HPE Community
Switching and Routing
1846988 Members
3379 Online
110257 Solutions
New Discussion

HP A5500-24G EI Switch

 
SOLVED
Go to solution
hishammohd
Occasional Visitor

‎01-05-2021 07:46 PM

‎01-05-2021 07:46 PM

HP A5500-24G EI Switch

Hi. i have this problem when setup HP A5500-24G EI Switch with 2 Interface Slots Software Version 5.20. My company having using this coreswitch using single vlan 1 and wanted me to create new vlan for each floor. I have manage to create vlan but only vlan 1 that have the internet but vlan 20, vlan 50, vlan 70, vlan 100 and vlan 200 does not get internet. Is there any other solution ? Add Vlan Policy ? or What ?

This is my configuration :

[JKN_KELANTAN_CS]di cu
#
version 5.20, Release 2208P01
#
sysname JKN_KELANTAN_CS
#
clock timezone #Web#8#03 add 08:00:00
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
#
domain default enable system
#
router id 10.127.120.12
#
telnet server enable
#
ip ttl-expires enable
ip unreachables enable
#
undo ndp enable
#
undo ntdp enable
#
undo cluster enable
#
loopback-detection enable
#
vlan 1
description VLAN Gitn
#
vlan 20
description VLAN 0020 ARAS 2
#
vlan 50
description VLAN 0050 ARAS 5
#
vlan 70
description VLAN 0070 ARAS 7
#
vlan 100
description VLAN 0100 ARAS 10
#
vlan 200
description VLAN 0200 WIFI
#
vlan 300
description VLAN 0300 RES
#
radius scheme system
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool 1
network 10.127.120.0 mask 255.255.254.0
gateway-list 10.127.120.12
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name vlan1.jknk.moh.gov.my
#
dhcp server ip-pool 100 extended
network ip range 10.127.125.50 10.127.125.254
network mask 255.255.255.0
gateway-list 10.127.125.1
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name Aras10.jknk.moh.gov.my
#
dhcp server ip-pool 20 extended
network ip range 10.127.122.50 10.127.122.254
network mask 255.255.255.0
gateway-list 10.127.122.1
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name Aras2.jknk.moh.gov.my
#
dhcp server ip-pool 200 extended
network ip range 10.127.127.50 10.127.127.254
network mask 255.255.255.0
gateway-list 10.127.127.2
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name vlanwifi.jknk.moh.gov.my
#
dhcp server ip-pool 50 extended
network ip range 10.127.123.50 10.127.123.254
network mask 255.255.255.0
gateway-list 10.127.123.1
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name Aras5.jknk.moh.gov.my
#
dhcp server ip-pool 70 extended
network ip range 10.127.124.50 10.127.124.254
network mask 255.255.255.0
gateway-list 10.127.124.1
dns-list 10.251.3.17 10.249.10.13 8.8.8.8
domain-name Aras7.jknk.moh.gov.my
#
user-group system
#
local-user admin
password cipher R5'8ZDZO57%S<-PNJS1SVA!!
authorization-attribute level 3
service-type ssh telnet terminal
#
stp mode rstp
stp instance 0 root primary
#
interface NULL0
#
interface Vlan-interface1
description MGT VLAN
ip address 10.127.120.12 255.255.254.0
dhcp select server global-pool subaddress
#
interface Vlan-interface20
description L2
ip address 10.127.122.1 255.255.255.0
rip summary-address 10.0.0.0 255.0.0.0
dhcp server apply ip-pool 20
#
interface Vlan-interface50
description L5
ip address 10.127.123.1 255.255.255.0
dhcp server apply ip-pool 50
#
interface Vlan-interface70
description L7
ip address 10.127.124.1 255.255.255.0
dhcp server apply ip-pool 70
#
interface Vlan-interface100
description L10
ip address 10.127.125.1 255.255.255.0
dhcp server apply ip-pool 100
#
interface Vlan-interface200
description Wifi
ip address 10.127.127.1 255.255.255.0
dhcp server apply ip-pool 200
#
interface GigabitEthernet1/0/1
port link-mode bridge
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
description Bridge From Router-Firewall 10.127.120.1
