Wireless Access

 View Only
last person joined: yesterday 

Back to discussions
Expand all | Collapse all

[Aruba 3810] can't access/ping VLAN and APIPA for LLDP

This thread has been viewed 18 times

  • 1.  [Aruba 3810] can't access/ping VLAN and APIPA for LLDP

    Posted Sep 13, 2021 09:53 AM

    Hello,

    I 'm new to Aruba and have a problem with Aruba-3810M-16SFPP that has multiple VLAN, and suddenly VLAN 2(port 2) can not be pinged or access form other VLAN in the switch! 

    I check the LLDP and found the device in port 2 has a APIPA address! not the IP address that it was assigned to it! 

    Is that normal!  why I have two ports with the same number? and how can I fix it, will a quick reboot for both switches fix the issue?

    Thanks

    here's the run-config 

    ; JL075A Configuration Editor; Created on release #KB.16.04.0008
; Ver #10:9b.7f.bf.bb.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:81

hostname "Aruba-3810M-16SFPP-2-slot"
module 1 type jl075x
module 2 type jl075y
module 3 type jl075z
timesync ntp
no sntp
ntp unicast
ntp server 192.168.1.7 iburst
ntp enable
time daylight-time-rule continental-us-and-canada
ip default-gateway 10.1.1.2
ip route 10.2.0.0 255.255.0.0 10.1.1.2
ip route 10.3.0.0 255.255.0.0 10.1.1.2
ip route 10.4.0.0 255.255.0.0 10.1.1.2
ip route 10.5.0.0 255.255.0.0 10.1.1.2
ip route 10.6.0.0 255.255.0.0 10.1.1.2
ip route 10.7.0.0 255.255.0.0 10.1.1.2
ip route 10.10.0.0 255.255.0.0 10.1.1.2
ip routing
snmp-server community "public" unrestricted
snmp-server location "Top of rack server room"
oobm
   ip address dhcp-bootp
   exit
vlan 1
   name "DEFAULT_VLAN"
   no untagged 1,3
   untagged 2,4-16
   ip address 192.168.0.130 255.255.254.0
   exit
vlan 2
   name "PLC Network"
   untagged 3 
   ip address 192.168.2.1 255.255.255.0
   exit
vlan 3
   name "MPLS"
   untagged 1
   tagged 15
   ip address 10.1.1.1 255.255.255.0
   exit
vlan 5
   name "Test"
   no ip address
   exit
vlan 10
   name "Servers"
   ip address 10.1.10.1 255.255.255.0
   exit
vlan 20
   name "Security"
   ip address 10.1.20.1 255.255.255.0
   exit
vlan 30
   name "Printers"
   ip address 10.1.30.1 255.255.255.0
   exit
vlan 40
   name "PLC"
   ip address 10.1.40.1 255.255.255.0
   exit
vlan 90
   name "Voice"
   ip address 10.1.90.1 255.255.255.0
   exit
vlan 100
   name "Wired Internal Users"
   ip address 10.1.100.1 255.255.255.0
   exit
vlan 110
   name "Wireless Internal Users"
   ip address 10.1.110.1 255.255.255.0
   exit
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
activate software-update disable
activate provision disable
password manager


    ------------------------------
    Bruce Gendy
    ------------------------------


  • 2.  RE: [Aruba 3810] can't access/ping VLAN and APIPA for LLDP

    MVP GURU
    Posted Sep 14, 2021 09:07 AM
    Hello Bruce, please report the output of show vlan port ethernet 3 details CLI command on your Aruba 3810M (it shows the VLAN memberships of physical port 3): from posted running configuration, the Aruba 3810M's port 3 should be untagged member of VLAN 2 which is your "PLC Network", that port 3 looks point-to-point connected to a downstream Switch (is it a legacy Netgear ProSAFE M4100-12GF (GSM7212F) Layer 2+ Managed Gigabit Switch? if so the link should be running at 1Gbps probably using supported SFP Transceivers on both ends).

    Is the peer port used on the Netgear switch matching the VLAN membership of port 3 on Aruba 3810M? in other words, is the Netgear M4100-12GF's port 0/10 untagged member of VLAN 2?

    Since the Aruba 3810M has IPv4 Routing enabled (ip routing) the Default Gateway IP setting is ignored and you should have just one Route of Last Resort (destination 0.0.0.0 mask 0.0.0.0 via 10.1.1.2) to address to your Next Hop Gateway all packets with an external destination as target (connected VLANs are routed by the switch itself and destinations segments 10.x.0.0 with x=2, 3, 4, 5, 6, 7 and 10 - being non local - will be routed via the RoLR to the 10.1.1.2 as it's now):

    ip default-gateway 10.1.1.2
ip route 10.2.0.0 255.255.0.0 10.1.1.2
ip route 10.3.0.0 255.255.0.0 10.1.1.2
ip route 10.4.0.0 255.255.0.0 10.1.1.2
ip route 10.5.0.0 255.255.0.0 10.1.1.2
ip route 10.6.0.0 255.255.0.0 10.1.1.2
ip route 10.7.0.0 255.255.0.0 10.1.1.2
ip route 10.10.0.0 255.255.0.0 10.1.1.2
ip routing
    Worth to note that Aruba 3810M's VLANs 10, 20, 30, 40, 90, 100 and 110 - although set with a SVI (10.1.x.1 with x=10, 20, 30, 40, 90, 100 and 110) - have no member ports, these are probably in a testing/under-construction phase.

    I don't see anything about DHCP relay...it seems you implied that Netgear switch received its IP address on/through VLAN 2 via DHCP...if so there is something to be adjusted. If, on the contrary, the Netgear switch has lost its static IP Addressing on VLAN 2...then you need to dig into its configuration (the software image is quite old compared to latest available and the very same could be said also for the ArubaOS-Switch software version of your Aruba 3810M, I believe it is KB.16.04.0008...). 


    ------------------------------
    Davide Poletto
    ------------------------------

    Original Message


  • 3.  RE: [Aruba 3810] can't access/ping VLAN and APIPA for LLDP

    Posted Sep 16, 2021 10:50 AM

    Hi Davide, Thanks for you respond 
    FYI:- I wasn't who build this network. I just got that new job the last month, and now I'm working on getting my head around it. any advice on how to fix his network would be appreciated.

    Here's the output of the command:

    Aruba-3810M-16SFPP-2-slot# show vlans ports ethernet 3 detail

 Status and Counters - VLAN Information - for ports 3

  VLAN ID Name                 | Status     Voice Jumbo Mode
  ------- -------------------- + ---------- ----- ----- --------
  2       PLC Network          | Port-based No    No    Untagged

    Also: here's the interface. 

    Aruba-3810M-16SFPP-2-slot# show interfaces brief 3

 Status and Counters - Port Status

                          | Intrusion                           MDI  Flow Bcast
  Port         Type       | Alert     Enabled Status Mode       Mode Ctrl Limit
  ------------ ---------- + --------- ------- ------ ---------- ---- ---- -----
  3            1000T-SFP  | No        Yes     Up     1000FDx    NA   off  0


    you are right about those VLANs, they are in a testing phase without any purpose at least for now.

    As for DHCP; I know that most of the other neighbor switches are using DHCP/Bootp(Bootstrap) - I'm not sure why the network was designed like that! But i'm planning to change that to a windows server DHCP.



    We can ping VLAN2(Port3) now, removing the "Untagged 3" command, and put it back did the trick! but I'm still not sure why! 

    Thanks for you help.




    ------------------------------
    Bruce Gendy
    ------------------------------

    Original Message