Solved

Connecting two separate Networks through separate VLANs so they can talk to each other - HP Procurve

Posted on 2014-10-15
9
496 Views
Last Modified: 2014-10-19
Hi,

- I am using an HP E5406z switch
- I have 2 VLANs:
VLAN A: uses network on 10.1.10.X / 255.255.255.0 / GW 10.1.10.1
VLAN B: uses network on 172.95.16.X / 255.255.0.0 / GW 172.95.16.1

on my VLAN A I have devices that need to talk to a DNS & NTP Server on VLAN B

We have been struggling on making these two VLANs to talk to each other. We tried to do IP Routing but I still cant ping nodes on A from B and viceversa.

Questions:

- How can we make this happen?
- Should the VLANs have a static IP address assigned to them? this is confusing us as well.

Any help or guidance is greatly appreciated!
0
Comment
Question by:ArgieIT
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 6

Assisted Solution

by:Wylie Bayes
Wylie Bayes earned 250 total points
Comment Utility
If you need the vlans to route to each other they each need an IP interface assigned on the switch.  So vlan A would need 10.1.10.1, and vlan B would need 172.95.16.1 (or whatever IPs you choose).

The devices on vlan A would either need to use 10.1.10.1 (or which ever IP you setup on the switch) as their Default Gateway address, or implement a static route for 172.95.16.0/24 -> 10.1.10.1 on the devices.

Also leave IP routing enabled as it will need that as well.
0
 
LVL 3

Expert Comment

by:Matthew Borrusso
Comment Utility
to continue with what Wylie is saying:

you should have entries like so: adjust accordingly)

ip router-id x.x.x.x (recommend this if doing a routing protocol)
ip routing
vlan 100 (lets call this A)
   name "meh1"
   untagged (native interfaces
   tagged (trunks, converged ports, etc)
   ip address 10.1.10.1 255.255.255.0
   ip helper-address (may need )if DHCP on different subnet)
   exit
vlan 101 (lets call this B)
   name "meh2"
   untagged (same story as above)
   tagged (same story as above)
   ip address 172.95.16.1 255.255.0.0
   ip helper-address (may need )if DHCP on different subnet)
   exit
spanning-tree (dont forget to make sure spanning tree is enabled on the switch).

With the above config, if your clients are pointed to the addresses above as their default gateway, then by rights you should be able to communicate across the subnets without issue.

Good luck,
Matt
0
 

Author Comment

by:ArgieIT
Comment Utility
Thank you Wyllie for the answer and Matt for providing very useful details. My question based on the solution is:

- On the network connected to VLAN A I already have default gateway of 10.1.10.1 with its own DHCP Server while the network connected in VLAN B I have GW of 172.95.16.1 with its own DHCP Server... I've been using other IP Addresses in these VLANs such as 10.1.10.16 and 172.95.16.100... do you see any issue with this? ( I am asking this as Matt mentioned if your clients are pointed to the addresses above as their default gateway, then by rights you should be able to communicate across the subnets without issue.)
0
 
LVL 6

Expert Comment

by:Wylie Bayes
Comment Utility
What device holds 10.1.10.1 and 172.95.16.1 if not the switch?

(Lol Matt, "Meh1", "Meh2" )
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Expert Comment

by:Matthew Borrusso
Comment Utility
Ok, let me understand your topology.
Please correct me if I am wrong.
1. you have two subnets.
2. each of these subnets has their own Dhcp server.
3. you already have a device that is the default gateway for each subnet. which is the existing .1 address.
4. your goal is to interconnect these two subnets without changing the clients or?
5. based on your goals, you want to use the switch to route between these networks?

Let me know if I am correct. If I am, then I can provide some direction.
0
 

Author Comment

by:ArgieIT
Comment Utility
Absolutely correct Matt. Goal is to have Device in A (with already assigned IP In that subnet) contact a Device in B (with an already assigned IP in that subnet)

Wyllie, My HP Switch is connected through another switch to the ISP Router so the gateway comes from the router not the switch. I have a SBS12 serving as the DHCP Server on this same network.

I put together a quick rough topology drawing for you. Hope this clarifies it. Thanks for the help and patience guys.
Topology.pdf
0
 
LVL 9

Expert Comment

by:Zacharia Kurian
Comment Utility
VLAN A: uses network on 10.1.10.X / 255.255.255.0 / GW 10.1.10.1
VLAN B: uses network on 172.95.16.X / 255.255.0.0 / GW 172.95.16.1

Just for a test purpose; What if if make your VLANB same network class of VLAN A ?

For Example. VLAN A:  10.1.1..0 /24 GW: 10.1.10.1
                         VLAN B: 192.168.10.0/24  GB 192.168.10.1
0
 
LVL 3

Accepted Solution

by:
Matthew Borrusso earned 250 total points
Comment Utility
By the drawing, I believe that you have vlan B downstream from "vlan A" and the ISP gateway is on vlan A on the upstream switch.

If this is correct, then you need to do the following.

Build the switch as a router just like the config above. The vlan B keep the .1 gateway, and you can keep .16 address.

no you will need to create a default route on the switch, which points 0.0.0.0 to 10.1.10.1. this will tell the router to send all unknown traffic to the ISP gateway. now here is the rub, you need to put a route on the ISP gateway. the route 172.95.0.0/16 needs to point to the 10.1.10.16. once these are in, you should be able to ping at least to the other side of the switch.

Let me know if this does not make sense.
Also, you may need to allow this new subnet (subnetB) permissions to pass through the gateway, IE outbound policys, NAT, etc.. but at minimum, to start, you should be able to route.
0
 

Author Comment

by:ArgieIT
Comment Utility
Hi everyone,

I was finally able to fix it by adding a route to the HP Switch, enabling spanning tree and making sure the VLAN's can talk to each other. Moreover, I had to create manual routes to the clients as I did not have access to the main ISP router. Thanks for your help.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now