Help with creating 4 VLANS (an IP/subnet query) on a HP 2530-24G Switch.

Posted on 2013-05-21
Last Modified: 2013-05-30

We are implementing a SAN - we need to create 4 VLANS on a HP 2530-24G Switche.

Our current network/subnet/IP.

Main LAN IP: -  - (Mask

We want create 4 VLANS with the follow IP/Mask


The default VLAN :
ID: 1

Ok, to the problem:

We can create VLAN1 just fine.  When we try to create VLAN2, it will not let us save the configuration, it states a configuration error, but we cannot find any information for this error.

Its like it takes the first VLAN IP/Mask fine, but will not let us replicate this.

Any ideas?


Clearly doing something wrong here, so could you assist an let us know what/why.
Question by:SpencerKarnovski
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6

Expert Comment

ID: 39184063
the error might be in fact, that your IPs are in the same subnet.
mask for all should be (i.e. 24 bits, and not 16 as you have written).

Author Comment

ID: 39184084
Am I being a bit stupid here, but;


are two separate subnets?

Author Comment

ID: 39184303
Furthermore, are you specifying that the subnet mask should be the default subnet mask for class c, when in reality you do not have to use a default subnet mask - you can use any, just as long as they are all the same.
Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!


Expert Comment

ID: 39186061
if they are in separate subnets depends on subnet mask.
i.e. and are in same subnet... only if mask is less than 31 bit. (= if the netmask is 31 or 32 bits, these two will be on different subnets.
 on the other hand, and will be in the same subnet, if mask is 8 bits or less. i hope you got the idea.

as for second question - you definately must specify mask, if it differs from default (and i would specify it even if it is the default - just to be sure). after all, we're long time in "classless subnet" world. i'm not that profi with HP switches, hower, in general case, if you have IPs in different vlans (broadcast domains), and these IPs are in one subnet (or subnet is specified wrong, so one of the ends beleaves they are on the same subnet), they will not reach each other. the one that thinks that target IP is on the same subnet will try to reach it directly, without using gateway (IP stack works that way, it's one of basic concepts), and will not pass over the vlan border. i assume, that HP switches are smart enough to not let you create several vlans with IPs in one subnet, at least because this will definately introduce connectivity problems. (just tested the config with Extreme Networks switch, and, hey, it said in cleartext

* RACK_1_Summ200:5 # conf vla test1 IPA
IP interface for VLAN test1 has been created.
IP address =,   Netmask =
* RACK_1_Summ200:6 # conf vla test2 IPA
ERROR: Address is on the same net as VLAN test1

so, as your ProCurve are more or less same quality, switch just refuses to make thing, that most probably will not work.

i think, subnet mask (in your specific case) may be anything 24+ bits, if the subnets are big enough to accomodate all your clients. or .128 (or even .252 (30 bits), if one client IP is enough for that subnet) should definately work.

hope this helps.

Author Comment

ID: 39187071
Thanks for the help here - please assist me with this basic subnetting question:

What happens to the 3rd octet when subnetting a class C address.

We have an IP address: /24

Say we want to create subnets with 16 subnets, 16 hosts.


1111 1111. 1111 1111. 1111 1111. 0000 0000 /24 - what we have now.
1111 1111. 1111 1111. 1111 1111. 1111 0000 /28 ( - borrowing 4 bits.

2^4 = 16 -2 = 14 subnets
2^4 = 16 - 2 = 14 hosts.
256 - 240 = 16, our subnet ranges.

 16, 32,  48, 64, 80, 96 etc..   Not using the network address, broadcast address:

I see the first valid IP address as: /28

So here is where I'm getting confused, how does this apply to the original IP address of /24 - specifically the 3rd octet.  Subnetting produces a subnet ID and host ID.

As there can only be 4 octets in an IP address, the .10.1 should be changed to include the new subnet ID and host ID?    Sorry if im confusing you - just do not know what should happen with the 3rd octet - I was always told that the default 3 octets of a class c network address should not be changed, you are only changing the 4th host octet.  If that is true, then how do you show the newly created subnet ID + the host.  They both cannot be displayed using the 4th octet.

Author Comment

ID: 39187072
This does relate to my original question - as once I have this done, the configuration error on the switch should be removed and I can configure the VLANS.

Accepted Solution

corower earned 500 total points
ID: 39187363
3rd octet stays as part of network address.
if you are subnetting (spliting), then third (same as first and second) octet stays intact. if you use 28bit mask, then first usable address (of first split subnet) is second subnet starts at, third - at, and so on. first usable address in each of these subnets will be,, etc.

to get it easyer, imagine whole IP range (network/subnet) as a round pie. when you apply one bit mask, you split it in half. next bit splits respective half into smaller halves, and so on. you may apply next bit only to one of halves, and thus have larger and smaller subnets. and octet boundaries are irrelevant, it's just easyer for humans to read decimal.

so: ( 192.168.10=ABC ) = + ->
== ABC.0/26 + ABC.64/26 + ABC.128/28 + ABC.144/28 + ABC.160/27 + ABC.192/26

is now your confusion solved ? :)

Author Comment

ID: 39187543
Get it - thanks so much!

