ExtremeSwitching (EXOS)

Expand all | Collapse all

VLAN Routing - interVLAN works but external Gateway is not accessable from Client

  • 1.  VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:21

    Hi,

    I have some problems with routing. I hope you can help me quickly.

    [i]

    Thats my iprouting table

    [i]

    Ori Destination Gateway Mtr Flags VLAN Duration
    #s Default Route 192.168.100.1 1 UG---S-um--f- Haus 0d:0h:43m:26s
    #d 192.168.21.0/24 192.168.21.244 1 U------um--f- Video 0d:2h:42m:48s
    #d 192.168.22.0/24 192.168.22.244 1 U------um--f- Control 0d:2h:42m:32s
    #d 192.168.23.0/24 192.168.23.244 1 U------um--f- Internet 0d:3h:5m:5s
    #d 192.168.100.0/24 192.168.100.244 1 U------um--f- Haus 0d:3h:5m:5s
    [i]

    My vlan table

    [i]

    -----------------------------------------------------------------------------------------------
    Name VID Protocol Addr Flags Proto Ports Virtual
    Active router
    /Total
    -----------------------------------------------------------------------------------------------
    Control 42 192.168.22.244 /24 ------------T-----P--------- ANY 1 /8 VR-Default
    control_eaps1 3333 --------------------------------------C--------- ANY 1 /2 VR-Default
    Default 1 ------------------------------------------------ ANY 0 /0 VR-Default
    Haus 44 192.168.100.244/24 -f----------------P--------- ANY 2 /3 VR-Default
    Internet 43 192.168.23.244 /24 -f----------T-----P--------- ANY 3 /7 VR-Default
    Mgmt 4095 192.168.1.10 /24 ---------------------------- ANY 0 /1 VR-Mgmt
    Video 41 192.168.21.244 /24 ------------T-----P--------- ANY 1 /14 VR-Default
    -----------------------------------------------------------------------------------------------


    My PC is in the VLAN Internet with following settings

    [i]

    IP: 192.168.23.11/24

    GW: 192.168.23.244

    DNS 192.168.100.1

    In the network Haus works all fine. Here is Gateway connected. The VLAN inter Routing is aktivates for vlan internet and Haus. Ping from internet vlan to haus vlan works fine. But i can´t reach the gateway 192.168.100.1. I make a default gateway entry in the iproute Table.

    When I ping a adress in the net like 8.8.8.8 from the switch it works.

    What make I wrong? I will be happy for a fast answer.







  • 2.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:28
    Looks like you miss the return route on 192.168.100.1.

    Not sure what device that is but you need this route in it....
    192.168.23.0/24 via 192.168.100.244


  • 3.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    Hi,
    it is a simple RedLion UMTS Router for testing. When plug in the vlan44 and set 192.168.100.10/24 gw 1 all works. But when i use the Switch as Gateway, i can´t ping adresses in the internet. I think a entry in routing table on switch is missing.



  • 4.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    Nope...... let's break it down ...

    If the client 192.168.23.11 in VLAN#43 pings 192.168.100.1 the following happens...
    - the packets is forwarded to his gw (=switch 192.168.23.244)
    - the switch has a default route (=UMTS router) and tx it to 192.168.100.1
    - the UMTS router likes to tx the echo reply and looks into his routing table to find a route to 192.168.23.0/24
    - as he has no route to this network he is not able to tx the packet and discards it

    You must make the UMTS router aware of this other networks that like to reach the internet by adding static routes.

    I'm not sure whether the GUI of the UMTS router allows it or whether your ISP could configure it for you or maybe it's not possible at all.

    I've a similar setup@home - instead of UMTS I've a cable modem - because the modem doesn't allow route entries I've connected a firewall behind it to do NAT and the routing.


  • 5.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    Little error ....the UMTS router will tx the packet out to the ISP router as that is (normaly) his default gateway - the ISP router will disard the packet as he has no route to the private address range.


  • 6.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    I think you idea is not so wrong. But i also have the Problem in VLAN43 (192.168.100.x). And from Switch (X440G2) i can ping the internet and get a response. But when I use X440 as Gateway on the host,


  • 7.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    i didn´t work anymore


  • 8.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    If you ping from the X440 then the switch uses 192.168.100.244 as the source address for the ping = as the router knows the subnet (directly connected) he is able to return the echo reply.

    You'd try it with the below commands = set the source IP for the ping

    should work = ping with source from VLAN#44
    #ping 8.8.8.8 from 192.168.100.244

    will not work = ping with source from VLAN#43
    #ping 8.8.8.8 from 192.168.23.244



  • 9.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    Oh sorry i write the false VLAN ID in the last post. But you are right. Ping from 100 works and from 23 not.



  • 10.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    I can make static routes in my ISP Router. I can create a route from a network to gateway. Also i must make a entry from 192.168.23.0 to GW 192.168.23.244 ?


  • 11.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    sorry for non-German speakers....

    du musst nur routen anlegen fuer netze die ins internet wollen UND hinter dem switch sind = alle ausser vlan#44

    die oberfleaeche sieht vermutlich so aehnlich aus....



    d.h. das netz plus mask und dann ueber welchen next hop = bei dir dann fuer alle die IP 192.168.100.244 (=switch IP interface im vlan#44)



  • 12.  RE: VLAN Routing - interVLAN works but external Gateway is not accessable from Client

    Posted 08-17-2018 08:42
    Wow, cool it works. Big thanks to you!!! I think allways in one direction, but you has right. the other gateway needs also the route!

    Have a nice weekend!!!