[e-nsp] Layer 2/3 VLAN Issue between two switches

root net rootnet08 at gmail.com
Thu Mar 21 10:39:43 EDT 2013 

Eric,

Thank you for your reply.

On Thu, Mar 21, 2013 at 7:29 AM, Erik Bais <erik at bais.name> wrote:

>  Hi, ****
>
> ** **
>
> If you want to route on an Extreme device you need to enable ipforwarding
> on the switch for the vlan’s that you want to enable that for.  ****
>
> ** **
>
> Command: ****
>
> enable ipforwarding <vlan name>
>

I've tried it with ipforwarding on and it still doesn't do anything. I want
the routing to take place for the time being on the router. I want a simple
layer 2 VLAN. I assigned a IP on the vlan for connectivity testing only.
Does everything else look good to you?

> ****
>
> ** **
>
> If you want to route only on the router, you need to give the router
> interfaces on each vlan, with it’s own IP address in each vlan. ****
>
> ** **
>
> Hope that helps,****
>
> Erik Bais ****
>
> ** **
>
> *From:* extreme-nsp-bounces at puck.nether.net [mailto:
> extreme-nsp-bounces at puck.nether.net] *On Behalf Of *root net
> *Sent:* donderdag 21 maart 2013 12:40
> *To:* Extreme NSP
> *Subject:* [e-nsp] Layer 2/3 VLAN Issue between two switches****
>
> ** **
>
> Hello All,
>
> I am faced with a issue.
>
> I have for this scenario, one router, two switches and one server.
>
> router on a stick <-tagged-> switch 1 <-tagged-> switch 2 -> (untagged)
> server (dual nic/port)
>
> Vlans
> 2 = staff
> 3 = mgmt
> 4 = servers
>
> switch 1 = bd6808 7.8e.4-1 MSM64ix2
> switch 2 = summit 400-48T 7.8e.4-1
>
> switch 1 and switch 2 are connected over copper.
> router and switch 2 are connected over copper.
>
> If I plug the server directly into switch 1 the server can ping gateway on
> router and switch 1 but not any device in same vlan on switch 2, just
> switch 1 and router.
> If I plug the server into switch 2 the server cannot ping anything but
> other servers on that vlan only on switch 2.
>
> Not sure what's wrong haven't had much sleep so it could be something
> simple I'm missing.
>
> I can see the mac address of switch 2 if I try to ping but can't get a
> successful ping. I can also see the other switch if I enable edp on the
> port.
>
> sh iparp on switch 2 when try to ping 192.168.100.2
>
> 192.168.100.2   (incomplete)         0   NO  servers[0004]
>
>
> BD6808:9 # sh iparp (switch 1)
> Destination     Mac                Age Static  VLAN    [VID]   Port
> 192.168.100.1   00:0F:34:57:A7:00    5   NO  servers[0004]  2:25 (to
> router)
> 192.168.100.3   00:04:96:18:49:C0    1   NO  servers[0004]  6:3 (to switch
> 2)
>
>
> router
>
> interface fa0/0
> no ip add
> !
> !
> !
> interface fa0/0.4
> encap dot1q 4
> ip add 192.168.100.1 255.255.255.0
>
>
> switch 1
>
> IGMP snooping is enabled for all vlans BTW
>
> # Config information for VLAN servers.
> configure vlan "servers" tag 4     # VLAN-ID=0xc  Global Tag 28
> configure vlan "servers" protocol "ANY"
> configure vlan "servers" qosprofile "QP1"
> configure vlan "servers" qosprofile ingress none
> configure vlan "servers" ipaddress 192.168.100.2 255.255.255.0
> configure vlan "servers" add port 2:25 tagged (port to router)
> configure vlan "servers" add port 6:3 tagged (port to switch 2)
>
> # -- IP Interface[1] = "servers"
> enable icmp unreachable vlan "servers"
> enable icmp redirects vlan "servers"
> enable icmp port-unreachables vlan "servers"
> enable icmp time-exceeded vlan "servers"
> enable icmp parameter-problem vlan "servers"
> disable icmp timestamp vlan "servers"
> disable icmp address-mask vlan "servers"
> enable subvlan-proxy-arp "servers"
> configure ip-mtu 1500 vlan "servers"
>
> # IP ARP Configuration
>
> configure iparp timeout 20
> configure iparp max-entries 4096
> configure iparp max-pending-entries 256
> enable iparp checking
> enable iparp refresh
> #
>
> switch 2
>
> IGMP snooping is enabled for all vlans
>
> # Config information for VLAN servers.
> configure vlan "servers" tag 4     # VLAN-ID=0xc  Global Tag 7
> configure vlan "servers" protocol "ANY"
> configure vlan "servers" qosprofile "QP1"
> configure vlan "servers" ipaddress 192.168.100.3 255.255.255.0  (only
> configured to see if could ping)
> configure vlan "servers" add port 15 untagged (to server)
> configure vlan "servers" add port 31 untagged (to server)
> configure vlan "servers" add port 9 tagged   (going to switch 1)
>
> # -- IP Interface[4] = "servers"
> enable icmp unreachable vlan "servers"
> enable icmp redirects vlan "servers"
> enable icmp port-unreachables vlan "servers"
> enable icmp time-exceeded vlan "servers"
> enable icmp parameter-problem vlan "servers"
> disable icmp timestamp vlan "servers"
> disable icmp address-mask vlan "servers"
> configure ip-mtu 1500 vlan "servers"
>
> # IP ARP Configuration
>
> configure iparp timeout 20
> configure iparp max-entries 4096
> configure iparp max-pending-entries 256
> enable iparp checking
> enable iparp refresh
> #
>
>
>
> Any help is much appreciated!****
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/extreme-nsp/attachments/20130321/7810f84c/attachment-0001.html>

More information about the extreme-nsp mailing list