HPE Community
WAN Routing
1832242 Members
2843 Online
110041 Solutions
New Discussion

Router to Router

 
SOLVED
Go to solution
ABZ78
Advisor

‎12-31-2020 11:07 AM

‎12-31-2020 11:07 AM

Router to Router

I am not sure if this belongs in LAN or WAN routing but here, we go.

What should routing look like given the following scenario?

- 30 physical locations: each location has a HP5412zl2 with IP routing enabled.

- All locations lead to a single 5412zl2 via 10GB dark fiber for DHCP, DNS, authentication, Internet access, shared drives, etc.

- All locations have 10 HP 2920's behind each 5412zl2 and consists of approx. 800 employees per site.

The IP architecture looks like such:

CORE Site

 - Default VLAN  - 10.1.0.0/19  

- Voice VLAN     -  10.6.1.0/24

- Cameras VLAN - 10.150.1.0/24

 

2nd Site

 - Default VLAN  - 10.2.0.0/19  

- Voice VLAN     -  10.6.2.0/24

- Cameras VLAN - 10.150.2.0/24

 

30th Site

 - Default VLAN  - 10.30.0.0/19  

- Voice VLAN     -  10.6.30.0/24

- Cameras VLAN - 10.150.30.0/24

 

I am not sure if I am asking the correct questions as I “assume” HP requires VLANs on the ports that uplink to each site.

Question 1: Would you create 30 VLANs on the Core HP5412 and set the default route of the remote 5412’s to the core router IP?

Question 2: Would you create 1 VLAN on the Core HP5412 and add all 30 sites as untagged for that VLAN?

Question 3: How does Spanning Tree play into this?

0 Kudos
1 REPLY 1
parnassus
Honored Contributor

‎01-02-2021 08:52 AM - edited ‎01-02-2021 09:48 AM

‎01-02-2021 08:52 AM - edited ‎01-02-2021 09:48 AM

Solution

Re: Router to Router

Hello!

have you considered instead this fourth question:

Would I create Layer 3 connections between satellite sites and the central site using dedicated transport VLANs (like dealing with an Hub and Spoke topology)?

Satellite sites and the central site will be then routed, this respectively for each (Central-Satellite) pair, via dedicated Point-to-Point /31 networks (no STP issues will arise <- each site will be configured to be an isolated Spanning Tree with its own settings)...OK...this "simple" (quite brutal) approach will require you to define some static routes on the centra site L3 switch (since you can't have a catch all for all networks available on each site you will necessarily need a static route for each network belonging to that specific site), on the other hand on each satellite site L3 switch will require you to configure just one static route to route all traffic with destinations any non directly connected network to the central L3 switch via the dedicated Point-to-Point /31 it shares with that L3 switch at central site.

Uplink on each satellite site L3 switch (and also respective ports on the central site L3 switch) needs to be untagged (or tagged, if you prefer) member of that particular Transport VLAN used for P2P.

There are for sure other more elegant solutions...the above is just an approach in the direction of keeping each site on its own.

 

I mean, supposing:

Central Site connects to Internet (via Route of Last Restor 0/0 via NHG using a Transport VLAN P2P /31, see below)
Satellite Sites have their various directly connected VLANs (L2 transported to downlinked HP 2920 switches)
Each Satellite site connects to Central site (L3 switch at Satellite site <-- dedicated P2P Transport VLAN --> L3 switch at Central site)
Each site develops its Spanning Tree
Each downlink (downlink seen by Central site, uplink seen by Satellite sites side) can be protected for Spanning Tree
Each downlink/uplink will be untagged (or tagged) member of the specific Transport VLAN P2P /31 used

Site 01 SVIs:

