Solved

Assigning switch system IP address to a VLAN on HP 2920

Posted on 2015-01-04
18
1,171 Views
Last Modified: 2015-01-06
Hi Experts,

I was wondering if somebody would be able to help me with this ongoing problem I am having with a HP 2920 switch.

Essentially I have been tasked to subnet a /21 in this case 10.42.128.0/21 into VLANs and I have devised the following

VLAN 10 - Internet (10.42.128.0/30)
VLAN 20 - Switches (10.42.128.64/26)
VLAN 30 - Servers (10.42.128.32/27)
.
.
.
VLAN 170 - Guest (10.42.128.128/26)

I can log in via the console and create the VLANs with the specific VID's and then once in context mode within the VLAN, setup the IP address (I am assuming I am entering the interface IP) for example

(vlan 10)# ip address 10.42.128.2/30
(vlan 20)# ip address 10.42.128.126/26
(vlan 30)# ip address 10.42.128.62/27

Now what I am trying to achieve is to set the switch system IP address as 10.42.128.65/26 and assign this to VLAN 20 and all I get is an error as it says the IP/subnet already exists. Any further switches in the network will follow suit I.e. 10.42.128.66, .67, .68 etc all within VLAN 20.

I have tried to set the management vlan to VID 20 but that hasn't changed the error using command (#management_vlan 20)

Would anyone know what I am doing wrong or how I would achieve this?

Essentially vlan 20 will be used for all my switches and the HP2920 will be my core hence I would like to assign it the first usable IP within that subnet.

Many thanks for your time

Immun3
0
Comment
Question by:Immun3
  • 8
  • 5
  • 3
  • +1
18 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40530680
Do you have VLANs (with IP addresses) between 30 and 170?

If so, I'm guessing that you're overlapping one of those.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40531344
(vlan 20)# ip address 10.42.128.126/26
(vlan 30)# ip address 10.42.128.62/27

Now what I am trying to achieve is to set the switch system IP address as 10.42.128.65/26 and assign this to VLAN 20

You assigned .62/27 to VLAN30 already.
0
 

Author Comment

by:Immun3
ID: 40531714
Hi Experts,

That isn't correct. The IP 10.42.128.62 is already assigned to VLAN 30 but as the interface IP (gateway address for VLAN 30). Essentially when i devised my subnets, i decided to use the first usable IP as the first device IP and the last usable IP within that subnet as the gateway address. Hence for switches, the HP 2920 will be the core hence first usable IP in VLAN 20 is 10.42.128.65 and the gateway address for VLAN 20 would be 10.42.128.126.

I need the HP switch to be that particular IP under VLAN 20 and all further access switches will also reside on VLAN 20 but with addresses .66, .67 etc.

The edge switches are D-Link DGS-1210 managed switches and i have managed to assign them their IP addresses i.e. 10.42.128.66 etc and then switched the management VLAN (default is VLAN 1) to VLAN 20 and this works as expected.

What i have tried so far is
1) i have logged into the switch via CLI and created my VLANs as above - no problem
2) i then enable routing and assign the VLANs with their interface IP's (last usable IP as the gateway address) - no problem
3) as soon as i enter the switch IP address as 10.42.128.65/26, i get the error the IP address already exists (since VLAN 20 has been created).

Now if i reset all the configuration and assign the switch the IP address 10.42.128.65/26 first, no error
2) i then create the VLANs as above, no problem
3) when assigning interface IPs to the VLANs, it allows all the other VLANs except VLAN 20 and i get the same error that the IP address has been assigned else where!

Correct me if i am wrong but when i assign the IP address to the switch, am i assigning this to VLAN 1 as default on switches or is this independant?

Also is the management VLAN a standard VLAN? Im not 100% sure of why it exists. My VLAN 20 is meant to be the VLAN where all the switches and network infrastructure sit. Is this wrong network practice?

Thanks guys.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40531748
What i have tried so far is
...
3) as soon as i enter the switch IP address as 10.42.128.65/26, i get the error the IP address already exists (since VLAN 20 has been created).
What do you mean by "as soon as i enter the switch IP address as 10.42.128.65/26,"?  Do you mean when you attempt to assign that IP address/mask to VLAN20?

Correct me if i am wrong but when i assign the IP address to the switch, am i assigning this to VLAN 1 as default on switches or is this independant?
You don't really assign an IP address "to the switch".  IP addresses are assigned to VLANs.
Also is the management VLAN a standard VLAN? Im not 100% sure of why it exists. My VLAN 20 is meant to be the VLAN where all the switches and network infrastructure sit. Is this wrong network practice?
There is no "management VLAN". The VLAN that you manage the switch with is, literally, any VLAN which has a reachable IP address.
0
 

Author Comment

by:Immun3
ID: 40531871
Hi Don,

Yes, that's correct. It's when I attempt to assign 10.42.128.65/26 to VLAN 20.

Thank you for clearing up the confusion about switch IP addresses. I always had this impression that this was independent to VLAN IP addresses.
0
 

Author Comment

by:Immun3
ID: 40532015
May help you guys if I attach the IP subnet scheme I have put together...
IPAllocation-EE.xlsx
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40532047
Please post the config of the switch before you attempt to assign the IP address for VLAN 20.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40532261
(vlan 20)# ip address 10.42.128.126/26

That's wrong.

