avaya 3526T switch not routing between vlans

Hello.
I have an Avaya 3526T switch and 2 x Avaya 3510GT switches.

I have set up a separate VLAN 200 for routing between them.  The rest of the ports remain on vlan 1.

VLANS have been assigned to the relevant ports and correctly wired

I can ping between the switches and even the ip addresses on each vlan on the switch, but I cannot get it to ping a device on the far switch.  Each switch has a different subnet ip address range and default gateway (all internet traffic needs to go out their own gateway) but internal branch communication via the Avaya switches.

I have attached the configs of the switches.  I cannot see what I am missing.  

For example.  From the Control switch I can ping 192.168.13.252 (itself on vlan 1)
192.168.13.254 (default gateway for control)
10.200.13.252 (itself on vlan 200)
10.200.1.252 (Freshline on vlan 200)
192.138.1.252 (Freshline on freshline vlan 1)

BUT
cannot ping 192.168.1.1 - freshline default gateway.  The exact reverse is also true

All gateways respond to ping
2014-09-15-Woolston-Control-Centre-no-pw
2014-09-15-Woolston-Freshline-no-pwd.txt
2014-09-15-Woolston-Print-no-pwd.txt
LVL 1
idmacraeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Otto_NCommented:
idmacrae

I've got no experience with Avaya, so I might be missing something, but as far as I know, you have to specify the default gateway address as the swich IP to get routing to work.

I assume you configured 192.168.x.1 as the default gateway on the hosts connected to your VLAN 1 subnets?  If so, then the network device that knows how to get to the other subnets (i.e. the switch) must be configured with this default gateway IP.  I would suggest that you change your config to "ip address switch 192.168.<x>.1", rather than the current "ip address switch 192.168.<x>.252".  You should also remove the "ip default-gateway" config, as the static routes will take care of this.

Hope this helps.  If not, let me know, and I can go read up on the Avaya configs to give you better guidance.
0
idmacraeAuthor Commented:
Hello Olli,
The hosts on each network are configured to use the switch as their default gateway.  The switches are configured so that they know where the next hop is, ie the router to the internet.  That is the default-gateway command.

The hosts can happily access all other hosts on their own network, but I cannot get them to access hosts on the other networks.

There is something missing, preventing routing between the vlans on the other switches

That is what I need to be resolved

Thanks
0
Otto_NCommented:
OK, I read up a bit on the Avaya devices - Keep in mind that the "ip default-gateway" and "ip address switch"-commands are solely for managing the switch, and will not forward user traffic.  But this also raised an issue that I missed yesterday:  You need to create the "default gateway" for your user subnets - Which device in your network is actually 192.168.<x>.1? I cannot find this IP configured anywhere in the supplied configs.  If this IP is not configured on your switches, packets from one host vlan destined to another host vlan will never be directed to the switch to route.

So I suggest the following:

Create an "interface vlan 1" on the switches
Assign this interface the default gateway IP address of the subnet (192.168.<x>.1)

I suspect that you might have to remove the "ip default-gateway 192.168.<x>.254" and "ip address switch 192.168.<x>.252" commands (or that you will not be able to reach the addresses anymore), but you can then connect to the 192.168.<x>.1 address to manage the switch. (From Avaya's document "Configuring IP Routing and Multicast on Avaya Ethernet Routing Switch 3500 Series", available at http://downloads.avaya.com/css/P8/documents/100178975: "With IP routing enabled on the switch or stack, you can use any of the virtual router IP addresses for device management over IP.")
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

idmacraeAuthor Commented:
I'm afraid you still don't get the network topology.  Attached is a network diagram.

A client (IP 192.168.13.50, gateway 192.168.13.252, port 2) on the central network with IP can get to the internet gateway of 192.168.13.254 (port 1 on switch) and the central switch 192.168.13.252

It can also get to the woolston switch on both its ip: 10.200.0.252 and 192.168.0.252

however - and here is the issue.  It CANNOT get to a client (IP: 192.168.0.50, gateway 192.168.0.252, port 2 on switch) on the woolston network.  I need it to do that.

I am relatively certain that it is something to do with the way that VLANs are set up
Woolston.jpg
0
Otto_NCommented:
OK, makes a bit more sense now - specifically regarding the position of the 192.168.<x>.1 addresses.

However, I have to repeat - The IP address configured with the "ip address switch"-command (i.e. all the 192.168.<x>.252 addresses) is solely for managing the switch, and will not forward user traffic.  If you want .252 to forward traffic, you have to configure it as an IP address on a VLAN interface.

Therefore:
Create an "interface vlan 1" on the switches
Assign this interface the IP address of the switch (192.168.<x>.252)
Remember that your hosts will need specific routes to the 192.168.<x> subnets, pointing to .252 (or you can configure this route once off on the default gateway device, if you have access to it)

I'm a bit short on time, but I'll compile a list of the relevant references from Avaya's configuration guide, hopefully within the next 24 hours.
0
idmacraeAuthor Commented:
Thanks. I have done this as well. I will upload new configs shortly
0
idmacraeAuthor Commented:
Problem solved.  Was mostly on the right track to start off with .  It turns out I needed an interface for each vlan on the core as well.  Create a vlan for each remote site and assigned an ip address from that site range to the vlan interface on the core.   Then for each connecting port assigned that vlan to the port.

Works perfectly
0
Otto_NCommented:
Yes, this would solve the problem - Now you're reducing your topology from three routers to one router (Core switch) and two switches.  All the routing happens on the core switch only

This is not a problem, if it works in your scenario.  However, sometimes the bandwidth on the links between the Core and branches can be limited, or you would just like to keep your broadcast traffic contained in the branch, then you would have to implement the routing between the switches as discussed.  It would be as if you take the interface config you now configured on the core router and move it to the respective branch router, plus adding the required static routes on the branch and core routers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.