10.255.255.254/31 (Transport VLAN 2301) -> use 10.255.255.255 SVI for Site 01 <-> Next Hop Gateway L3 P2P to any other network
10.255.255.252/31 (Transport VLAN 2302) -> use 10.255.255.253 SVI for Site 02 <-> Site 01 L3 P2P
10.255.255.250/31 (Transport VLAN 2303) -> use 10.255.255.251 SVI for Site 03 <-> Site 01 L3 P2P
10.255.255.248/31 (Transport VLAN 2304) -> use 10.255.255.249 SVI for Site 04 <-> Site 01 L3 P2P
10.255.255.246/31 (Transport VLAN 2305) -> use 10.255.255.247 SVI for Site 05 <-> Site 01 L3 P2P
10.255.255.244/31 (Transport VLAN 2306) -> use 10.255.255.245 SVI for Site 06 <-> Site 01 L3 P2P
10.255.255.242/31 (Transport VLAN 2307) -> use 10.255.255.243 SVI for Site 07 <-> Site 01 L3 P2P
10.255.255.240/31 (Transport VLAN 2308) -> use 10.255.255.241 SVI for Site 08 <-> Site 01 L3 P2P
10.255.255.238/31 (Transport VLAN 2309) -> use 10.255.255.239 SVI for Site 09 <-> Site 01 L3 P2P
10.255.255.236/31 (Transport VLAN 2310) -> use 10.255.255.237 SVI for Site 10 <-> Site 01 L3 P2P
10.255.255.234/31 (Transport VLAN 2311) -> use 10.255.255.235 SVI for Site 11 <-> Site 01 L3 P2P
10.255.255.232/31 (Transport VLAN 2312) -> use 10.255.255.233 SVI for Site 12 <-> Site 01 L3 P2P
10.255.255.230/31 (Transport VLAN 2313) -> use 10.255.255.231 SVI for Site 13 <-> Site 01 L3 P2P
10.255.255.228/31 (Transport VLAN 2314) -> use 10.255.255.229 SVI for Site 14 <-> Site 01 L3 P2P
10.255.255.226/31 (Transport VLAN 2315) -> use 10.255.255.227 SVI for Site 15 <-> Site 01 L3 P2P
10.255.255.224/31 (Transport VLAN 2316) -> use 10.255.255.225 SVI for Site 16 <-> Site 01 L3 P2P
10.255.255.222/31 (Transport VLAN 2317) -> use 10.255.255.223 SVI for Site 17 <-> Site 01 L3 P2P
10.255.255.220/31 (Transport VLAN 2318) -> use 10.255.255.221 SVI for Site 18 <-> Site 01 L3 P2P
10.255.255.218/31 (Transport VLAN 2319) -> use 10.255.255.219 SVI for Site 19 <-> Site 01 L3 P2P
10.255.255.216/31 (Transport VLAN 2320) -> use 10.255.255.217 SVI for Site 20 <-> Site 01 L3 P2P
10.255.255.214/31 (Transport VLAN 2321) -> use 10.255.255.215 SVI for Site 21 <-> Site 01 L3 P2P
10.255.255.212/31 (Transport VLAN 2322) -> use 10.255.255.213 SVI for Site 22 <-> Site 01 L3 P2P
10.255.255.210/31 (Transport VLAN 2323) -> use 10.255.255.211 SVI for Site 23 <-> Site 01 L3 P2P
10.255.255.208/31 (Transport VLAN 2324) -> use 10.255.255.209 SVI for Site 24 <-> Site 01 L3 P2P
10.255.255.206/31 (Transport VLAN 2325) -> use 10.255.255.207 SVI for Site 25 <-> Site 01 L3 P2P
10.255.255.204/31 (Transport VLAN 2326) -> use 10.255.255.205 SVI for Site 26 <-> Site 01 L3 P2P
10.255.255.202/31 (Transport VLAN 2327) -> use 10.255.255.203 SVI for Site 27 <-> Site 01 L3 P2P
10.255.255.200/31 (Transport VLAN 2328) -> use 10.255.255.201 SVI for Site 28 <-> Site 01 L3 P2P
10.255.255.198/31 (Transport VLAN 2329) -> use 10.255.255.199 SVI for Site 29 <-> Site 01 L3 P2P
10.255.255.196/31 (Transport VLAN 2330) -> use 10.255.255.197 SVI for Site 30 <-> Site 01 L3 P2P

Example for static routes granting central<->satellites sites reachablility:

Site 01:
Route 10.2.0.0/19 via 10.255.255.252 SVI of Site 02 <-> Site 01 L3 P2P
Route 10.6.2.0/24 via 10.255.255.252 SVI of Site 02 <-> Site 01 L3 P2P
Route 10.150.2.0/24 via 10.255.255.252 SVI of Site 02 <-> Site 01 L3 P2P
Route 10.3.0.0/19 via 10.255.255.250 SVI of Site 03 <-> Site 01 L3 P2P
Route 10.6.3.0/24 via 10.255.255.250 SVI of Site 03 <-> Site 01 L3 P2P
Route 10.150.3.0/24 via 10.255.255.250 SVI of Site 03 <-> Site 01 L3 P2P
...
...
Route 10.30.0.0/19 via 10.255.255.196 SVI of Site 30 <-> Site 01 L3 P2P
Route 10.6.30.0/24 via 10.255.255.196 SVI of Site 30 <-> Site 01 L3 P2P
Route 10.150.30.0/24 via 10.255.255.196 SVI of Site 30 <-> Site 01 L3 P2P
....
Route 0.0.0.0/0 via 10.255.255.254 SVI of Next Hop Gateway L3 P2P to any other network

Site 02 SVI and Route:
Net 10.255.255.252/31 (Transport VLAN 2302) -> use 10.255.255.252 SVI for Site 02 <-> Site 01 L3 P2P
Route 0.0.0.0/0 via 10.255.255.253

Site 03 SVI and Route:
Net 10.255.255.250/31 (Transport VLAN 2303) -> use 10.255.255.250 SVI for Site 03 <-> Site 01 L3 P2P
Route 0.0.0.0/0 via 10.255.255.251

...
...

Site 30 SVI and Route:
Net 10.255.255.196/31 (Transport VLAN 2330) -> use 10.255.255.196 SVI for Site 30 <-> Site 01 L3 P2P
Route 0.0.0.0/0 via 10.255.255.197

IP addressing proposed above is just an example in order to keep things scalable, YMMV.


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.