Codestone
asked on
cannot route between 2 HP v1910 switches on Etherflow WAN
Hi All
Let me explain my scenario, I have a wires only wan provided for me by my ISP which is a hub and spoke WAN for three sites, each of the spokes has a VLAN, one is VLAN 20 and the other is VLAN 30. The ISP has sent me the following info:
Hub
Etherway port should be configured as Trunk port using dot1q (802.1q) encapsulation.
VLANs for each Etherflow (in this case 20 + 30) plus the native vlan (default 1) should be allowed through this port.
Example Cisco Config based on above diagram
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,20,30
switchport mode trunk
Spokes
The spokes must also be configured as trunk ports using dot1q encapsulation. However because the BT network strips the VLAN tag from the frame, the native VLAN must be changed from the default (1) to the VLAN for that spoke (20 for spoke 1, 30 for spoke 2)
Example Cisco Config for spoke 1 based on above diagram
interface FastEthernet0/20
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 20
I have configured the hub with this config
Hub Site
#
version 5.20 Release 1108
#
sysname PP3-RT06
#
domain default enable system
#
telnet server enable
#
ip ttl-expires enable
#
igmp-snooping
#
vlan 1
description DMZ
igmp-snooping enable
#
vlan 20
description Etherflow site A
#
vlan 30
description Etherflow Site B
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admin
authorization-attribute level 3
service-type ssh telnet terminal
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 10.11.11.1 255.255.255.0
#
interface GigabitEthernet1/0/1
stp edged-port enable
#
interface GigabitEthernet1/0/2
stp edged-port enable
port link-type trunk
port trunk permit vlan 1
stp edged-port enable
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 20 30
stp edged-port enable
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 20 30
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
Return
The spoke site has the following config
version 5.20 Release 1108
#
sysname PPB-RT01
#
domain default enable system
#
ip ttl-expires enable
#
vlan 1
description DMZ
#
vlan 30
description Etherflow
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admin
authorization-attribute level 3
service-type ssh telnet terminal
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 10.11.11.49 255.255.255.0
#
interface GigabitEthernet1/0/1
stp edged-port enable
#
interface GigabitEthernet1/0/2
stp edged-port enable
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 30
stp edged-port enable
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 30
stp edged-port enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
Return
The two sites are on the same subnet for their VLAN 1 interface but for some reason I cannot ping the other site. I am at a lost as to what the problem is and the ISP is not much help so any help would be great
Let me explain my scenario, I have a wires only wan provided for me by my ISP which is a hub and spoke WAN for three sites, each of the spokes has a VLAN, one is VLAN 20 and the other is VLAN 30. The ISP has sent me the following info:
Hub
Etherway port should be configured as Trunk port using dot1q (802.1q) encapsulation.
VLANs for each Etherflow (in this case 20 + 30) plus the native vlan (default 1) should be allowed through this port.
Example Cisco Config based on above diagram
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,20,30
switchport mode trunk
Spokes
The spokes must also be configured as trunk ports using dot1q encapsulation. However because the BT network strips the VLAN tag from the frame, the native VLAN must be changed from the default (1) to the VLAN for that spoke (20 for spoke 1, 30 for spoke 2)
Example Cisco Config for spoke 1 based on above diagram
interface FastEthernet0/20
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 20
I have configured the hub with this config
Hub Site
#
version 5.20 Release 1108
#
sysname PP3-RT06
#
domain default enable system
#
telnet server enable
#
ip ttl-expires enable
#
igmp-snooping
#
vlan 1
description DMZ
igmp-snooping enable
#
vlan 20
description Etherflow site A
#
vlan 30
description Etherflow Site B
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admin
authorization-attribute level 3
service-type ssh telnet terminal
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 10.11.11.1 255.255.255.0
#
interface GigabitEthernet1/0/1
stp edged-port enable
#
interface GigabitEthernet1/0/2
stp edged-port enable
port link-type trunk
port trunk permit vlan 1
stp edged-port enable
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 20 30
stp edged-port enable
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 20 30
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
Return
The spoke site has the following config
version 5.20 Release 1108
#
sysname PPB-RT01
#
domain default enable system
#
ip ttl-expires enable
#
vlan 1
description DMZ
#
vlan 30
description Etherflow
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
local-user admin
authorization-attribute level 3
service-type ssh telnet terminal
#
stp mode rstp
stp enable
#
interface NULL0
#
interface Vlan-interface1
ip address 10.11.11.49 255.255.255.0
#
interface GigabitEthernet1/0/1
stp edged-port enable
#
interface GigabitEthernet1/0/2
stp edged-port enable
interface GigabitEthernet1/0/15
port link-type trunk
port trunk permit vlan 1 30
stp edged-port enable
#
interface GigabitEthernet1/0/16
port link-type trunk
port trunk permit vlan 1 30
stp edged-port enable
#
load xml-configuration
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 15
authentication-mode scheme
#
Return
The two sites are on the same subnet for their VLAN 1 interface but for some reason I cannot ping the other site. I am at a lost as to what the problem is and the ISP is not much help so any help would be great
ASKER
Ok so I have changed the native VLAN to 30 but it still doesnt work. what i have noticed is that if i change the trunk to pvid to 30 it doesnt tagged port 1 which has been set as vlan 30 access, I assume it is becasue you dont need to tag a port which is on the same vlan. But if I tag vlan 30 to my trunk port, it changes the trunk port to pvid 1. either way I still cant ping the other site
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You did not seem to change the native VLAN ID on the switch at each "spoke" location. For the location VLAN 20, I think you need to have:
port trunk pvid vlan 20
port trunk permit vlan 20
and then at the location VLAN 30:
port trunk pvid vlan 30
port trunk permit vlan 20