Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1506
  • Last Modified:

Procurve: VLAN routing problem

Hi,

I have two 5412zl connected with a trunk.

- Internet == firewall ==backbone== 5412zl Nr.1 =LACP= 5412zl Nr.2

What can I do?

- I can reach both switches from outside, enter web interface...
- telneted on both switches themselves, I can successfully ping www.hp.com
- When I connect my notebook to one of the ports with vlan 104 enabled, I get IP,gateway, DNS address vie the DHCP server.
- From the laptop, I can ping both HP 5412zl switches
- From the laptop, I can´t ping other switches, being on the same subnet, as the 5412zls
- From the laptop, T can´t reach internet or other servers/switches within my network
- Btw, when I try to "ip routing" I lose connection from outside

This seems to be a routing problem, but I can´t find out what´s wrong




================5412zl Nr. 1=========================
trunk A21-A22,B21-B22 Trk1 LACP
ip default-gateway 192.23.137.110
timesync sntp
sntp unicast
vlan 1
name "DEFAULT_VLAN"
untagged A1-A20,A23-A24,B1-B20,B23-B24,C1-C24,D1-D24,E1-E24,F1-F24,Trk1
ip address 192.23.250.130 255.255.255.0
no untagged G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
exit
vlan 300
name "VoIP"
qos priority 6
tagged A1-A4,Trk1
voice
no ip address
exit
vlan 104
name "User1"
untagged G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
ip helper-address 192.23.240.33
ip address 192.23.104.170 255.255.255.0
tagged Trk1
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
dhcp-snooping
dhcp-snooping authorized-server 192.23.240.33
dhcp-snooping vlan 1
sntp server priority 1 192.23.240.33
ip dns server-address priority 1 192.23.137.1
ip dns server-address priority 2 192.23.137.2
ip route 0.0.0.0 0.0.0.0 192.23.137.110
interface A1
dhcp-snooping trust
exit
interface A2
dhcp-snooping trust
exit
interface A3
dhcp-snooping trust
exit
interface A4
dhcp-snooping trust
exit
interface Trk1
dhcp-snooping trust
exit
spanning-tree
spanning-tree Trk1 priority 4
vlan 104
ip rip 192.23.104.240
exit
no tftp6 client
no tftp6 server
loop-protect G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
loop-protect trap loop-detected
loop-protect disable-timer 60
password manager
password operator






====================5412zl Nr. 2===============================



trunk A21-A22,B21-B22 Trk1 LACP
ip default-gateway 192.23.137.110
timesync sntp
sntp unicast
vlan 1
name "DEFAULT_VLAN"
untagged A1-A20,A23-A24,B1-B20,B23-B24,C1-C24,D1-D24,E1-E24,F1-F24,Trk1
ip address 192.23.250.131 255.255.255.0
no untagged G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
exit
vlan 300
name "VoIP"
qos priority 6
tagged Trk1
voice
no ip address
exit
vlan 104
name "User1"
untagged G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
tagged Trk1
no ip address
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
dhcp-snooping
dhcp-snooping authorized-server 192.23.240.33
dhcp-snooping vlan 1
sntp server priority 1 192.23.240.33
ip dns server-address priority 1 192.23.137.1
ip dns server-address priority 2 192.23.137.2
ip route 0.0.0.0 0.0.0.0 192.23.137.110
interface A1
dhcp-snooping trust
exit
interface A2
dhcp-snooping trust
exit
interface A3
dhcp-snooping trust
exit
interface A4
dhcp-snooping trust
exit
interface Trk1
dhcp-snooping trust
exit
spanning-tree
spanning-tree Trk1 priority 4
no tftp6 client
no tftp6 server
loop-protect G1-G24,H1-H24,I1-I24,J1-J24,K1-K24,L1-L24
loop-protect trap loop-detected
loop-protect disable-timer 60
password manager
password operator
0
Michael450
Asked:
Michael450
  • 3
1 Solution
 
jburgaardCommented:
Asume S1 (and not s2) has routing enabled:
Then clients must have S1-vlan-IP's as DGW (set in DHCP)
-also same netmask as respective vlan.
Fx all clients in vlan 104 should have IP's like 192.23.104.x mask 255.255.255.0 and DGW 192.23.104.170

Next hop given by:
ip route 0.0.0.0 0.0.0.0 192.23.137.110
Here a route back to 192.23.104.0 must exist:
ip route 192.23.104.0  255.255.255.0  192.23.250.130

If instead the routing is taking place only on the 192.23.137.110 router
then then vlans should be defined here and DGW's point here.
And by means of tagging the links leading to this router should cary vlans to this device.

hth
0
 
jburgaardCommented:
Did my input help?
0
 
jburgaardCommented:
...deleted for the following reason: 'Cancel'
??
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now