Wired

last person joined: 18 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Routing issues Aruba 8320

Jump to Best Answer

mrtwentytwoFeb 13, 2019 04:31 PM

  • 1.  Routing issues Aruba 8320

    Posted Feb 13, 2019 12:08 PM

    I maybe doing something really stupid here but help me out please! My inter-vlan routing isnt working if thats even a thing in these 8320's!

     

    I have setup VSX, my ISL, all my VLANs, a VLAN interface on each switch and and active-active gateway which im using as my Default GW for each network. I have a MCLAG setup which is connected to a 2530 which has a trunk port with LACP enabled and all VLANS passing. When im untagged (access interface) say on VLAN 56 (my server network) on the 2530 or even the 8320's i can ping my own gateway but i cant ping say my ESXI host which is on VLAN 60 or any other gateway/vlan interface for that matter

     

    My routing table looks ok, my VLAN interfaces are all up, i can ping all my active-active gatways from both switches when connecting via console or the mgmt interface. Im not sure if im missing anything glaringly obvious with my vlanning... my brain is melting at the moment for various reasons!!

     

    for testing purposes

    My laptop vlan 56 int 1/1/47

    esxi host vlan 60 int 1/1/1

     

    routing table:

     

    THCORCSW001# show ip route

    Displaying ipv4 routes selected for forwarding

    '[x/y]' denotes [distance/metric]

    10.10.10.0/24, vrf default
    via 1/1/48, [0/0], connected
    10.10.10.1/32, vrf default
    via 1/1/48, [0/0], local
    192.168.55.0/24, vrf default
    via vlan55, [0/0], connected
    192.168.55.1/32, vrf default
    via vlan55, [0/0], local
    192.168.56.0/24, vrf default
    via vlan56, [0/0], connected
    192.168.56.1/32, vrf default
    via vlan56, [0/0], local
    192.168.59.0/24, vrf default
    via vlan59, [0/0], connected
    192.168.59.1/32, vrf default
    via vlan59, [0/0], local
    192.168.60.0/24, vrf default
    via vlan60, [0/0], connected
    192.168.60.1/32, vrf default
    via vlan60, [0/0], local
    192.168.61.0/24, vrf default
    via vlan61, [0/0], connected
    192.168.61.1/32, vrf default
    via vlan61, [0/0], local
    192.168.108.0/24, vrf default
    via vlan108, [0/0], connected
    192.168.108.1/32, vrf default
    via vlan108, [0/0], local

     

    Config:


    THCORCSW001(config)# sho running-config
    Current configuration:
    !

    !Version ArubaOS-CX TL.10.02.0010

    hostname THCORCSW001
    user admin group administrators password ciphertext AQBapfbSY1uzjZ/40WaQibGkyx/Gw9mKR0xhKwXS3vo9e+45YgAAAPCTkx45NoDXF1aBh6l5Kk27VUmlqMZ2P6sdRGgOUuQVrqwUpXCGgGbBjXeFRTuaXZwn5XrUm+ElP0XKK/EyV379ZWujHo1l+mPeKBw1uyg5uvIGag7kJG+wxIXm8ICPPAKR
    ntp enable
    !
    !
    !

