cancel
Showing results for 
Search instead for 
Did you mean: 

vlan configuration for routing unable to ping own subnet

vlan configuration for routing unable to ping own subnet

Rasheed_Folami
New Contributor II
Hi guys, First of all, I'm really new to this and have been stumbling through to figure out a nagging issue

We created 4 VLANs with corresponding Virtual Routers (as well as separate subnets) in our brand new environment (Users,Server, Lab,Phone). One of our VLANs ("User") is the only one currently utilized. It is on a 10.1.15.x subnet (part of a B5 stack) seems to be restricting certain computers from accessing the internet. Most of the other client computers (on same subnet) are able to access the network and internet, with the exception of a few. The VLANs were setup last weekend, and I believe it may be a configuration issue.

The affected clients receive IP via DHCP and are able to get IPs;

IP: 10.1.15.x
Subnet Mask: 255.255.255.0
Gateway: 10.1.15.254

but are unable to ping the internal VLAN gateway (10.1.15.254). They can ping any IP on the same subnet (and vice versa) but are unable to ping any other IP on other subnet (the unnafected computers on same subnet are able to ping other subnets just fine, and have no problems connecting to internet).

I suspect some sort of MAC blocking?? It happens no matter what active port i try them on.

Any assistance in troubleshooting is hugely appreciated. We have had no luck figuring it out.

12 REPLIES 12

Straw__Glyn
Extreme Employee
Glad you are sorted Rasheed. Have a good day.

Glyn

Rasheed_Folami
New Contributor II
Thank you Glyn! Good stuff. It works now. The ports were not enabled for lacp. All set now.

Straw__Glyn
Extreme Employee
Hi Rasheed,

If you are connecting to another C5 you should not use static lags.

Here is a recommendation of how to configure LACP on a securestack ( ports are examples ). Clear the static lag configuration first.

LACP configuration for link aggregation
  • LACP is enabled globally but disabled per port (on most current products).
  • Use the default dynamic lacp in most cases and simply configure the aadminkey to a fixed figure manually to control the association after reboot.
  • example config below is all that is needed to get a lag up if both ends run lacp
    • set lacp aadminkey lag.0.10 10 set port lacp port ge.1.1 aadminkey 10 set port lacp port ge.1.2 aadminkey 10 set port lacp port ge.1.1-2 enable
- Don't forget to enable lacp on the ports.
- Don't forget that you will need to egress the required vlans over the logical lag port ( lag.0.x )also as the member ports become a part of a lag. This could be why you are not getting the vlans across the lonk to the gateway. Try this and let us know how you get on. If you still have problems a diagram of what you are trying to acheive and where the gaetway is would be useful. Also , here is an article with L2 best practises for EOS .

https://gtacknowledge.extremenetworks.com/articles/How_To/EOS-Basic-Switch-Layer-2-Configuration-Bes...

Rasheed_Folami
New Contributor II
Jeremy,
My apologies; I should have mentioned this earlier.

One switch room services 1 part of the building, while the other switch room services the other parts.

tg.1.50 and tg.2.50 are Gigabit fiber connections on an b5 stack of 2 switches, to another B5 stack of 4 switches (same ports; tg.1.50, tg.2.50) in another server room in the building. And Extreme is doing the routing.

The problem seems to be prevalent on one part of the building, meaning it could be the configs on the switches in that room. I traced back to the other switch room and I can get out to the internet on that switch.

I think the problem is with Link Aggregation between both stacks. From what i read its not enabled on the ports by default on the B5 switches. When I run "set lacp enable" and "show lacp" on the affected stack, I get the following;

B5(su)->set lacp enable
B5(su)->show lacp
Global Link Aggregation state: enabled
Single Port LAGs: disabled

Aggregator: lag.0.1
Actor Partner
System Identifier: D8:84:66:17:30:B7 00:00:00:00:00:00
System Priority: 32768 0
Admin Key: 1
Oper Key: 1 0
Attached Ports: None.

Aggregator: lag.0.2
Actor Partner
System Identifier: D8:84:66:17:30:B7 D8:84:66:17:23:CD
System Priority: 32768 32768
Admin Key: 32768
Oper Key: 32768 32768
Attached Ports: tg.1.50
tg.2.50

Aggregator: lag.0.3
Actor Partner
System Identifier: D8:84:66:17:30:B7 00:00:00:00:00:00
System Priority: 32768 0
Admin Key: 32768
Oper Key: 32768 0
Attached Ports: None.

Aggregator: lag.0.4
Actor Partner
System Identifier: D8:84:66:17:30:B7 00:00:00:00:00:00
System Priority: 32768 0
Admin Key: 32768
Oper Key: 32768 0
Attached Ports: None.

Aggregator: lag.0.5
Actor Partner
System Identifier: D8:84:66:17:30:B7 00:00:00:00:00:00
System Priority: 32768 0
Admin Key: 32768
Oper Key: 32768 0
Attached Ports: None.

Aggregator: lag.0.6
Actor Partner
System Identifier: D8:84:66:17:30:B7 00:00:00:00:00:00
System Priority: 32768 0
Admin Key: 32768
Oper Key: 32768 0
Attached Ports: None.

So I'm suspecting its not seeing the other stack as a partner on those ports (tg.1.50 & tg.2.50).

I tried using the following command to set it as a partner but it didn't work;

B5(su)->set lacp static lag.0.2 key 1 tg.1.50

Issuing :
set lacp static lag.0.2
set lacp aadminkey lag.0.2 1
set port lacp port tg.1.50 aadminkey 1
set port lacp port tg.1.50 disable

B5(su)->set lacp static lag.0.2 key 1 tg.2.50

Issuing :
set port lacp port tg.2.50 aadminkey 1
set port lacp port tg.2.50 disable

HELP!

GTM-P2G8KFN