This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IP connectivity

IP connectivity

Danial_Jalil
New Contributor

‎10-14-2016 10:23 AM

I am trying to connect switch using management port. The ip assigned to management port can be pinged but when i ping the default gateway it is not pingable.. that is switch is not reachable. Please tell me how to solve the problem.

0 Kudos
13 REPLIES 13

Danial_Jalil
New Contributor

‎10-17-2016 06:47 AM

It worked. Thanks Guys..
0 Kudos

Ryan_Mathews
Extreme Employee
In response to Danial_Jalil

‎10-17-2016 06:47 AM

Great news Danial and well done.

This is a pretty common stumbling block for folks with EXOS. In the interest of helping those in the future that may read this thread, how did you sort it out?
0 Kudos

Stephane_Grosj1
Extreme Employee

‎10-14-2016 06:17 PM

To illustrate Daniel's comment:

if you ping an IP address without specifying the VR, you are in VR-Default (front panel ports).
if you do a download image on the same IP, still without specifying the VR, you are in VR-Mgmt.

So it is doable to ping a server (tftp) and not able to download if you are not paying attention to the VR.

I'd like to see a "show vlan", examples of your commands to ping and download image, and sh conf rtmgr.

0 Kudos

dflouret
Extreme Employee

‎10-14-2016 03:35 PM

Some basics are in order here.

EXOS supports a Management Virtual Router (vr-mgmt)) to which ONLY the mgmt vlan and port belong. This can't be changed. It also supports a Default Virtual Router (vr-default) to which the the default vlan and all the front ports belong.

It is NOT POSSIBLE to pass traffic between vlans belonging to these two VR's. The whole point of having a separate dedicated mgmt port is security. In security-conscious environments (an ISP, for example) all management is done exclusively through a private vlan that can't be reached by public vlans and external customers. This separation is fundamental to avoid attacks to the switches. Another advantage is that if a denial-of-service attack is crippling the public vlans and ports, the manager still has a separate protected network to manage the switches and combat the DoS attack.

There are separate routing tables for each VR, each one containing a default route or static routes. If you are managing the switch through the management port, you must make sure there's a route from the management port IP address to the IP address of the FTP/TFTP server, or the workstations you are using to manage it, if they are in different subnets. You must also be careful because commands such as ping, tftp get/put, or upgrade allow to specify through which VR the command will communicate with the network.
0 Kudos
GTM-P2G8KFN