Comware

 View Only
last person joined: yesterday 

Back to discussions
Expand all | Collapse all

HPE Router - IP addressing

This thread has been viewed 3 times

  • 1.  HPE Router - IP addressing

    Posted Oct 28, 2021 07:28 PM

    My question pertains to active active or active passive firewalls and or servers.

    Take for example a Cisco router.  Each physical interface is programed with a unique IP address.  That physical interface may have subinterfaces, however those subinterfaces are a seperate network.  You can not program the same IP address on two interfaces.

    Now take for example an HPE Aruba 5412 ZL2 with routing.  You can program the VLAN in the switch and tag/ untag ports to that VLAN as you like. 

    From a cisco standpoint you would have to use a layer 2 switch in between the router and firewalls.

    My questions are:  If you have a firewall cluster (both firewalls have same IP address) can you plug those firewalls into an HPE switch configured wtih routing or would that be problematic? 

    Another example would be you have 2 servers configured as a failover, both servers use the same IP address. 

    Could those be plugged into an HPE 5412 ZL2 confifured with routing? 

     


    #Aruba
    #Switch_Router_Interconnect


  • 2.  RE: HPE Router - IP addressing

    EMPLOYEE
    Posted Oct 29, 2021 04:56 AM

    Hello @ABZ78 ,

    I am not expert in Firewalls but as per my understanding same IP cannot be configured.

    Virtual IP (VRRP) is the expection used for HA.

    "My questions are:  If you have a firewall cluster (both firewalls have same IP address) can you plug those firewalls into an HPE switch configured wtih routing or would that be problematic? "  --It depends how you are connecting both firewalls  to switch.? I believe same IP cannot be used.

    "Another example would be you have 2 servers configured as a failover, both servers use the same IP address. " -- How you are connecting these servers to switch? Teaming or Bonding would be on server side. I believe same IP cannot be used.

     

    Thanks!



  • 3.  RE: HPE Router - IP addressing

    Posted Oct 29, 2021 06:07 AM

    The firewalls are in an active passive HA.  So yes they both share same IP.  Sorry I missed that part origianly in my explanation.

    The servers simply have static IPs and are on thier own 10GB fibre connections. No teaming, etc. 

    Right now both firewall and servers are passing into a 5412 ZL2 which is configured with NO routing. 

     

    I guess another way to ask is:  If you create the following on an HP 5412 ZL2 configured with routing which interface is the ip address assigned to?   On a cisco you would assign this to say the interface itself. 

    VLAN 5
    ip address 10.1.1.1 255.255.255.0
    untagged A1-A10

     



  • 4.  RE: HPE Router - IP addressing

    EMPLOYEE
    Posted Oct 29, 2021 11:51 AM

    Hello @ABZ78,

    Here you have configureed SVI on VLAN 5 and interface A1-A10 mapped with VLAN5 as access port.

    One more thing, Tagged=Trunk and Untagged=Access port in Aruba/Procurve switches.

    Thanks!