That network actually begins 10.42.128.64 and ends 10.42.128.127.  That's what's likely causing your issue.

The network you need to use here is 10.42.128.128/26 - giving 10.42.128.129 through to 10.42.128.190 as host addresses.
0
 

Author Comment

by:Immun3
ID: 40532264
Please see the attached config as requested.

All that I have configured on the switch so far is

1) hostname
2) VLANs 10 - 170 with names
3) Interface IP addresses (last useable IP as per subnetting scheme) for VLANs 10, 30 - 170

Thanks,
HP2920v1.txt
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:Immun3
ID: 40532281
(vlan 20)# ip address 10.42.128.126/26


 That's wrong.

 That network actually begins 10.42.128.64 and ends 10.42.128.127.  That's what's likely causing your issue.

 The network you need to use here is 10.42.128.128/26 - giving 10.42.128.129 through to 10.42.128.190 as host addresses.

Hi Craig,

I agree that the network begins and ends as you have stated above but there is no overlap between any other subnet. Since I use the last usable IP address as the gateway address (same as interface IP), I have configured as 10.42.128.126/26.

The subnet that you have stated 10.42.128.128/26 is assigned to VLAN 170 - Guest (see attached subnet scheme).

Thanks,
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40532324
Ok so the OP was slightly incorrect then.

What happens if you try this at your core?...

vlan 20
 ip address 10.42.128.65 255.255.255.224

Open in new window


I notice that your switch uses DHCP on its OOBM interface, and that VLAN1 also uses DHCP.  Can you post the output from the show ip command on the switch please?
0
 

Author Comment

by:Immun3
ID: 40532407
It accepts the above IP address within VLAN 20

the output for the show ip is

CORE01(vlan-20)# show ip

 Internet (IP) Service

  IP Routing : Disabled

  Default Gateway :
  Default TTL     : 64
  Arp Age         : 20
  Domain Suffix   :
  DNS server      :

                       |                                            Proxy ARP
  VLAN                 | IP Config  IP Address      Subnet Mask     Std  Local
  -------------------- + ---------- --------------- --------------- ----------
  DEFAULT_VLAN         | DHCP/Bootp
  Internet             | Manual     10.42.128.2     255.255.255.252  No    No
  Switches             | Manual     10.42.128.65    255.255.255.224  No    No
  Servers              | Manual     10.42.128.62    255.255.255.224  No    No
  Printers             | Manual     10.42.130.126   255.255.255.128  No    No
  WAPs                 | Manual     10.42.131.126   255.255.255.128  No    No
  CCTV                 | Manual     10.42.131.254   255.255.255.128  No    No
  IPTel                | Manual     10.42.132.126   255.255.255.128  No    No
  VC                   | Manual     10.42.129.126   255.255.255.192  No    No
  Projectors           | Manual     10.42.129.62    255.255.255.192  No    No
  3rdParty             | Manual     10.42.128.30    255.255.255.240  No    No
  AdmClients           | Manual     10.42.130.254   255.255.255.128  No    No
  AdmWireless          | Manual     10.42.128.254   255.255.255.192  No    No
  TeachClients         | Manual     10.42.129.190   255.255.255.192  No    No
  TeachWireless        | Manual     10.42.129.254   255.255.255.192  No    No
  StuClients           | Manual     10.42.135.254   255.255.254.0    No    No
  StuWireless          | Manual     10.42.133.254   255.255.255.0    No    No
  Guest                | Manual     10.42.128.190   255.255.255.192  No    No


CORE01(vlan-20)#

Open in new window

0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40532501
So now you can assign the IP what is the issue?
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 40532577
On this Core-switch you have a lot of IP's assigned, such as
"...The IP 10.42.128.62 is already assigned to VLAN 30 but as the interface IP (gateway address for VLAN 30). Essentially when i devised my subnets, i decided to use ....the last usable IP within that subnet as the gateway address..."
but there i not a routing process taking place, so I guess you mis a config-statement:
IP ROUTING
That is, If you want these vlans to communicate.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 40532591
"Also is the management VLAN a standard VLAN?"
AFAIK procures can be hardened by assigning a "management"-statement to a vlan, if that is done this vlan will
not be routed even if an IP is assigned and IP ROUTIG configured.
0
 

Author Comment

by:Immun3
ID: 40533215
Craigbeck - the issue is I cannot access the switches GUI on the address 10.42.128.65
Second question - if the above configuration is correct, when I configure the additional access switches with their relevant IP addresses I.e. 10.42.128.66 and 10.42.128.67, what would I enter the gateway on those switches?

Jburgaard - there will be inter-VLAN routing taking place once I have got over this part of the configuration. I hope to control access between the VLANs using ACLs within the Procurve switch.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 40533229
You need to set VLAN20 as the switch's primary VLAN in order to see the GUI on its IP.  This is important as the primary VLAN (not the default VLAN, which is always VLAN1) is the only VLAN on which you can source management traffic from.

To set the primary VLAN:

primary-vlan 20

Open in new window


The other switches will need the same, and you'll set the default gateway to be the VLAN20 IP on the core switch:

vlan 20
 ip address 10.42.128.67 255.255.255.0
!
primary-vlan 20
!
ip default-gateway 10.42.128.65                 #(or whatever you set the core's IP to on VLAN20)

Open in new window

0
 

Author Closing Comment

by:Immun3
ID: 40533238
Thank you!!!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now