    ssh server vrf mgmt
    !
    !
    !
    !
    !
    vlan 1
    vlan 55
    vsx-sync
    description PC/Laptops
    vlan 56
    vsx-sync
    description Servers
    vlan 57
    vsx-sync
    description iSCSI A
    vlan 58
    vsx-sync
    description iSCSI B
    vlan 59
    vsx-sync
    description Backup
    vlan 60
    vsx-sync
    description Management/ILO
    vlan 61
    vsx-sync
    description WiFi
    vlan 62
    vsx-sync
    description DMZ
    vlan 108
    vsx-sync
    description Printers
    interface mgmt
    no shutdown
    ip static 192.168.60.11/24
    default-gateway 192.168.60.254
    nameserver 192.168.108.226
    interface lag 1 multi-chassis
    vsx-sync vlans
    no shutdown
    no routing
    vlan trunk native 1
    vlan trunk allowed 55-56,59-61,108
    lacp mode active
    interface lag 128
    no shutdown
    no routing
    vlan trunk native 1 tag
    vlan trunk allowed all
    lacp mode active
    interface 1/1/1
    no shutdown
    no routing
    vlan access 60
    interface 1/1/33
    no shutdown
    lag 1
    interface 1/1/47
    no shutdown
    no routing
    vlan access 56
    interface 1/1/48
    description keep-alive interface
    no shutdown
    ip address 10.10.10.1/24
    interface 1/1/51
    no shutdown
    lag 128
    interface 1/1/54
    no shutdown
    lag 128
    interface vlan55
    vsx-sync active-gateways
    ip address 192.168.55.1/24
    active-gateway ip 192.168.55.254 mac 00:00:00:00:00:55
    interface vlan56
    vsx-sync active-gateways
    ip address 192.168.56.1/24
    active-gateway ip 192.168.56.254 mac 00:00:00:00:00:56
    interface vlan59
    vsx-sync active-gateways
    ip address 192.168.59.1/24
    active-gateway ip 192.168.59.254 mac 00:00:00:00:00:59
    interface vlan60
    vsx-sync active-gateways
    ip address 192.168.60.1/24
    active-gateway ip 192.168.60.254 mac 00:00:00:00:00:60
    interface vlan61
    vsx-sync active-gateways
    ip address 192.168.61.1/24
    active-gateway ip 192.168.61.254 mac 00:00:00:00:00:61
    interface vlan108
    vsx-sync active-gateways
    ip address 192.168.108.1/24
    active-gateway ip 192.168.108.254 mac 00:00:00:00:01:08
    vsx
    inter-switch-link lag 128
    role primary
    keepalive peer 10.10.10.2 source 10.10.10.1
    https-server vrf mgmt
    THCORCSW001(config)#

     



  • 2.  RE: Routing issues Aruba 8320

    Posted Feb 13, 2019 03:19 PM
    Is your ESX host configured to use VLAN 60 (so tagged)?


  • 3.  RE: Routing issues Aruba 8320

    Posted Feb 13, 2019 03:26 PM

    The management nic isn’t no as it’s untagged on 60. I did also make its interface a trunk native on vlan 1 tagged on 60 and tagged the ESXi mgmt interface on vlan 60, same behaviour. I was using it just as some form of host on the network thinking it’s some weird Aruba OS-CX thing where you can’t ping other gateways but you can hosts on other network.



  • 4.  RE: Routing issues Aruba 8320

    Posted Feb 13, 2019 04:23 PM

    Hi

     

    Can you ping the management ip address from your PC?

     

    Is there no default gateway (0.0.0.0/0 route on your 8320?

     

    Did you try it without the managment interface connected?

     

    Is Spanning-tree active in your network?

     

     

     

     



  • 5.  RE: Routing issues Aruba 8320

    Posted Feb 13, 2019 06:27 PM

    @mrtwentytwo wrote:

    Hi

     

    Can you ping the management ip address from your PC?

     

    Is there no default gateway (0.0.0.0/0 route on your 8320?

     

    Did you try it without the managment interface connected?

     

    Is Spanning-tree active in your network?

     

     

     

     


    By mgmt ip do you mean the switch mgmt interface? If so, yes i can ping the management IP and ssh to it if im also in a port that is only untagged on vlan 60 like the management interface is.

     

    It hasnt got a default route at the minute, it will be the customers firewall when in place on site. Does it need a default route out if i dont need to get to the internet or outside my core networks at the minute? I should still be able to route to the the other networks that are in my routing table right? which i cant.

     

    i havent tried it without the management interface.

     

    no spanning tree.



