Subvlan not accessible across switches
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-25-2014 11:39 AM
Hi, I have two switches connect by a 3 port grouping. On each side, there is a vlan called Dedicated and the group is tagged 200 on each side.
One switch is an X450a-48t, this is connected to the outside world and has other networks etc. connected to it. The second switch is an X440-48t which is only connected via the 3 port group to the X450a-48t.
I have configured the IP address of the "Dedicated" vlan on the X440 side with an IP address x.x.x.1/24, this IP is pingable and accessable from the internet.
This "Dedicated" vlan is set up as a supervlan on the X440. I have a subvlan configured called "subvlan1" which is a subvlan of "Dedicated". "subvlan1" is set as a loopback vlan and has a server connected to it.
I have configured addresses from the x.x.x.0/24 range of the supervlan on the server, but the server has no external access past the gateway x.x.x.1/24. I can ping the gateway, but nothing beyond it.
The X450 also cannot ping the address of the server.
I am looking for help in getting the server connected to the subvlan to be accessable past the gateway. Can anyone help?
I can remove the server from the subvlan and connect it directly to the "Dedicated" vlan, and it works perfectly. However I want to be able to use the subvlan-address-range feature to restrict IP access on the server if possible.
Thanks.
One switch is an X450a-48t, this is connected to the outside world and has other networks etc. connected to it. The second switch is an X440-48t which is only connected via the 3 port group to the X450a-48t.
I have configured the IP address of the "Dedicated" vlan on the X440 side with an IP address x.x.x.1/24, this IP is pingable and accessable from the internet.
This "Dedicated" vlan is set up as a supervlan on the X440. I have a subvlan configured called "subvlan1" which is a subvlan of "Dedicated". "subvlan1" is set as a loopback vlan and has a server connected to it.
I have configured addresses from the x.x.x.0/24 range of the supervlan on the server, but the server has no external access past the gateway x.x.x.1/24. I can ping the gateway, but nothing beyond it.
The X450 also cannot ping the address of the server.
I am looking for help in getting the server connected to the subvlan to be accessable past the gateway. Can anyone help?
I can remove the server from the subvlan and connect it directly to the "Dedicated" vlan, and it works perfectly. However I want to be able to use the subvlan-address-range feature to restrict IP access on the server if possible.
Thanks.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-26-2014 09:30 PM
I have figured it out. I needed to route between the 2 switches.
X450, assign x.x.x.1/24 IP on the vlan Dedicated
X440, assign x.x.x.2/24 IP on the vlan Dedicated
add iproute to X440:
configure iproute add default x.x.x.1
X450, assign x.x.x.1/24 IP on the vlan Dedicated
X440, assign x.x.x.2/24 IP on the vlan Dedicated
add iproute to X440:
configure iproute add default x.x.x.1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-26-2014 08:35 PM
Just discovered I had a misconfiguration, I had the ip x.x.x.1/24 assigned on both sides of the grouping. I have now deleted the assignment on the X450 side, and it is only assigned on the X440 side as I stated above.
Now each side cannot communicate with eachother at all.
Can anyone offer any guidance?
Now each side cannot communicate with eachother at all.
Can anyone offer any guidance?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-26-2014 08:23 PM
Here is what I have:
X450 - Vlan named Dedicated tagged 200 with connection of 3 links grouped to the X440
X440 - Vlan named Dedicated tagged 200 with connection of 3 links grouped to the X450
- Vlan Dedicated has ip interface assigned x.x.x.1/24
- Vlan Dedicated is supervlan, subvlan1 is loopback subvlan of Dedicated
- Server connected to subvlan1 has ip assigned x.x.x.2
x.x.x.1 IP is accessable on X450 and X440 sides.
The x.x.x.2 ip is not accessable on the X450 side, server with ip x.x.x.2 cannot access to the X450 side.
X450 - Vlan named Dedicated tagged 200 with connection of 3 links grouped to the X440
X440 - Vlan named Dedicated tagged 200 with connection of 3 links grouped to the X450
- Vlan Dedicated has ip interface assigned x.x.x.1/24
- Vlan Dedicated is supervlan, subvlan1 is loopback subvlan of Dedicated
- Server connected to subvlan1 has ip assigned x.x.x.2
x.x.x.1 IP is accessable on X450 and X440 sides.
The x.x.x.2 ip is not accessable on the X450 side, server with ip x.x.x.2 cannot access to the X450 side.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-26-2014 08:14 PM
Hi, The X440 has the ip subnet x.x.x.1./24 assigned on it's side, the X450 has no ip assigned on its side of the link. The x.x.x.1 gateway is reachable on both side, but anything on the subvlan's on the X440 side are not accessable.
The server connected to the X440 side in subvlan1 is assigned the IP x.x.x.2, but it can't access outside the gateway of x.x.x.1, trying to ping x.x.y.1 returns "destination unreachable".
I have ip forwarding enabled on all vlan's, apart from the subvlan's, because they need an IP address assigned to have ipforwarding enabled.
My switch only has an Edge license, so I don't have ospf, I am not sure of it's functionality.
Do you have any other suggestions?
The server connected to the X440 side in subvlan1 is assigned the IP x.x.x.2, but it can't access outside the gateway of x.x.x.1, trying to ping x.x.y.1 returns "destination unreachable".
I have ip forwarding enabled on all vlan's, apart from the subvlan's, because they need an IP address assigned to have ipforwarding enabled.
My switch only has an Edge license, so I don't have ospf, I am not sure of it's functionality.
Do you have any other suggestions?
