ditobot
asked on
Routing between VLANs using fiber trunk ports on HP Procurve 2920 switches
I am new to the HP Procurve line and am struggling with tagged an untagged. I have four locations. One MDF with 3 stacked switches and an IDF-1 with two stacked switches and three more IDFs with single switches all connected with 10Gb fiber connections in the expansion ports.
I need to figure out the best way to get the VLANs to talk with one another. I have four VLANs
VLAN 5 - Router VLAN (which is probably unnecessary since I was planning to use OSPF which 2920s can't do)
VLAN 10 - Business VLAN (10.0.0.0/255.255.254.0)
VLAN 20 - Wireless VLAN (10.0.2.0/255.255.255.0)
VLAN 30 - Phone VoIP VLAN (10.0.3.0/255.255.255.0)
Internet firewall is on 10.0.1.254
Trunk trk1 is configured between sfp 10Gb fiber ports on MDF1 2/A1 and IDF-1 1/A1
I was under the impression if I didn't create any access rules, by default the trunk ports would direct traffic between the VLANs as long as they were in tagged mode. I need to get the business VLAN 10 talking with VLAN 30 and vice versa. I am posting my config below. If someone can tell me whether I should use Access Lists or if I am missing something more basic I'd appreciate it.
Thanks in advance:
MDF 1 Config:
2920_company_MDF1-2_48# show running-config
Running configuration:
; hpStack_WB Configuration Editor; Created on release #WB.15.12.0015
; Ver #05:18.41.ff.35.0d:9b
stacking
member 1 type "J9728A" mac-address 5cb901-1e7680
member 2 type "J9729A" mac-address 5cb901-1a3b80
member 2 priority 1
member 3 type "J9727A" mac-address 3863bb-5a7a40
exit
hostname "2920_company_MDF1-2_48"
trunk 2/A1-2/A2 trk1 lacp
time timezone -420
ip default-gateway 10.0.3.1
ip route 0.0.0.0 0.0.0.0 10.0.0.254
ip routing
snmp-server community "public" unrestricted
snmp-server contact "Randy Stowe"
oobm
ip address dhcp-bootp
member 1
ip address dhcp-bootp
exit
member 2
ip address dhcp-bootp
exit
member 3
ip address dhcp-bootp
exit
exit
router rip
redistribute connected
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged 1/1-1/48,2/1-2/48,3/1-3/24
untagged 1/A1-1/A2,1/B1-1/B2,2/B1-2
no ip address
exit
vlan 5
name "Default_Router_VLAN"
untagged Trk1
ip address 1.1.1.1 255.255.255.0
ip rip 1.1.1.1
jumbo
exit
vlan 10
name "Business"
untagged 1/1-1/48,2/1-2/8,2/21-2/48
tagged Trk1
ip address 10.0.0.1 255.255.254.0
jumbo
exit
vlan 20
name "VLAN20"
tagged Trk1
ip address 10.0.2.1 255.255.255.0
ip rip 10.0.2.1
jumbo
exit
vlan 30
name "VoIP"
untagged 2/9-2/20
tagged Trk1
ip address 10.0.3.1 255.255.255.0
ip rip 10.0.3.1
voice
jumbo
exit
spanning-tree Trk1 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
2920_company_MDF1-2_48#
--------------------------
IDF-1 Config:
2920_company_IDF1-1_48POE#
Running configuration:
; hpStack_WB Configuration Editor; Created on release #WB.15.12.0015
; Ver #05:18.41.ff.35.0d:9b
stacking
member 1 type "J9729A" mac-address 5cb901-1adb00
member 2 type "J9728A" mac-address 5cb901-1c3900
exit
hostname "2920_company_IDF1-1_48POE
trunk 1/A1-1/A2,2/A1-2/A2 trk1 lacp
time timezone -7
ip routing
snmp-server community "public" unrestricted
snmp-server contact "companyadmin"
oobm
ip address dhcp-bootp
member 1
ip address dhcp-bootp
exit
member 2
ip address dhcp-bootp
exit
exit
router rip
redistribute connected
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged 1/1-1/48,2/1-2/48
untagged 1/B1-1/B2,2/B1-2/B2,Trk1
no ip address
exit
vlan 2
name "VoIP"
no ip address
exit
vlan 5
name "VLAN5"
ip address 1.1.1.2 255.255.255.0
ip rip 1.1.1.2
jumbo
exit
vlan 10
name "VLAN10"
untagged 1/1-1/48,2/1-2/22,2/31-2/4
tagged Trk1
ip address 10.0.0.2 255.255.254.0
ip rip 10.0.0.2
jumbo
exit
vlan 20
name "VLAN20"
tagged Trk1
ip address 10.0.2.2 255.255.255.0
ip rip 10.0.2.2
jumbo
exit
vlan 30
name "VLAN30"
untagged 2/23-2/30
tagged Trk1
ip address 10.0.3.2 255.255.255.0
ip rip 10.0.3.2
jumbo
exit
spanning-tree Trk1 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator
2920_company_IDF1-1_48POE#
I have 3 additional
I need to figure out the best way to get the VLANs to talk with one another. I have four VLANs
VLAN 5 - Router VLAN (which is probably unnecessary since I was planning to use OSPF which 2920s can't do)
VLAN 10 - Business VLAN (10.0.0.0/255.255.254.0)
VLAN 20 - Wireless VLAN (10.0.2.0/255.255.255.0)
VLAN 30 - Phone VoIP VLAN (10.0.3.0/255.255.255.0)
Internet firewall is on 10.0.1.254
Trunk trk1 is configured between sfp 10Gb fiber ports on MDF1 2/A1 and IDF-1 1/A1
I was under the impression if I didn't create any access rules, by default the trunk ports would direct traffic between the VLANs as long as they were in tagged mode. I need to get the business VLAN 10 talking with VLAN 30 and vice versa. I am posting my config below. If someone can tell me whether I should use Access Lists or if I am missing something more basic I'd appreciate it.
