schuitkds
asked on
Vlan Question
Hello
I am trying to establish a Vlan between two switches
getting a little confused between tagged and untagged port assignments
both switches are HP Procurve switches
I switch a is connected on port 39 to switch 2 on port 24?
i have the VLAN id of 58 setup on both switches?
when i connect the switches i am unable to pass traffic across ( unable to ping a device on switch 2 from switch 1
I am trying to get the devices on switch 2 VLAN 58 to be able to access the internet via our firewall also.
any ideas?
I am trying to establish a Vlan between two switches
getting a little confused between tagged and untagged port assignments
both switches are HP Procurve switches
I switch a is connected on port 39 to switch 2 on port 24?
i have the VLAN id of 58 setup on both switches?
when i connect the switches i am unable to pass traffic across ( unable to ping a device on switch 2 from switch 1
I am trying to get the devices on switch 2 VLAN 58 to be able to access the internet via our firewall also.
any ideas?
ASKER
thank you so please clear up what tagged and untagged means in the HP world?
in my scenario of trying to create a vlan on and between two switches
which ports need to be tagged and which ports need to be untagged?
do the ports that connect the switches together on each device need to be tagged?
in my scenario of trying to create a vlan on and between two switches
which ports need to be tagged and which ports need to be untagged?
do the ports that connect the switches together on each device need to be tagged?
Here's a decent copy-paste from HP...
Per-Port VLAN Configuration Options
Parameter Effect on Port Participation in Designated VLAN
**Tagged: Allows the port to join multiple VLANs.
**Untagged: Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN. A port can be an untagged member of only one port-based VLAN.
**Forbid: Prevents the port from joining the VLAN, even if GVRP is enabled on the switch.
Reference: http://h30499.www3.hp.com/t5/Switches-Hubs-Modems-Legacy-ITRC/Difference-between-VLAN-Tagged-and-Untagged/td-p/3836359#.Uyn25fldVc8
My example...
VLAN 1 Default VLAN no ports are tagged and ports 9-12 are forbidden. So no default vlan traffic is permitted all ports not forbidden. The untagged ports are open and available to any traffic.
VLAN 1 ID 20 ENG is a subset of the Default VLAN where I've tagged ports 4-5 and 13-14, which were untagged and not forbidden in the Default VLAN. Just for the Engineers to are working with very large design assemblies concurrently so I'm trying to isolate their traffic between their workstations and the storage array which is ID 30 ISCSI
VLAN 1 ID 30 ISCSI ports tagged 4-5 13-14 27, 33 and the Forbidden Ports the ones from the default vlan. This connects the storage array on a dedicated 10GB per port Switch in a different subnet to the servers. All ISCSI traffic is on a separate subnet who's traffic in VLAN'd at the switch. ENG has subset of Defaul VLAN to isolate it's traffic and provide a less conjested path to the storage array and the default vlan is general network for workstations that are gateway'd to the internet firewall/router.
Per-Port VLAN Configuration Options
Parameter Effect on Port Participation in Designated VLAN
**Tagged: Allows the port to join multiple VLANs.
**Untagged: Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN. A port can be an untagged member of only one port-based VLAN.
**Forbid: Prevents the port from joining the VLAN, even if GVRP is enabled on the switch.
Reference: http://h30499.www3.hp.com/t5/Switches-Hubs-Modems-Legacy-ITRC/Difference-between-VLAN-Tagged-and-Untagged/td-p/3836359#.Uyn25fldVc8
My example...
VLAN 1 Default VLAN no ports are tagged and ports 9-12 are forbidden. So no default vlan traffic is permitted all ports not forbidden. The untagged ports are open and available to any traffic.
VLAN 1 ID 20 ENG is a subset of the Default VLAN where I've tagged ports 4-5 and 13-14, which were untagged and not forbidden in the Default VLAN. Just for the Engineers to are working with very large design assemblies concurrently so I'm trying to isolate their traffic between their workstations and the storage array which is ID 30 ISCSI
VLAN 1 ID 30 ISCSI ports tagged 4-5 13-14 27, 33 and the Forbidden Ports the ones from the default vlan. This connects the storage array on a dedicated 10GB per port Switch in a different subnet to the servers. All ISCSI traffic is on a separate subnet who's traffic in VLAN'd at the switch. ENG has subset of Defaul VLAN to isolate it's traffic and provide a less conjested path to the storage array and the default vlan is general network for workstations that are gateway'd to the internet firewall/router.
ASKER
so in my scenario basically all ports untagged on the default vlan on switch A except port 39 which i change to tagged?
switch B port 24 i switch to Tagged?
if i want access to all devices/ports on switch B do i flag all the ports as tagged?
scenario i desire is any device attached to switch A is able to connect or use any device on switch b
in your scenario about is a device attached to port #2 Vlan1 able to access the device/network on port 4 in Vlan20
switch B port 24 i switch to Tagged?
if i want access to all devices/ports on switch B do i flag all the ports as tagged?
scenario i desire is any device attached to switch A is able to connect or use any device on switch b
in your scenario about is a device attached to port #2 Vlan1 able to access the device/network on port 4 in Vlan20
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Picture is worth a 1000 words.
Default VLAN is for general usage
Eng is a specific for Design Engineers - basically the same as the Default only segmented from the default traffic and ISCSI.
ISCSI is for my storage array.
HP-ProCurve-Port-Tagging.pdf