HP 2920 switch VLAN routing

Hi all,

I have a stack of 4 x new HP 2920-24 switches that are connected using the HP stacking modules.

I now see 96 ports on my stack plus the ports on the 10GB modules in the back of each switch.

I have untagged all of the odd numbered ports and assigned them to VLAN25 and assigned ip to the VLAN.

I have also tagged all of the even numbered ports and assigned them to VLAN30 and then assigned ip to that VLAN.

I now want to set up routing between the two VLANs but cannot for the life of me work out how.

Originally I had tagged ALL of the ports but found I could not connect to the web interface of the stack using the url.  This is why I have now untagged them.

Could someone please advise me on what I need to do here?  There appears to be very little in the way of documentation available for this feature.

Many thanks.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Daniel HelgenbergerCommented:

you need to enable ip routing gloabally and set the subnets for each VLAN (please double check the subnets, I assumed /24):
ip routing
vlan 35
ip address
vlan 30
ip address
show ip route

Open in new window

The VLANs should be shown as 'connected' now.
This should do the trick for inter-vlan routing...
HowcoAuthor Commented:
Hi Helge,

That is exactly what I have done already.  At least you have confirmed this.

The only other thing I can think of is, is it not correct that I have tagged all of the ports in VLAN30?  I had to mark the ports in VLAN25 as untagged or I lost connection to the web interface.

Should I mark all of the ports as untagged?  How have you got yours set?

Also, if they are all set as untagged and they do connect from one subnet to the other and vice-versa, is this proper routing i.e. broadcasts will not be routed; which is what I am trying to achieve?

Thanks for your reply.  I was starting to bang my head on the wall :o)
HowcoAuthor Commented:
BTW - They did say connected. I forgot to add that at the beginning of my reply.  So tagged or untagged they still say connected.
Do You Have a Trusted Wireless Environment?

A Trusted Wireless Environment is a framework for building a complete Wi-Fi network that is fast, easy to manage, and secure.

Daniel HelgenbergerCommented:
How do you test inter vlan routing in your setup?

I would suggest to untag one port for each VLAN. Connect a device, set the IP, and as gateway set the IP of the switch VLAN 192.168.[25|30].242 in your case.

Can you now ping the device from the other VLAN?

Note: to my knowledge you need to enable ip routing on every switch as well as set VLAN IPs.
HowcoAuthor Commented:
Hi Helge,

I tried that yesterday and yes it does prove that the routing works.  However, this means we would need to put the 6 IP addresses of the 2 x Vlan, 3 x stacks as gateways for ALL of the devices on the network including DHCP and static devices.

Should I really need a GW setting?  I thought that as the first hop was the switch, the switch would then automatically work out where to send the next hop.  

Thanks again.  Still looking to see if there is something I can set on the switches to say go to next hop if not the same VLAN.

Daniel HelgenbergerCommented:
This is the reason why VLAN - routing is switched off by default. I do not like it either and do all the routing through my firewall - but this may not be feasible in your case.

You do not need 6 IPs:
The preferred method would be to have only one switch do the routing and letting the other sacked switches do only Layer2. I just looked it up, you only need ip routing enabled on the routing switch in this case. This keeps management in check; but in the end you might be better of using one firewall.

Still looking to see if there is something I can set on the switches to say go to next hop if not the same VLAN.
If you turn on ip routing, the default gateway setting is ignored. But, to enable internet routing, you need to add a route to your firewall:
ip route <ip address of routable firewall>

Open in new window

Did you mean that?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HowcoAuthor Commented:
You were most of the way there.  I have finally managed to get someone at HP to assist and they say that if not using a router (which I want to avoid in order to reduce failure points) then the only way is to use multiple gateways on devices.  These can be provided using DHCP providing the IP Helper-address command is used for each VLAN.

This means that I will need two DHCP servers, one on each subnet/vlan, or both vlans will try to get the same range.

Many thanks, you pointed me most of the way there.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.