HPE Community
Switches, Hubs, and Modems
1752354 Members
6479 Online
108787 Solutions
New Discussion юеВ

Re: 2650 VLAN Problem

 
kivanc
New Member

тАО05-17-2007 09:39 PM

тАО05-17-2007 09:39 PM

2650 VLAN Problem

Hi ,
first of all im not an experienced user nor i didnt use these switches before.
Ill try to explain my problem
I have 3 2650 stacked together.Also i created 3 VLans as ,
Default_Vlan 192.168.1.0/24
Prod_vlan 192.168.2.0/24
Guest_vlan. 192.168.3.0/24

what i want to do is separate all vlans so they shouldnt interfere eachother.But i have 1 computer in Default_vlan (port 17) that should communicate with Prod_vlan.
that's all ,Simple
But i couldnt manage it worked.

I did the following to archieve in all switches,
-Linked switches on ports 49,50
-stacked them
-created Two additional Vlans (Prod,Guest)
-untagged 49,50 on DEFAULT_VAN,tagged all other
-untagged the ports in Default_VLAN that should be in Default_vlan ,no to all other ports
-untagged the ports in Prod_vlan that should be in prod_vlan ,no to all other ports
-untagged the ports in guest_vlan that should be in guest_vlan ,no to all other ports.
- untagged port 17 on default_vlan,tagged 17 in Prod_vlan,no to Guest_vlan

All ports separated correctly but i couldnt manage to port 17 work on default_vlan and prod_vlan at the same time.

I also try to make ip routing enabled but it didnt workedout too.

I am missing something or many thing.
I hope i can explain
Thnx

0 Kudos
7 REPLIES 7
Joel Belizario
Trusted Contributor

тАО05-19-2007 06:05 PM

тАО05-19-2007 06:05 PM

Re: 2650 VLAN Problem

A host does not understand the tagged traffic for 'Prod_VLAN' so that is why it is not working, it cannot be physically a member of two different VLANs so its traffic will need to be routed.

What is the default gateways of your hosts in each VLAN? If IP routing is enabled, then all that needs to happen is for IP addresses to be assigned to the VLANs and hosts have their default gateway defined as their respective VLAN address (virtual router address).

Also make sure the management VLAN is not defined for any of these VLANs as this disables routing of non-management traffic.
0 Kudos
kivanc
New Member

тАО05-21-2007 09:22 PM

тАО05-21-2007 09:22 PM

Re: 2650 VLAN Problem

Additionally host has a 802.1Q compilant interface on it and QOS tagging enabled.
Also i didnt set default gateway because host and the members of Prod_vlan are in the same switch.
my conf is like


hostname "jcstack-03"
interface 47
no lacp
exit
snmp-server community "public" Unrestricted
snmp-server host 192.168.1.31 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 2,5-6,10,14-17,19-20,22-24,30-31,35,37-50
ip address 192.168.1.254 255.255.255.0
no untagged 1,3-4,7-9,11-13,18,21,25-29,32-34,36
exit
vlan 2
name "PROD"
untagged 25-29
no ip address
tagged 17,49-50
exit
vlan 3
name "GUEST"
untagged 1,3-4,7-9,11-13,18,21,32-34,36
tagged 39,49-50
exit
stack join 0019bb6a4100

Thnx
0 Kudos
Joel Belizario
Trusted Contributor

тАО05-22-2007 05:43 AM

тАО05-22-2007 05:43 AM

Re: 2650 VLAN Problem

Ok I am assuming the host on port 17 has an ip address in the 192.168.1.0/24 range?

If this is the case I believe what is happening is the hosts in "Prod_VLAN" are not able to see it because the traffic is not being routed.

"Prod_VLAN" has no ip address so routing is not enabled for this VLAN.
0 Kudos
kivanc
New Member

тАО05-22-2007 09:00 PM

тАО05-22-2007 09:00 PM

Re: 2650 VLAN Problem

Yes the host is on 192.168.1.0/25 subnet

After a few tryouts i managed to ping prod_vlan
what i did is ;
-set ip address 192.168.1.x/24 for default_vlan
-set ip address 192.168.2.x/24 for prod_vlan
-enabled ip routing.
-set the default gateway of the host(at 17) to default_vlan ip.

I amanged to ping to both side.
But the thing is when i do the conf above i could ping one of the host in prod_vlan from one host from default_vlan even its not tagged at all.

also when i set the gw to host it didnt route to internet gw because there is no roure for internet.

I ll try different settings and i ll let you know if i can succeed.
0 Kudos
kivanc
New Member

тАО05-30-2007 09:06 PM

тАО05-30-2007 09:06 PM

Re: 2650 VLAN Problem

Ok here is my config ,

Startup configuration:

; J4899B Configuration Editor; Created on release #H.10.31

hostname "jcstack-03"

ip default-gateway 192.168.1.254
ip routing
snmp-server community "public" Unrestricted
snmp-server host 192.168.1.31 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 2,5-6,10,14-17,19-20,22-24,30-31,35,37-38,40-50
ip address 192.168.1.254 255.255.255.0
no untagged 1,3-4,7-9,11-13,18,21,25-29,32-34,36,39
ip proxy-arp
exit
vlan 2
name "PROD"
untagged 25-29
ip address 192.168.2.254 255.255.255.0
tagged 17,49-50
ip proxy-arp
exit
vlan 3
name "GUEST"
untagged 1,3-4,7-9,11-13,18,21,32-34,36,39
ip address 192.168.3.254 255.255.255.0
tagged 49-50
ip proxy-arp
exit
stack join 0019bb6a4100

All the hosts on prod_vlan (25-29) has dg 192.168.2.254 and host 17 has dg 192.168.1.254
i can ping from 17 to any host on Defaut_vlan or prod_vlan.But other than ICMP doesnt work for prod_vlan.
Also any host on any vlan can ping if i change its Dg to its vlan ip.
I just want to separate all vlans except Host 17 it needs be in default_vlan and Prod_vlan at the same time.
Helps are very welcome .Thnx
0 Kudos
Joel Belizario
Trusted Contributor

тАО05-31-2007 02:09 AM

тАО05-31-2007 02:09 AM

Re: 2650 VLAN Problem

Would it be possible to use a second NIC on the server and have it physically present on both VLANs?

On the 2600 series they do not have access control lists to allow traffic filtering by IP.
0 Kudos
kivanc
New Member

тАО05-31-2007 02:41 AM

тАО05-31-2007 02:41 AM

Re: 2650 VLAN Problem

The host actually is not a server.Its kind of a station that should be connected to both vlans.
Anyway if i need to some kind of feature to do separation of vlans that wont work with that conf.
I am also could't reach host on port 17 from port 25.
Only icmp seems working.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.