[f-nsp] ServerIron XL, VLANs, DSR, Management...

Calvin Gorriaran cgorriaran at hodesiq.com
Mon Jan 12 15:19:11 EST 2009 

I saw that but it doesn't seem to be supported in my version of software.

Cal

From: Andy Vance [mailto:avance at hq.speakeasy.net]
Sent: Monday, January 12, 2009 3:18 PM
To: Calvin Gorriaran; 'foundry-nsp at puck.nether.net'
Subject: RE: [f-nsp] ServerIron XL, VLANs, DSR, Management...

Actually the Foundry will accept untagged traffic on a tagged port if you set the port to dual-mode.

Andy Vance
Sr. Network Engineer
Speakeasy
Direct > 206.971.5144 * Fax > 206.728.1500
Email > avance at hq.speakeasy.net<mailto:avance at hq.speakeasy.net>  * Web > www.speakeasy.net<http://www.speakeasy.net/>

Voice * Data * Managed Services

________________________________
From: foundry-nsp-bounces at puck.nether.net [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Calvin Gorriaran
Sent: Monday, January 12, 2009 12:09 PM
To: foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] ServerIron XL, VLANs, DSR, Management...
Found the issue. It seems as though the Foundry will not accept any untagged traffic on a tagged port. I changed my core switch that is providing the VLAN traffic to the Foundry to have a native VLAN other than ID 1, the management IP works on VLAN 1. This is what I ended up with...


#### Cisco Switch Providing VLANs to Foundry #####

interface Port-channel1
 switchport trunk native vlan 200
 switchport mode trunk

interface GigabitEthernet0/15
channel-group 1 mode on
!
interface GigabitEthernet0/16
 channel-group 1 mode on


#### Foundry Config ####


ver 07.4.01T12

global-protocol-vlan

!

trunk switch ethe 1 to 2

!

server source-ip 10.0.0.11 255.255.255.0 10.0.0.1

server source-ip 10.1.0.11 255.255.255.0 10.1.0.1

server router-ports 1 2

!

!

!

!

server real server-1 10.0.0.190

 port http

 port http url "HEAD /"

 port ssl

!

server real server-2 10.0.0.191

 port http

 port http url "HEAD /"

 port ssl

!

server real server-3 10.1.0.190

 port http

 port http url "HEAD /"

 port ssl

!

server real server-4 10.1.0.191

 port http

 port http url "HEAD /"

 port ssl

!

server virtual vserver-1 10.0.0.163

 sym-priority 254

 predictor least-conn

 port ssl

 no port ssl sticky

 port ssl dsr

 port http

 port http dsr

 bind ssl server-1 ssl server-2 ssl

 bind http server-1 http server-2 http

!

server virtual vserver-2 10.1.0.163

 sym-priority 254

 predictor least-conn

 port ssl

 no port ssl sticky

 port ssl dsr

 port http

 port http dsr

 bind ssl server-3 ssl server-4 ssl

 bind http server-3 http server-4 http

!

!

vlan 200 name DEFAULT-VLAN by port

!

vlan 4 by port

 tagged ethe 1 to 2

 ip-subnet 10.0.0.0 255.255.255.0

 static ethe 1 to 2

!

vlan 2 by port

 tagged ethe 1 to 2

 ip-subnet 10.1.0.0 255.255.255.0

 static ethe 1 to 2

!

vlan 1 by port

 tagged ethe 1 to 2

 ip-subnet 10.2.0.0 255.255.255.0

 static ethe 1 to 2

!

default-vlan-id 200

ip address 10.2.0.22 255.255.255.0

ip default-gateway 10.2.0.1



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20090112/d5934c5b/attachment.html>

More information about the foundry-nsp mailing list