[f-nsp] Multiple subnets on same VLAN
Jethro R Binks
jethro.binks at strath.ac.uk
Mon Nov 17 09:02:45 EST 2014
On Mon, 17 Nov 2014, José Santos wrote:
> Example of config:
> interface ve 11
> ip address 192.168.10.1/28
> ip address 192.168.10.129/28
> ip address 192.168.11.1/25
> ip address 192.168.11.129/26
> !
>
> After a lot of digging we concluded the issues were not related with this
> change, but with trafic fragmentation that is ocurring in a GRE tunnel we
> had setup at the same time.
>
> One issue we still see is when we do a traceroute let's say from
> 192.168.11.2/25 to the outside, the router/gateway IP we see in the
> first hop is ip address 192.168.10.1 instead of 192.168.11.1. However,
> this doesn't seem to affect the traffic.
Yes, that makes sense, it picks the lowest configured IP on the ve. You
need to be careful of this if you are doing DHCP forwarding with ip
helper-address, as the DHCP server will see all the requests from any of
those subnets forwarded from that lowest configured IP and won't know
about the others. To service all the subnets in this vlan with DHCP, you
need to ensure they are all declared and grouped within a "shared-network
{" statement (in ISC DHCP).
(bitten by all this in around 2002!).
Jethro.
>
> Thanks again,
> José
>
> On 14 November 2014 08:50, Jethro R Binks <jethro.binks at strath.ac.uk> wrote:
>
> > In the past, we've simply done this (usually in the context off adding
> > another IP subnet into a VLAN, but probably also when merging two VLANs
> > with subnets too):
> >
> > vlan 24
> > ta e 1/1
> > router-interface ve 24
> >
> > interface ve 24
> > ip address 10.0.1.100/24
> > ip address 10.0.2.100/24
> >
> > Alternatively, in some cases I also have this sort of thing (ancient
> > BigIron config):
> >
> > vlan 2
> > ta e 1/1 to 1/3
> > ip-subnet 10.0.1.0 255.255.255.0 name S1
> > static e 1/1 to 1/2
> > router-int ve 2
> > ip-subnet 10.0.2.0 255.255.255.0 name S2
> > static e 1/1 to 1/3
> > router-int ve 3
> >
> > int ve 2
> > ip address 10.0.1.100 255.255.255.0
> >
> > int ve 3
> > ip address 10.0.2.100 255.255.255.0
> >
> > I can't really remember much about it now :)
> >
> > I'm not familiar with the trick just below.
> >
> > Jethro.
> >
> >
> > On Thu, 13 Nov 2014, Wilbur Smith wrote:
> >
> > > Jose,
> > >
> > > This is pretty easy on the MLX. This is also referred to as “Super
> > > Netting”.
> > >
> > > The trick is to create two separate VE interfaces, one for each subnet’s
> > > default gateway, then assign both VE interfaces to the same VLAN. You
> > > will need to create the VE first before adding it to the MLX’s VLAN.
> > >
> > > Config would look something like:
> > >
> > > Interface ve 100
> > > Ip address 10.0.1.100
> > >
> > > Interface ve 101
> > > Ip address 10.0.1.101
> > >
> > > Vlan 100
> > > Router-interface
> > > Ve 100
> > > Ve 101
> > >
> > > Apologies for not being able to confirm the exact syntax; don’t have
> > access to a router right now.
> > >
> > > Wilbur
> > >
> > > From: Charles Monson <monson at wins.net<mailto:monson at wins.net>>
> > > Date: Wednesday, November 12, 2014 at 6:15 AM
> > > To: "foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net>" <
> > foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net>>
> > > Subject: Re: [f-nsp] Multiple subnets on same VLAN
> > >
> > > Do you have “no route-only” on the physical interface(s)? I’ve had
> > trouble with routing between multiple subnets on a router-interface once
> > and things started behaving normally after changing that.
> > >
> > > - Charles
> > >
> > > From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On
> > Behalf Of José Santos
> > > Sent: Tuesday, November 11, 2014 6:53 PM
> > > To: foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net>
> > > Subject: [f-nsp] Multiple subnets on same VLAN
> > >
> > > Hi,
> > > I'm needing to merge two subnets that were before in two diferent VLANs
> > in the same VLAN (attached to one untagged ethernet port) in a MLX router.
> > >
> > > I configured multiple IP subnets in the same router-interface and I'm
> > experiencing a lot of network issues. I am now trying to configure the
> > subnets, let's say 192.168.50.1/24<http://192.168.50.1/24>,
> > 192.168.51.1/24<http://192.168.51.1/24> and 192.168.52.1/24<
> > http://192.168.52.1/24> in distinct virtual interfaces belonging to the
> > same VLAN, however I am not being able to accomplish this since only one
> > router-interface is allowed.
> > >
> > > I thought configuring them in different loopback ports and then
> > configure multiple unnumered interfaces or trunk various VLANs but none of
> > this ideas seem possible as well.
> > > Anyone knows how can I accomplish this and can provide a brief config
> > example?
> > > Thank you in advance!
> > >
> > > --
> > > Best Regards,
> > > José
> > >
> >
> > . . . . . . . . . . . . . . . . . . . . . . . . .
> > Jethro R Binks, Network Manager,
> > Information Services Directorate, University Of Strathclyde, Glasgow, UK
> >
> > The University of Strathclyde is a charitable body, registered in
> > Scotland, number SC015263.
> > _______________________________________________
> > foundry-nsp mailing list
> > foundry-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/foundry-nsp
> >
>
. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks, Network Manager,
Information Services Directorate, University Of Strathclyde, Glasgow, UK
The University of Strathclyde is a charitable body, registered in
Scotland, number SC015263.
More information about the foundry-nsp
mailing list