  • 6.  RE: Routing issues Aruba 8320

    Posted Feb 13, 2019 04:31 PM

    duplicate, sorry

     

     



  • 7.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 05:57 AM
    Hi, with your laptop on a port on vlan 56 (untagged), do you have your laptop's default gateway setup to 192.168.56.254?
    Also, do you have your default gateway on the esxi host to 192.168.60.254?
    If you connect your laptop on an untagged port on vlan 60, can you ping the managemen IP at 192.168.60.11? On that same vlan, can you ping your esxi host?


  • 8.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 05:57 AM
    Hi, with your laptop on a port on vlan 56 (untagged), do you have your laptop's default gateway setup to 192.168.56.254?
    Also, do you have your default gateway on the esxi host to 192.168.60.254?
    If you connect your laptop on an untagged port on vlan 60, can you ping the managemen IP at 192.168.60.11? On that same vlan, can you ping your esxi host?


  • 9.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 07:52 AM

    @danieltudares wrote:
    Hi, with your laptop on a port on vlan 56 (untagged), do you have your laptop's default gateway setup to 192.168.56.254?
    Also, do you have your default gateway on the esxi host to 192.168.60.254?
    If you connect your laptop on an untagged port on vlan 60, can you ping the managemen IP at 192.168.60.11? On that same vlan, can you ping your esxi host?

    That is correct. Im using the active gateways as my default gateway on all my hosts. If my devices are on the same VLAN (untagged) they can ping each other. If they're in a different vlan on a different network they cannot ping each other. Its as if my routing table is non existent and its just dropping the packet as there is no default route or anything. I mean im just trying to create some simple inter-vlan routing, how hard can it be!?



  • 10.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 07:55 AM
    Hi

    Did you try:

    Different software?
    Only one core active?(sketch off one core)
    Add a default route?


  • 11.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 07:58 AM

    @mrtwentytwo wrote:
    Hi

    Did you try:

    Different software?
    Only one core active?(sketch off one core)
    Add a default route?

    Sorry what do you mean by different software?

     

    I've got a simple vigor router out which im going to setup to simulate the customers firewall and make it the default route for the switch. Still i didnt think id need to do this to get inter-vlan routing working.



  • 12.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 08:00 AM

    Hi

     

    You are running 10.02.0010. did you try 10.02.0001?

     

     



  • 13.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 08:02 AM

    @mrtwentytwo wrote:

    Hi

     

    You are running 10.02.0010. did you try 10.02.0001?

     

     


    I was running that, but i upgraded to the latest as support told me to because the serial port was faulty, in the end it was hardware related. Ive only ever used 10.02.00010 when ive had VSX and vlan interfaces in play.



  • 14.  RE: Routing issues Aruba 8320
    Best Answer

    Posted Feb 14, 2019 11:45 AM

    as per always this issue was something really stupid. My laptop was doing some weird routing. From the esxi host i could ping every gateway and even my laptop... once id turned the windows firewall off. Derp!



  • 15.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 02:32 PM

    Hi

     

    Thanks for the update!

     

     



  • 16.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 07:56 AM
    Hi

    How is the vsx status?


  • 17.  RE: Routing issues Aruba 8320

    Posted Feb 14, 2019 07:59 AM

    @mrtwentytwo wrote:
    Hi

    How is the vsx status?

    All looks good. Both primary and secondary are in sync and active.

     

    Im not at the switches right now or i would post the results 



  • 18.  RE: Routing issues Aruba 8320

    Posted Feb 16, 2019 06:45 AM
    There is something I don't quite understand. The interface mgmt should be isolated as ArubaosCX use the vrf mgmt for the management plane which should be isolated but yet you say that from any access port on vlan 60 you can ping 192.168.60.11?. You have an overlapping range 192.168.60.0/24 both on the management and your routing table but that shouldn't matter as they are in different vrf. Not sure if this is related, maybe if you try changing your mgmt IP to remove the overlapping?


  • 19.  RE: Routing issues Aruba 8320

    Posted Feb 16, 2019 07:27 AM
    Hi

    It is already solved. I think the management interface in connected to a port I tagged in vlan 60. So it is isolated only connected through a wire