Thanks in advance:
MDF 1 Config:
2920_company_MDF1-2_48# show running-config
Running configuration:
; hpStack_WB Configuration Editor; Created on release #WB.15.12.0015
; Ver #05:18.41.ff.35.0d:9b
stacking
member 1 type "J9728A" mac-address 5cb901-1e7680
member 2 type "J9729A" mac-address 5cb901-1a3b80
member 2 priority 1
member 3 type "J9727A" mac-address 3863bb-5a7a40
exit
hostname "2920_company_MDF1-2_48"
trunk 2/A1-2/A2 trk1 lacp
time timezone -420
ip default-gateway 10.0.3.1
ip route 0.0.0.0 0.0.0.0 10.0.0.254
ip routing
snmp-server community "public" unrestricted
snmp-server contact "Randy Stowe"
oobm
ip address dhcp-bootp
member 1
ip address dhcp-bootp
exit
member 2
ip address dhcp-bootp
exit
member 3
ip address dhcp-bootp
exit
exit
router rip
redistribute connected
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged 1/1-1/48,2/1-2/48,3/1-3/24
untagged 1/A1-1/A2,1/B1-1/B2,2/B1-2
no ip address
exit
vlan 5
name "Default_Router_VLAN"
untagged Trk1
ip address 1.1.1.1 255.255.255.0
ip rip 1.1.1.1
jumbo
exit
vlan 10
name "Business"
untagged 1/1-1/48,2/1-2/8,2/21-2/48
tagged Trk1
ip address 10.0.0.1 255.255.254.0
jumbo
exit
vlan 20
name "VLAN20"
tagged Trk1
ip address 10.0.2.1 255.255.255.0
ip rip 10.0.2.1
jumbo
exit
vlan 30
name "VoIP"
untagged 2/9-2/20
tagged Trk1
ip address 10.0.3.1 255.255.255.0
ip rip 10.0.3.1
voice
jumbo
exit
spanning-tree Trk1 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
2920_company_MDF1-2_48#
--------------------------
IDF-1 Config:
2920_company_IDF1-1_48POE#
Running configuration:
; hpStack_WB Configuration Editor; Created on release #WB.15.12.0015
; Ver #05:18.41.ff.35.0d:9b
stacking
member 1 type "J9729A" mac-address 5cb901-1adb00
member 2 type "J9728A" mac-address 5cb901-1c3900
exit
hostname "2920_company_IDF1-1_48POE
trunk 1/A1-1/A2,2/A1-2/A2 trk1 lacp
time timezone -7
ip routing
snmp-server community "public" unrestricted
snmp-server contact "companyadmin"
oobm
ip address dhcp-bootp
member 1
ip address dhcp-bootp
exit
member 2
ip address dhcp-bootp
exit
exit
router rip
redistribute connected
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged 1/1-1/48,2/1-2/48
untagged 1/B1-1/B2,2/B1-2/B2,Trk1
no ip address
exit
vlan 2
name "VoIP"
no ip address
exit
vlan 5
name "VLAN5"
ip address 1.1.1.2 255.255.255.0
ip rip 1.1.1.2
jumbo
exit
vlan 10
name "VLAN10"
untagged 1/1-1/48,2/1-2/22,2/31-2/4
tagged Trk1
ip address 10.0.0.2 255.255.254.0
ip rip 10.0.0.2
jumbo
exit
vlan 20
name "VLAN20"
tagged Trk1
ip address 10.0.2.2 255.255.255.0
ip rip 10.0.2.2
jumbo
exit
vlan 30
name "VLAN30"
untagged 2/23-2/30
tagged Trk1
ip address 10.0.3.2 255.255.255.0
ip rip 10.0.3.2
jumbo
exit
spanning-tree Trk1 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator
2920_company_IDF1-1_48POE#
I have 3 additional
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Accept: ditobot (https:#a40883549)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
frankhelk
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Accept: ditobot (https:#a40883549)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
frankhelk
Experts-Exchange Cleanup Volunteer
Can you ping the IP addresses of the MDF from the IDF?
How are you testing connectivity?