So, the actual subnet ID (network ID) is of course - then the hosts for that subnet follow as .17, 18 and so on till you reach the broadcast ID.  Then next is the Subnet ID/Network for the next subnet that was created.

Thank you for your time an analogy, best extremely helpful.  I feel you have answered my initial question, I do still have to setup 4 VLANS etc.. But will ask another question for that,

Wish I could work with you for a day, could learn loads - my network manager, lets say does not know much about sub-netting/VLANs!

Expert Comment

ID: 39187577
as you look familiar with binary numbers, here is the part where you had it wrong -

1111 1111. 1111 1111. 1111 1111. 0000 0000 /24 - what we have now.
1111 1111. 1111 1111. 1111 1111. 1111 0000 /28 ( - borrowing 4 bits.

our network = (
192      . 168      . 10 .   
1100 0000. 10101000.  0000 1010. 0000 0000   ==
^------------------------------^             this is network part. 

1100 0000. 10101000.  0000 1010. 0000 0000   ==
^------------------------------------^       /28, 1st subnet

1100 0000. 10101000.  0000 1010. 0001 0000   ==
^------------------------------------^ 	     /28, 2nd subnet

1100 0000. 10101000.  0000 1010. 0010 0000   ==
^------------------------------------^       /28, 3rd subnet

1100 0000. 10101000.  0000 1010. 1010 0000   ==
^------------------------------------^       /28, 10th subnet
                                 ^^^^        <-- SUBNET bits
                                      ^^^^ ----- host bits

Open in new window

it is common error if networks are not split on octet boundaries. IP address is not 4 separate octets, it's a 32bit word. it's just easyer to read (by humans) as 4 octets split by dots, than 32 bits, or 8 hex chars, or whatever. for IPv6 we use six 4-hex blocks, split by colons, just to keep it compact and still readable. IP addresses easyly might be written any other way, like C0A80A30 or 3232238128 instead of (just ping 030052005060, and you will see, that unsplit octal numbers are not worse nor better than "normal" decimal, just harder to read/memorise).

Expert Comment

ID: 39187606
back to initial question --

sorry, that i can not provide you with exact commands, however...

1) delete vlan1
2) recreate it with correct subnet mask (/24 or longer, if you plan to use those IPs that you initially mentioned).
3) create next vlan, just look, that they do not overlap.
4) repeat #3 until all vlans are created :)
5) check that (inter-vlan) routing is enabled.
6) save and logoff from switch
7) pour beer/coffee/whatever and chill out :)

Author Comment

ID: 39187672
Wow, thanks again.  Very helpful and to the point.   I shall use this post as a study guide!

Another quick question:  one thing I have not read, anywhere - although I'm just starting my research is..

"1) delete vlan1", I assume you are talking about the default VLAN - this would, could, be a reason for the configuration issues.  As we did try to add just a normal class C network, IP and default mask, and the switch still would not save the configuration.  I have attached a pic of the default_VLAN.  

Again, I'm just playing around with this - I do not have to have the VLAN/SAN setup for another 5 weeks.   So, will stick to red bull, until everything goes live.  Then I will get nakid lapdancers to serve me beer all day!

Expert Comment

ID: 39192563
by "delete vlan1" i ment - "delete the first vlan with wrongly set IP". of course, you may just change IP settings for that vlan, no need to delete. :)  do not know, what is the proper command for your HP switch (i prefer Extreme Networks hardware, it's kinda more human-oriented), however, most probably you can change ip/netmask (just set them anew). Then create other vlans. i've seen quite a lot of times, that default vlan is left intact, without IPs and with as little ports as possible and totaly unused vlan tag (like 4089), or left solely for management purposes. some vendors allow management only from default vlan.
BTW, i just looked up, what your switches are able to do. as they are "fully managed L2 switches", it looks, that your switches are not able to route - and you can have IPs for switch only in one vlan, only for management.
also, what i see - your vlans are marked as "port-based". basically, that means, that switch is split to to several portgroups, traffic is not marked, and portgroup may not extend to other switch. are you sure, you want this ? :)

Author Comment

ID: 39207011
Hello Corower,

Thank you for continuing your assistance even though the question has been closed and points assigned.  Your assistance is warmly received.

" as they are "fully managed L2 switches", it looks, that your switches are not able to route"

Could you simplify this comment?  Will not be able to route in regards to?  Routing traffic from the SAN box, through each VLAN to the host server?  Or not be able to route traffic between each of the separated VLANs located on the actual switch itself?  


"also, what i see - your vlans are marked as "port-based". basically, that means, that switch is split to to several portgroups, traffic is not marked, and portgroup may not extend to other switch. are you sure, you want this ? :) "

I shall look into this :)

Just need to figure out what it actually means.  lol, knew I should have gone for my CCNA instead of my MCSA :)

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VTP Setup 4 36
Configure 2 Servers with Crossover cable 3 46
Network latency question 9 85
Configuring Cisco EtherChannel on SG350xg switch and VMWare 5 21
This article is in response to a question ( here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question