HPE Community
LAN Routing
1752810 Members
5810 Online
108789 Solutions
New Discussion

HP 5900AF Intervlan routing

 
LayerZeroSwitch
Visitor

‎06-20-2020 03:39 AM

‎06-20-2020 03:39 AM

HP 5900AF Intervlan routing

Hey guys! I know nothing about networking, just set all this up and am trying my best.

HP 5900AF-48XGT switch connecting modem and computers (10.1.10.***) to an NVR with 192.168.1.1 IP address.

This NVR can not access the internet or modem.

So I made two VLANs. VLAN 1 which has the modem, and VLAN 192 that has the NVR.

Next I gave IP addresses to both VLANs. But I'm confused on what I should make the IPs and if I'm limited or if anything will work.

VLAN 1 IP = 10.1.10.245

VLAN 192 IP = 192.168.1.1

Computers on VLAN 1 can not ping VLAN 192.

The switch itself through the console is able to ping both.

What do I do next? Is this called Intervlan routing?

I did IP static-route 10.1.10.245 255.255.255.0 vlan 1 192.168.1.1       = But that didn't allow things to see each other... and this is the point it is getting too complicated. I don't understand anything about subnets.

I was hoping that after assigning IPs, the layer 3 switch would just make it all work.

What's the easiest way I can get it going from here? The firmware isn't too old, but the web interface doesn't have any features like this in it, so CLI for me. I tried updating via USB, but couldn't figure out out either... so CLI only I guess.

I decided to post them and go to sleep and see if anyone can help.  Thank you!

0 Kudos
1 REPLY 1
parnassus
Honored Contributor

‎06-20-2020 06:06 PM - edited ‎06-21-2020 02:59 PM

‎06-20-2020 06:06 PM - edited ‎06-21-2020 02:59 PM

Re: HP 5900AF Intervlan routing

Hi! Inter-VLANs routing should be enabled by default once you assign a VLAN Interface an IP Address (SVI), that's what's happening to your scenario.

NO static routing (please get rid of the static route you configured!) is necessary for Inter-VLANs routing. I don't know you exact scenario/topology/addressing but I can say that - probably - the only static route you need is the one that teach your switch where to forward packets to for any non local networks (say to go to Internet)...this static route generally is referred to as Route of Last Resort (or Default Route) and has the form of destination 0.0.0.0 mask 0.0.0.0 via Next Hop Gateway IP Address (this one would be simply the Router for your Internet access).

Could you perform this test (with your VLAN IDs/IP addresses):

  1. Configure (if not already done) an interface (say 1/0/n) as access with PVID set to VLAN ID 1
  2. Connect an Host with static IP Addressing within 10.1.10.0/24 with Default Gateway set to 10.1.10.245 (here I suppose your VLAN ID 1 SVI 10.1.10.245 belongs to a 24 bit subnet 10.1.10.0/24) to interface 1/0/n.
  3. Disable (or verify/configure accordingly to permit/let ICMP Ping) host OS Firewall.
  4. From this host ping VLAN 1 SVI and VLAN 192 SVI IP addresses.
  5. From this host ping the other host assigned IP Address.
  6. Configure (if not already done) an interface (say 1/0/m) as access with PVID set to VLAN ID 192
  7. Connect an Host with static IP Addressing within 192.168.1.0/24 with Default Gateway set to 192.168.1.1 (here I suppose your VLAN ID 192 SVI 192.168.1.1 belongs to a 24 bit subnet 192.168.1.0/24) to interface 1/0/m.
  8. Disable (or verify/configure accordingly to permit/let ICMP Ping) host OS Firewall.
  9. From this host ping VLAN 192 SVI and VLAN 1 SVI IP addresses.
  10. From this host ping the other host assigned IP Address.

I expect tests at steps 4,5,9,10 will be successful.

The VLAN ID 1 SVI 10.1.10.245 is pretty strange...often (usually) a good/recognizable/reasonable/error-prone IP Address choice for a VLAN SVI - especially in a green field deployment when you're free to best use IP Addresses - is the first or last addresseable IP Address of the VLAN subnet: say you work with 10.1.10.0/24 then is usually expected (while it's not mandatory) that VLAN SVI is 10.1.10.1 (first) or 10.1.10.254 (last)...that's to keep things simple. Seeing a VLAN SVI just in the middle as the 10.1.10.245 is, looks quite strange. Hope it's not a typo (245<->254).

Edit: PVID = Port VLAN ID, the VLAN ID an untagged packet received on a interface/port (so ingressing the interface/port) is used to tag the packet internally to the swtich....or, in other words, the VLAN ID that will be assigned to untagged frames received on a port. In a default state the PVID for a port is 1 (VLAN 1).


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.