- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- 5406zl VLAN ARP/Routing Issue
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-30-2010 07:12 AM
тАО01-30-2010 07:12 AM
5406zl VLAN ARP/Routing Issue
Some of my HP Proliant hosts running CentOS 5.4 have 2 interfaces, one assigned to a service vlan and one assigned to an administrative vlan. I assigned the default GW to the interface that is in the service vlan. When I ping a IP of a host assigned to the administration VLAN from my default GW (my Firewall, which is in its own VLAN between itself and the 5406 VRRP pair) the ping fails. If I then ping the IP assigned to the service VLAN of this same host the ping to the admin VLAN starts to work.
What I discovered is that once I get a ping to the admin VLAN IP to respond, the response leaves the interface that is in the services VLAN, which is the default GW/default route of the server.
I suspect that since the 5406 has an interface IP in the admin VLAN, my ping to the host creates an arp request to the host and this request is delivered, however since the default route is out the other interface and no arp entry exists in the switch, the response fails. Once I ping the IP in the service VLAN of this host and arp entry is created and subsequent pings to the originally failing admin VLAN IP begin to work.
In addition when a ping to a host in this admin VLAN fails from my GW (FW VLAN) I can log into a host in any VLAN and ping the exact same admin VLAN IP with no problem, but this does not correct the failing ping from the GW.
I am not sure what the problem is, and what I can do to correct the issue. Is there some configuration or change I can make on the switch to fix this issue? I have attached a diagram that might help with understanding my network configuration.
Thanks,
David
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-30-2010 07:25 AM
тАО01-30-2010 07:25 AM
Re: 5406zl VLAN ARP/Routing Issue
have you tried proxy-arp on the interfaces?
Can you provide us a "show running-config" from the switch?
Regards,
Patrick
Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-30-2010 09:40 AM
тАО01-30-2010 09:40 AM
Re: 5406zl VLAN ARP/Routing Issue
Haven't tried proxy-arp, not that familiar with the concept, could you elaborate?
Attached is a copy of my running config.
Thanks,
David
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-31-2010 03:02 AM
тАО01-31-2010 03:02 AM
Re: 5406zl VLAN ARP/Routing Issue
with "ip local-proxy-arp" enabled, the switch answers to ARP requests in a VLAN with it's own mac-address. Give it a try.
Regards,
Patrick
Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-31-2010 06:07 AM
тАО01-31-2010 06:07 AM
Re: 5406zl VLAN ARP/Routing Issue
I enabled ip local-proxy-arp but am still seeing the same results.
Looks like the MAC addresses of the target hosts are in the mac table of the switch when I run show mac, but I do not get a ICMP response when I ping them.
David
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-01-2010 04:04 AM
тАО02-01-2010 04:04 AM
Re: 5406zl VLAN ARP/Routing Issue
can you ping the device from the switch command line? After that, can you successful ping from the client device?
Regards,
Patrick
Patrick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-01-2010 05:31 AM
тАО02-01-2010 05:31 AM
Re: 5406zl VLAN ARP/Routing Issue
I am able to successfully ping any host in my VLAN10 MGMT VLAN from the switch CLI or from any other host in any other VLAN except VLAN500. VLAN500 is the vlan between my FW and my switch pair, however being that I can ping from the switch which has an IP in VLAN500 but not from the FW (or from my laptop while vpn'd in)which is also in VLAN500 is what is confusing me.
I found a work-around to my issue but I would still like to understand why my switching network is behaving the way that it is. I classified this issue as an asymmetrical routing issue so I enabled policy based routing on my Linux hosts in VLAN10. Once I did this the issue went away for those hosts.
Basically the policy forces requests that arrive at one interface to be responded to out of the same interface. Again, while this works it doesn't answer why I had to compensate like I did and I am still trying to understand what is incorrect with my switching configuration.
David