Comware

Hello,
I would like to start using the vlan features on our HP 2524's with our 6509. We have about 50 vlans which are generally split up by department. Some departments are in the same building and so it would be nice for the HP's to handle multiple departments traffic. I have tried to set this up before but didn't have much luck. I have configured the 6509 to trunk port 5/17 which origianlly carried vlan 41 traffic and as an experiment I added vlan 40 to that trunk. I set it to "set trunk 5/17 on dot1q" because I don't know if the HP's know the desiarable feature from Cisco. On the HP I have added the additional vlan 40 with 802.1q ID = 40 (Is that right?) I tried it with an ip address and with out but don't know which to do. Do I have to tag every port that will carry a different vlan other than the default or can I just tag the uplink which will carry the multiple vlans. Has anyone else been able to set this up and if so how did you do it? Ultimanly I want anyone that pluggins into a particluar port to be assigned the ip address of the vlan they should be in so I figured that might mean I have to tag all the ports....Could someone explain this a little better....Thanks

Hi.

Let's see if I can clarify this for you a little bit.

First of all, note that what HP calls "trunking" has nothing whatsoever to do with VLANs, it's Ling Aggregation. HP talks about VLAN tagging.

Assume that you have 2 VLANs configured to the 2524: VLAN 1 with ports 1 - 10 and VLAN 2 with ports 11 - 20. All these ports must be UNTAGGED for the VLAN they belong to and NO for the other VLAN.

HP VLANs are strictly port-based, so any device you connect to port 5 will automatically be a member of VLAN 1. The devices in different VLANs must be in different subnets, however, say you have VLAN 1 devices in 10.10.1.0 and VLAN 2 devices in 10.10.2.10. I actually don't know what happens if you connect a device with VLAN 1 IP address to VLAN 2 port... maybe that's something to be tested tomorrow :-) You shouldn't do it, anyway.

Then you want to make an uplink to the Cisco device with say, port 24, and you make that port a TAGGED member of both VLANs.

... and that's really all there is to it on HP side. Then the port will carry the info from both VLANs.

I'd suggest you check out the Management and Configuration guide of 2524, you can find that from www.hp.com/rnd under Technical Support and Manuals. That's a very good source of information and has good config examples as well.

HTH,
Arimo

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can ping the switch. Am I still doing something wrong?

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can't ping the switch. Am I still doing something wrong?

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can't ping the switch. Am I still doing something wrong?

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can ping the switch. Am I still doing something wrong?

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can't ping the switch. Am I still doing something wrong?

Arimo,
Thank you for clarify this for me. If I may I have a few more questions. I just tried what you said where I add the vlans and changed the untagged/no status and then tagged for the uplink which in my case is port 1 for right now. To make things more congruent I created vlan 40 and 41....41 is the vlan that was default but I changed the newly added Vlan40 to be primary. All of the "default" vlan (which is not my primary) is set to no (this may be the problem) and when I set port 1 tagged for both vlan 40 and 41 I lose conctivity outside of my subnet. But I still can ping the switch. Am I still doing something wrong?

I apologize for all the replies but there is a trememdous lag which leads me to believe that the message did not go through. Sorry.

Hi.

I would start looking at the Cisco configuration very closely. I'm not able to help with that one (yet :-) but there are others, like Ron, in the forum who are.

I actually would leave the default VLAN unchanged and just add the VLANs I need to use.

Once more in a nutshell:
- VLAN 40 must be in a different subned from VLAN 41
- Port 1 must be TAGGED for both VLANs, other ports must be UNTAGGED.
- You need a router to make communication from one VLAN to another. Comms between VLANs is not possible otherwise.

HTH,
Arimo

Too fast clicking...

Do NOT tag the other ports in VLANs. If you tag a port that leads to a PC, you need a 802.1Q capable NIC in that PC, otherwise the NIC will drop all packets.

If the NIC is 802.1Q compatible, it will be mentioned in the NIC specs. Most current NICs are NOT compatible.

Arimo

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008012ecf3.shtml

is a good explanation of how to do trunking on the 6000 series switches.

The nature of VLANs is that they stop communication between ports which are not in the same VLAN. In order to communicate between VLANs you have to move up to layer three and use a router (or a layer 3 switch) to route between VLANs. The 6500 series can have a builtin in internal router but I think it's an extra cost option. You can trunk to a Cisco router but how you do it depends on its IOS level (if Native VLAN is in the trunk).

To test your setup you have to put a port in the 6509 in VLAN 40 and another port on the HP in 40 too. A PC plugged into the VLAN 40 port on the 6500 should then be able to communicate with a PC plugged into the VLAN 40 port on the HP (as long as they are both in the same IP subnet). No tagging on either port. Only tag the port going to the 6509.

Your original statement:
"Ultimately I want anyone that plugs into a particluar port to be assigned the ip address of the vlan they should be in so I figured that might mean I have to tag all the ports" implies you are going to use a DHCP server. The DHCP server will need to have a presence on each VLAN. While there are a few out there now that can use trunking most cannot so the easy way is to put in a NIC for each VLAN that the DHCP server has to assign addresses on. Then each NIC is plugged into its own port on the switch and all ports on the VLAN associated with that port will get an IP address in the subnet assigned to that VLAN. As previously mentioned the port itself is assigned to a VLAN so you do not need to tag traffic on a port and most of the time the other end would not understand tagging anyway.

Ron

Thanks for the help guys....I should be able to straighten this out now.

You can also use a router as a DHCP server. The router is perfect for this function, because it is directly connected to the serviced networks (at least to some of them), functions as an essential service component, and plays a critical role in the network security infrastructure. Having two local routers means you have your primary and backup DHCP servers already.
Cisco currently provide support for DHCP client, relay and server services in the IOS. DHCP relay support has been in place since IOS version 10.2. IOS 12.0.1T introduced IOS DHCP server support, followed by client support in IOS 12.1x.
Naturally for the router to function as a DHCP server (or relay, for that matter), the service must be enabled. This is active by default on most routers.
BR,
Dmitry