-35
exit


vlan 100
name "VLANStaff"
tagged 33-35
exit

 

 

Thanks,

Bill

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.