ExtremeSwitching (EXOS)

Expand all | Collapse all

Vlan configuration issues

  • 1.  Vlan configuration issues

    Posted 09-07-2018 11:52
    I'm working on extreme summit x450 with exos 15.3.1.4. I am playing around with vlans and am having some issues. Here is my vlan configuration:

    configure vlan default delete ports all
    configure vr VR-Default delete ports 1:1-48, 2:1-48, 3:1-24
    configure vr VR-Default add ports 1:1-48, 2:1-48, 3:1-24
    configure vlan default delete ports 1:1-48, 2:1-48, 3:1-24
    create vlan "Data"
    configure vlan Data tag 1
    configure vlan Default tag 3000
    create vlan "test"
    configure vlan test tag 10
    create vlan "Voice"
    configure vlan Voice tag 100
    configure vlan Data add ports 1:3-48, 2:1-48, 3:1-3, 3:5-24 untagged
    configure vlan test add ports 1:48 tagged
    configure vlan test add ports 3:4 untagged
    configure vlan Voice add ports 1:3-48, 2:1-48 tagged
    configure vlan Voice add ports 1:1-2 untagged
    configure vlan Voice ipaddress 192.168.112.3 255.255.255.0
    enable ipforwarding vlan Voice
    configure vlan Data ipaddress 172.24.112.27 255.255.254.0
    enable ipforwarding vlan Data
    configure vlan test ipaddress 172.24.108.3 255.255.254.0
    enable ipforwarding vlan test
    configure ports 1:48 monitor vlan test
    configure ports 3:4 monitor vlan test

    At the other end of port 3:4 is a fortigate router with 172.24.108.1/23. We have a dhcp server at 172.24.112.18. If I ping 172.24.108.1 from 172.24.108.3 it works. If I ping 172.24.112.18 from 172.24.108.3 it fails. I can ping it from 172.24.112.27 and it works correctly. I'm not sure where else to look to try and get this working. Ultimately I want to have DHCP handing out 172.24.108 addresses.



  • 2.  RE: Vlan configuration issues

    Posted 09-07-2018 12:01
    Hi Jaren

    Do you have a gateway configured for that 172.24.112.x network?

    Thanks
    Brad


  • 3.  RE: Vlan configuration issues

    Posted 09-07-2018 12:14
    network diagram please


  • 4.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    In the switch?

    Here is my routing

    Ori Destination Gateway Mtr Flags VLAN Duration #s Default Route 172.24.112.251 1 UG---S-um--f- Data 15d:0h:10m:14s #d 172.24.108.0/23 172.24.108.3 1 U------um--f- test 0d:1h:43m:18s #d 172.24.112.0/23 172.24.112.27 1 U------um--f- Data 15d:0h:10m:23s #d 192.168.112.0/24 192.168.112.3 1 U------um--f- Voice 15d:0h:10m:23s Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP (ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext (e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2 (is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp (mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2 (oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM (r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown (*) Preferred unicast route (@) Preferred multicast route (#) Preferred unicast and multicast route Flags: (B) BlackHole, (b) BFD protection requested, (c) Compressed, (D) Dynamic (f) Provided to FIB, (G) Gateway, (H) Host Route, (L) Matching LDP LSP (l) Calculated LDP LSP, (3) L3VPN Route, (m) Multicast, (P) LPM-routing (p) BFD protection active, (R) Modified, (S) Static, (s) Static LSP (T) Matching RSVP-TE LSP, (t) Calculated RSVP-TE LSP, (u) Unicast, (U) Up MPLS Label: (S) Bottom of Label Stack Mask distribution: 1 default routes 2 routes at length 23 1 routes at length 24 Route Origin distribution: 3 routes from Direct 1 routes from Static Total number of routes = 4 Total number of compressed routes = 0 [/code]


  • 5.  RE: Vlan configuration issues

    Posted 09-07-2018 12:14
    Sadly, I don't know the best way to give you a network diagram which isn't super confusing.


  • 6.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    No, what default gateway address is set in the DHCP server = IP 172.24.112.18


  • 7.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    oh, 172.24.112.251


  • 8.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    When I put a system on the test vlan and assign it a static ip address on the 172.24.108 network and give the system a default gateway of 172.24.107.1, it works fine getting to all of the resources on the 112 network. But when I try to get a dchp address it fails because it doesn't know how to get to the 112 network so it has to be a routing issue on the switch right? I just can't for the life me figure out how to fix it. Assuming my logic in that it's a routing issue is correct



  • 9.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    Hi Jaren,

    The gateway offered in the dhcp offer needs to be in the same network as the offered IP address. So, make sure that the gateway IP set in the DHCP scope is in the 108 network instead of the 112.

    Thanks
    Brad


  • 10.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    Sorry, I just realized I mistyped in the previous response. The gateway I gave it was 108.1, not 107.1. And the gateway in the dhcp offer is the 108.1 gateway.


  • 11.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    There is no routing issue on the switch but on the rest of the network.

    You'd do 2 things....
    - add a route to the DHCP server if that is possible = 172.24.107.0/23 via 172.24.112.27
    - configure DHCP relay on the switch or the the DHCP requests from the clients will never reach the DHCP server because the server is in a different subnet


  • 12.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    Am I adding that route to the dhcp server on the switch?



  • 13.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    OK let's start from scratch...

    If a client is connected to the test VLAN he tx a DHCP request - that is a braodcast = works only in the same subnet.
    Because the DHCP server is in another subnet you'd need to configure the switch to forward the request to the IP of the server.

    # configure bootprelay vlan test add 172.24.112.18

    Now the packet could reach the server but we'd need to make sure that the server knows how to reach the 172.24.107.0/23 network.
    Because the default gw is set to 251 (not sure who that is) we add a static route.

    e.g. for a windows device go in the DOS window
    # route add 172.24.107.0 mask 255.255.254.0 172.24.112.27 -p

    Now the DHCP server will use .127 to reach the 172.24.107.0/23 network and it should work.


  • 14.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    Thank you, that worked, I had to enable bootprelay on the test and data vlan though.

    I'm confused as to why I had to add the static route to the dhcp server. The 112.251 gateway is the router, which is the router 108.1 is on, i.e. 108.1 is on port 16, 112.251 is on port 15. When there is no vlan involved and I gave my self a static 108 address, i could ping 112.18 just fine. What is about the vlan that all the sudden made it so that it didn't know where 108.0/24 is any more?



  • 15.  RE: Vlan configuration issues

    Posted 09-07-2018 12:15
    OK that is why a network diagram is helpful.

    In that case configure bootrelay on the router and not on the switch.

    If the router has a interface/IP in all VLANs then I'd remove all the ipforwarding because the router should do the routing between the LANs and not the switch.

    Just give the switch one IP in whatever VLAN you use as a mgmt VLAN for remote access.