port link-type trunk
port trunk permit vlan all
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/3
port link-mode bridge
description GOVNET TO STREAMYX 10.127.120.13 to 192.168.1.1
port link-type trunk
port trunk permit vlan all
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/4
port link-mode bridge
description KOSONG
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/5
port link-mode bridge
description appkel3.moh.gov.my 10.127.120.5
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/6
port link-mode bridge
description appkel2.moh.gov.my 10.127.120.4
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/7
port link-mode bridge
description KOSONG
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/8
port link-mode bridge
description DNS & FIREWALL OUT
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/9
port link-mode bridge
description DHCP Server 10.127.120.3 old server
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/10
port link-mode bridge
description TEST TO GITN GATEWAY 10.127.120.10
port link-type trunk
port trunk permit vlan all
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/11
port link-mode bridge
description VLan 200 Wireless Test
port link-type trunk
port trunk permit vlan all
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/12
port link-mode bridge
description Kosong
port link-type trunk
port trunk permit vlan all
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/13
port link-mode bridge
description LINK TKT 5 SWITCH 1 10.127.120.150
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/14
port link-mode bridge
description LINK TKT 5 SWITCH 2 10.127.120.151
port link-type trunk
port trunk permit vlan all
speed auto 1000
#
interface GigabitEthernet1/0/15
port link-mode bridge
description LINK TKT 5 SWITCH 4 10.127.120.153
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/16
port link-mode bridge
description LINK TKT 5 SWITCH 3 To KA 10.127.120.152
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/17
port link-mode bridge
description LINK TKT 5 SWITCH 6 10.127.120.155
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/18
port link-mode bridge
description LINK TKT 5 SWITCH 2 10.127.120.151
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/19
port link-mode bridge
description LINK TKT 5 SWITCH KA 10.127.120.158-S1&159-S2
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/20
port link-mode bridge
description LINK TKT 5 SWITCH 5 10.127.120.154
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/21
port link-mode bridge
description GUNA FIBER PORT 27
shutdown
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/22
port link-mode bridge
description KOSONG
shutdown
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/23
port link-mode bridge
description GUNA FIBER PORT 28
shutdown
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/24
port link-mode bridge
description GUNA FIBER PORT 26
shutdown
undo ndp enable
undo ntdp enable
#
interface GigabitEthernet1/0/25
port link-mode bridge
description KOSONG
shutdown
#
interface GigabitEthernet1/0/26
port link-mode bridge
description LINK TKT 2
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/27
port link-mode bridge
description LINK TKT 7
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
interface GigabitEthernet1/0/28
port link-mode bridge
description LINK TKT 10
port link-type trunk
port trunk permit vlan all
flow-control
loopback-detection enable
#
ospf 1
area 0.0.0.0
network 10.127.120.0 0.0.0.255
network 10.127.122.0 0.0.0.255
network 10.127.123.0 0.0.0.255
network 10.127.124.0 0.0.0.255
network 10.127.125.0 0.0.0.255
network 10.127.127.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 10.127.120.10

