Header Only - DO NOT REMOVE - Extreme Networks
Question

routing via interface on extreme 670, xos 15.3


Hi,

On some linux server i have routing via interface:

ifconfig eth0 10.10.20.1/24
route add -net 10.10.10.0/24 dev eth0

I'd like do the same on extreme 670, but i can't

something like this:
configure vlan999 ipaddress 10.10.20.1/24
configure iproute add 10.10.10.0/24 vlan999

Is there some trick or other way to get this kind of functionality ? second/multi addresses on interface has some cons for me..

thanks for help,
greetings
Peter

5 replies

Userlevel 4
you have to enable ipformwarding command on vlan vlan999 in order to send traffic between the vlans.

Mentioned the gateway address instead of vlan name as shown below,

configure iproute add 10.10.10.0/24 10.10.20.1
Hmm, still doesn't work. I don't see any packets on server with ip 10.10.10.88

I have:
configure vlan vlan999 ipaddress 10.10.20.1 255.255.255.255
enable ipforwarding vlan vlan999
configure access-list test_vlan999 vlan "vlan999" ingress
configure access-list test_vlan999 vlan "vlan999" egress
configure iproute add 10.10.10.0 255.255.255.0 10.10.20.1

sho iproute:
#s 10.10.10.0/24 10.10.20.1 1 U----S-um--f- vlan999 6d:2h:4m:11s

# show access-list counter
Policy Name Vlan Name Port Direction
Counter Name Packet Count Byte Count
==================================================================
test_vlan999 vlan999 * ingress
a1-in 74
a1-out 0


entry a1-in {
if match all {
source-address 10.10.10.88/32 ;
}
then {
log ;
permit ;
count a1-in ;
}
}

entry a1-out {
if match all {
destination-address 10.10.10.88/32 ;
}
then {
log ;
permit ;
count a1-out ;
}
}
Userlevel 4
To see the egress ACL counter use the command "show access-list counter egress".

Confirm the ARP and FDB has properly learnt on port.
show ARP 10.10.10.88
show fdb
Check your netmask in vlan 999 and you need to have second vlan with network 10.10.10.0/24.
There is correct fdb entry but there is no iparp entry for this ip address.

show iproute "vlan999"
Ori Destination Gateway Mtr Flags VLAN Duration
#s 10.10.10.0/24 10.10.20.1 1 U----S-um--f- vlan999 9d:10h:39m:17s
d 10.10.20.1/32 10.10.20.1 1 -------um---- vlan999 3d:9h:27m:48s

as i said before: second/multi addresses on interface has some cons for me and i looking another solution.

Reply