We help IT Professionals succeed at work.

VLAN Configuring on a Powerconnect 5324

Hi all,

I am trying to setup a VLAN configuration on a dell powerconnect 5324 switch. I would like to setup 3 VLAN's, as an example:

VLAN 1 will be ports 2-6,
VLAN 2 will be ports 7-12,
VLAN 3 will be ports 13-18

I would then like ports 19-24 to have access to all three VLANs. For example, if I had a server connected to port 20, it would pull an IP from one of the VLANS.

Please let me know if I can provide any more information
Comment
Watch Question

Commented:
I would say, config should be like this:

config

vlan database
vlan 2,3
exit
int  range ethernet 1/g(7-12)
switchport access vlan 2
exit
int  range ethernet 1/g(13-18)
switchport access vlan 3
exit
int range et 1/g(19-24)
switchport mode trunk
end
int range et 1/g(19-24)
swichport trunk allowed vlan add 2,3
exit

but please take in mind, that ports 19-24 are tagged for all vlans, so they are most likely supposed to other switches real or virtual.

Author

Commented:
Should the PVID's be configured for the ports?
Commented:
nope

Author

Commented:
I have implemented the config that you have suggested, and to me it looks like it should work. Only problem is that I am still unable to pull an IP address from ports 19-24. Right now I have a cable coming in from my LAN switch to port 2(VLAN 2), and I have a cable coming from my Windows 2008 server which plugs into port 20. Shouldn't the server be able to pull an IP since port 20 has access to VLAN 2?

My assumption is that I need to provide the NIC with a VLAN ID number, I have done this but still no luck.
Commented:
I would say, that for your server you don't need tagged port at all.
just decide to which network server should belong to and use simple access port in appropriate vlan
Commented:
tagged ports are used by servers when you need to provide several networks directly to the server: for example hyper-v with one nic. in this case you use vendor specific tools (hp network utility, intel proset etc) to create two virtual adapters on top of physical one with several vlans - for guest data and for host management.

in your case I'd recommended to use subnet for PCs and subnet for servers (in this case each vlan has it's own subnet). then configure switch (if possible) or router to route traffic between these subnets.

Author

Commented:
Funny that you mention hyper-v, because that is exactly what I am trying to do. I am trying to connect certain NICs on ports 19-24, create a virtual switch associated with said NIC, then attach network connections on the virtual machines associated with the switches. I believe this is the section that I am getting confused on.

I am using the Broadcom Advanced Control Suite 3, but when I go to assign the virtual switch a VLAN ID, I notice the following alert "Enables VLAN Tagging and configures the VLAN ID when Priority & VLAN ENabled is selected(which it is). The range for the VLAN ID is 1 to 4094 and must match the VLAN tag value on the connected switch. A value of 0 (default) in this field disables VLAN tagging."

I would assume that this should be set to 0, but I also feel like this should be turned on.
Commented:
I was simply watching this video about the subject recently:
http://blogs.msdn.com/b/taylorb/archive/2010/06/14/teched-2010.aspx
this is about hyper-v in 2008 r2 sp1

Unfortunately I don't have real exp with broadcom nics + vlans + hyper-v

however in general, broadcom control suite should create you number of virtual nics, each for every vlan (at least it is the case with HP tools)
then you take virtual switch manager and configure external virtual networks for every virtual nic created for broadcom. in this case hyper-v itself if unaware about vlans at all. it has several nics, connected to virtual switches.

if you have several nics and can afford to use each one nic for one vlan, it will be much easier for you to do the task without using broadcom control suite.

Author

Commented:
Turns out the initial configuration that you provided me with worked all along. I needed to refresh my virtual switch to detect changes. I do have a couple more questions that I'm hoping you can shed some light on:

Port 1 is configured as the following:
VLAN ID 1
Access
PVID 1
It essentially has access to ports 1, 19-24. I do not want it to have access to ports 19-24, how would I go about limiting access to only port 1?

I have been asked to create a LAG(3 lags actually) between ports 19-24 as we will be using teaming on the NIC's. I know that for the teams, we will be using LACP. Are there any particular settings I should be concerned with when editing these settings?

Thanks again for all of your help
Commented:
unfortunately you can't deny vlan 1 from ports. it will be there if port is tagged. It is a software limitation, which I have seen in many switches.
As a result traffic from vlan 1 will be untagged on ports 19-24, while vlans 2 and 3 will be tagged. It is by design.
As a solution, just don't create virtual switch for vlan 1 on the server.

It is great, that you have decided to use LACP, however please bear in mind that vlan there is passive and active roles for LACP participants. I have seen situations, when you have to explicitly specify which side of a lag will be passive and which - active.
Active/passive defines which of the sides propose/accept aggregation parameters.
you can configure switch to be lacp active and server to be lacp passive.
and please also take in mind, that there are different ways to distribute traffic across aggregated ports: layer 2 (src and dst MAC based), L3 (src-dst IP based) and L4 (src-dst ports are used).
And when you have only two hosts (one src-dst IP/mac/port pair) you can't get more bandwidth the a single link of a LAG can provide.

If you don't have any options to select distribution method, most likely it is L2.


Author

Commented:
When I go to assign a LAG to ports 19-24, I receive an error message that they belong to a VLAN. Do I even need to configure the lag, or do I just need to configure the LACP? I was under the assumption that LACP aggregates a port to a LAG.
Commented:
hi!
here is a example for you:
console#configure
console(config)#interface port-channel 1
console(config-if-ch1)#description lag_1
console(config-if-ch1)#exit
console(config)#interface range ethernet 1/g19-24
console(config-if-1/g18)#channel-group 1 mode auto  <--or may be passive or active
console(config-if-1/g18)#exit

and then you configure all vlans for "port-channel 1" interface
int port-channel 1
switchport mode trunk
end
int port-channel 1
swichport trunk allowed vlan add 2,3
exit

Author

Commented:
Dude, thank you so much. You have been extremly helpful