Any solution. Thanks

 

0 Kudos
3 REPLIES 3
Ivan_B
HPE Pro

‎01-05-2021 10:44 PM

‎01-05-2021 10:44 PM

Re: HP A5500-24G EI Switch

Hi @hishammohd !

What about DHCP address assignment in vlan 20, vlan 50, vlan 70, vlan 100 and vlan 200? Do hosts get correct IP and default gateway? Can they ping their default gateway in respective VLAN?

Could you provide output from following commands:

display ip routing-table
display ospf peer
tracert 8.8.8.8
tracert -a 10.127.122.1 8.8.8.8
tracert -a 10.127.123.1 8.8.8.8

 

 

I am an HPE employee

Accept or Kudo

0 Kudos
hishammohd
Occasional Visitor

‎01-05-2021 11:58 PM - edited ‎01-06-2021 12:02 AM

‎01-05-2021 11:58 PM - edited ‎01-06-2021 12:02 AM

Re: HP A5500-24G EI Switch

Hi. Thank for rely. this is my result. 

 

[JKN_KELANTAN_CS]display ip routing-table
Routing Tables: Public
Destinations : 15 Routes : 15

Destination/Mask Proto Pre Cost NextHop Interface

0.0.0.0/0 Static 60 0 10.127.120.10 Vlan1
10.127.120.0/23 Direct 0 0 10.127.120.12 Vlan1
10.127.120.12/32 Direct 0 0 127.0.0.1 InLoop0
10.127.122.0/24 Direct 0 0 10.127.122.1 Vlan20
10.127.122.1/32 Direct 0 0 127.0.0.1 InLoop0
10.127.123.0/24 Direct 0 0 10.127.123.1 Vlan50
10.127.123.1/32 Direct 0 0 127.0.0.1 InLoop0
10.127.124.0/24 Direct 0 0 10.127.124.1 Vlan70
10.127.124.1/32 Direct 0 0 127.0.0.1 InLoop0
10.127.125.0/24 Direct 0 0 10.127.125.1 Vlan100
10.127.125.1/32 Direct 0 0 127.0.0.1 InLoop0
10.127.127.0/24 Direct 0 0 10.127.127.1 Vlan200
10.127.127.1/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

[JKN_KELANTAN_CS]display ospf peer

OSPF Process 1 with Router ID 10.127.120.12
Neighbor Brief Information
[JKN_KELANTAN_CS]tracert 8.8.8.8
traceroute to 8.8.8.8(8.8.8.8) 30 hops max,40 bytes packet, press CTRL_C to break
1 10.127.120.1 3 ms 2 ms 2 ms
2 10.127.120.10 3 ms 5 ms 4 ms
3 10.230.117.9 6 ms 3 ms 2 ms
4 10.251.254.97 14 ms 14 ms 15 ms
5 10.251.254.99 15 ms 17 ms 19 ms
6 203.62.1.1 19 ms 120 ms 17 ms
7 210.187.58.57 16 ms 16 ms 18 ms
8 * *
[JKN_KELANTAN_CS]tracert -a 10.127.122.1 8.8.8.8
traceroute to 8.8.8.8(8.8.8.8) 30 hops max,40 bytes packet, press CTRL_C to break
1 * *
[JKN_KELANTAN_CS]tracert -a 10.127.123.1 8.8.8.8
traceroute to 8.8.8.8(8.8.8.8) 30 hops max,40 bytes packet, press CTRL_C to break
1 *

0 Kudos
Ivan_B
HPE Pro

‎01-06-2021 12:33 AM

‎01-06-2021 12:33 AM

Solution

Re: HP A5500-24G EI Switch

It's quite strange that according the routing table the next-hop is 10.127.120.10, but in reality the first answer on traceroute arrives from 10.127.120.1... Not sure why is it so, but in overall the issue is quite obvious - your next-hop router doesn't have reverse route to your Vlan 20, 50, 70, 100 and 200 subnets. Do you see difference between first tracert output and others? When you issued the first command, your switch used 10.127.120.12 as source IP (Vlan1 IP address), second and third time we forced it to use Vlan20 and Vlan50 IPs and it's the point when next hop router started to drop packets. It simply didn't know how to reach 10.127.122.1 ro 10.127.123.1 in order to deliver ICMP response packet.

What you need to do is to add static route on that device (the one with IP address 10.127.120.1) to make it aware that networks

10.127.122.0/24
10.127.123.0/24
10.127.124.0/24
10.127.125.0/24
10.127.127.0/24

are reachable through 10.127.120.12 (Vlan1 of your switch). Also, since there are many routers inside your network before the Internet gateway, all routers between 5500 and Internet gateway should know how to reach your subnets, otherwise the return traffic from Internet to those subnets will be dropped.

This should help.

 

I am an HPE employee

Accept or Kudo

The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.