0 registered members (),
258
guests, and 3
spiders. |
Key:
Admin,
Global Mod,
Mod
|
|
Forums69
Topics113,633
Posts1,341,396
Members1,814
|
Most Online731 Jan 14th, 2020
|
|
|
VLAN Networking
#1477726
06/03/2014 17:31
06/03/2014 17:31
|
Joined: Dec 2005
Posts: 12,295 Sandhurst
Begbie
OP
Ex El Presidente
|
OP
Ex El Presidente
I AM a Coop
Joined: Dec 2005
Posts: 12,295
Sandhurst
|
So, who is going to be able to help me with this problem, Jim, I'm not looking at you! Before we begin, I'm not network expert, I deal with databases / SQL for most of the day, so this is all a bit new to me. Basically I have been given a task of creating a couple of VLAN's on a switch (HP Procurve 2848) that will have separate networks on, but they all need to connect to a single modem router on a single port on the switch and I'm really struggling to get anywhere. To break it down: Modem / Router This assigns IP addresses in the 192.168.1.X range and the default gateway is 192.168.1.254 Switch IP address 192.168.1.1 with the default gateway 192.168.1.254 I have created 3 VLAN's (1 is default) Default VLAN - IP 192.168.1.1 / 255.255.255.0 VLAN2 - IP 192.168.10.1 / 255.255.255.0 VLAN3 - IP 192.168.11.1 / 255.255.255.0 The output of the config if it helps is: ip default-gateway 192.168.1.254
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1,6-8,13-48
ip address 192.168.1.1 255.255.255.0
no untagged 2-5,9-12
exit
vlan 2
name "IMAGING"
untagged 2-5
ip address 192.168.10.1 255.255.255.0
exit
vlan 3
name "MSO"
untagged 9-12
ip address 192.168.11.1 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 192.168.1.254
ip route 192.168.10.0 255.255.255.0 192.168.1.254
password manager
password operator If I connect any PC / server into the ports used for the default_vlan, it can get out on the internet. If I connect anything to VLAN2 or 3, this cannot get out on the internet. I've tried numerous tagging / untagging options on the ports used and I'm not getting much luck. Any ideas?
Your car is Usain Bolt with wellies
|
|
|
Re: VLAN Networking
[Re: Begbie]
#1477727
06/03/2014 17:39
06/03/2014 17:39
|
Joined: Jun 2013
Posts: 853 East Anglia
one4seven
Enjoying the ride
|
Enjoying the ride
Joined: Jun 2013
Posts: 853
East Anglia
|
What's the DHCP scope set to on your router? EDIT: And remember on Procurves, untagged and tagged are the reverse of whatever you may have worked with before (e.g. Ciscos) - so Tag VLANs on your trunk ports EDIT2: You might also need IP helpers on your VLAN interfaces.
Last edited by one4seven; 06/03/2014 17:51.
Ollie
|
|
|
Re: VLAN Networking
[Re: Begbie]
#1477731
06/03/2014 17:53
06/03/2014 17:53
|
Joined: Dec 2005
Posts: 12,295 Sandhurst
Begbie
OP
Ex El Presidente
|
OP
Ex El Presidente
I AM a Coop
Joined: Dec 2005
Posts: 12,295
Sandhurst
|
Router is set to DHCP scope on 192.168.1.64 - 1.252, but I'm not overly fussed about using DHCP for these devices on the other VLAN's.
Now, tagged and untagged is what gets me confused.
The modem router goes to port 1 on the switch, default_vlan is on port 1,6,7,8 (all set as untagged). I have a server plugged into port 6&7 and I assigned a static IP address and this can connect to the internet without any issues. If I plug a laptop into port 3 (VLAN2, ports 2,3,4,5, all untagged) I can't get anything. I have trued changing port 1 in VLAN2 to tagged and that didn't help.
Your car is Usain Bolt with wellies
|
|
|
Re: VLAN Networking
[Re: one4seven]
#1477848
07/03/2014 10:00
07/03/2014 10:00
|
Joined: Dec 2005
Posts: 12,295 Sandhurst
Begbie
OP
Ex El Presidente
|
OP
Ex El Presidente
I AM a Coop
Joined: Dec 2005
Posts: 12,295
Sandhurst
|
Cheers Jim, knew I could count on you Tagged/Untagged is very simple on Procurves.
Think of untagged as an access port/end point i.e. if you untag a VLAN on a port, anything you plug into that port is a member of that network/VLAN.
Tagging a port tells that port that it needs to carry traffic from that VLAN/network but its not physically a member of that network.
In your scenario, try setting port 1 on your switch to untagged on vlan1, tagged on 2 and 3.
All other ports simply need to be untagged on whatever VLAN you want them to be a member of.
I already tried untagged on vlan1 and tagged on vlan2&3 on port 1. That's what I started with as I thought it would be correct
Your car is Usain Bolt with wellies
|
|
|
Re: VLAN Networking
[Re: Begbie]
#1478009
08/03/2014 02:39
08/03/2014 02:39
|
Jef_uk
Unregistered
|
Jef_uk
Unregistered
|
Hi Infrastructure guy here
Unfortunately this is not as simple as you may want.
Lets talk about this slowly and carefully.
Option 1 You have a "real" router
Set up like this. you have sub interfaces for simplicity fe0/0/1, fe0/0/2, fe0/0/3
Each "Sub interface" can be assigned an IP that will be that network's/subnet's default gateway
Option 2 You have a layer three switch
Your L3 switch has an Ip address on each VLAN (this is my lab set-up and common in most places I have worked.)
you set an ip on the router and switch port fe/0/x so that you have a route through to the GW. Most routing happens on VLAN interfaces.
I can configure equipment PM me You have contributed to forum plenty.
option 3 cheepo router with 'vlans' cheep switch l2 vlans.
Each VLAN group has a cable to a switch port. there is no tagging.
|
|
|
Re: VLAN Networking
[Re: Begbie]
#1478010
08/03/2014 02:41
08/03/2014 02:41
|
Jef_uk
Unregistered
|
Jef_uk
Unregistered
|
Begbie you have made many good posts that have learnt me stuff PM me I could donate 1 hour and set it all up.
|
|
|
Re: VLAN Networking
[Re: ]
#1478076
08/03/2014 18:40
08/03/2014 18:40
|
DanielTheManual
Unregistered
|
DanielTheManual
Unregistered
|
What you are trying to do is called 'inter-VLAN routing', for which you need a Layer 3 switch. Your 2848 is only a Layer 2 switch, so it won't pass traffic between VLANs.
With a Layer 3 switch, you can configure a virtual IP on each VLAN, which you then set as the default gateway for equipment plugged into the ports that are members of that VLAN. This gateway is then how traffic passes to other VLANs.
Computers, servers, printers etc. are all completely unaware of VLANs, which is why they all connect into untagged ports. Only equipment which is capable of being VLAN aware such as switches and routers, connect to a tagged port.
|
|
|
Re: VLAN Networking
[Re: Begbie]
#1478327
10/03/2014 15:54
10/03/2014 15:54
|
Joined: Dec 2005
Posts: 12,295 Sandhurst
Begbie
OP
Ex El Presidente
|
OP
Ex El Presidente
I AM a Coop
Joined: Dec 2005
Posts: 12,295
Sandhurst
|
Well, I finally cracked it It needed a route adding on the modem / router on where to send the data back to. So in my case, it was of adding a route of 192.168.10.0 / 11.0 255.255.255.0 192.168.1.1 The modem will send the data to the switch, from there, the switch will pass the data to the VLAN's. Thanks to everyone who helped though.
Your car is Usain Bolt with wellies
|
|
|
|