Wired Intelligent Edge

 View Only
last person joined: 20 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

HP Procurve 5308xl inter-vlan routing; no internet

This thread has been viewed 0 times

  • 1.  HP Procurve 5308xl inter-vlan routing; no internet

    Posted Jul 30, 2014 03:20 PM

    Environment:

     

    • 1 - 5308xl Switch (IP: 10.0.0.254; 10.0.1.254; 10.0.2.254; 10.0.3.254; 10.0.4.254; 10.0.10.254; 10.1.10.254)
    • 1 - modem (IP: 10.1.10.10)
    • 1 - DHCP server (IP: 10.0.0.1, 10.0.1.1; 10.0.2.1; 10.0.3.1; 10.0.4.1; 10.0.5.1; 10.0.10.1; 10.1.10.1)
    • 2 - Clients (one on vlan 40 and one on vlan 254)

    The problem:

     

    I have inter-vlan routing turned on, each vlan is able to ping each other, but only the devices connected to the vlan that the modem resides on is able to ping the modem and get onto the internet. I had a rep from our ISP look at my modem config and verify that nothing there should hinder my ability to get onto the internet.

     

    Switch configuration:

     

    ; J4819A Configuration Editor; Created on release #E.11.38

hostname "Switch" 
time timezone -360 
time daylight-time-rule Continental-US-and-Canada 
fastboot 
module 8 type J4878B 
module 1 type J4820B 
module 3 type J4820B 
module 5 type J4820B 
module 7 type J4820B 
module 4 type J4820A 
module 2 type J4820A 
module 6 type J4820A 
interface F2 
   name "Modem" 
exit
interface F3 
   name "DHCP" 
exit
interface F4 
   name "CUPS" 
exit
interface F5 
   name "UNIFI" 
exit
interface F6 
   name "Server" 
exit
sntp server 10.0.10.5 
ip routing 
timesync sntp 
sntp unicast 
sntp 30 
logging facility syslog 
logging 10.0.10.8 
snmp-server community "public" Unrestricted 
vlan 1 
   name "DEFAULT_VLAN" 
   untagged A1-A6,A8-A24,B1-B24,C1-C24,D1-D24,E11-E24,F1,F9-F24,G1-G24,H1-H4 
   ip address 10.0.0.254 255.255.255.0 
   no untagged A7,E1-E10,F2-F8 
   exit 
vlan 10 
   name "Student Lan" 
   ip address 10.0.1.254 255.255.255.0 
   ip helper-address 10.0.1.1 
   tagged F3 
   exit 
vlan 20 
   name "Staff Lan" 
   ip address 10.0.2.254 255.255.255.0 
   ip helper-address 10.0.2.1 
   tagged F3 
   exit 
vlan 30 
   name "Student WiFi" 
   ip address 10.0.3.254 255.255.255.0 
   ip helper-address 10.0.3.1 
   tagged E1-E6,F3,F5 
   exit 
vlan 40 
   name "Staff WiFi" 
   ip address 10.0.4.254 255.255.255.0 
   ip helper-address 10.0.4.1 
   tagged E1-E6,F3,F5 
   exit 
vlan 50 
   name "Guest WiFi" 
   ip address 10.0.5.254 255.255.255.0 
   ip helper-address 10.0.5.1 
   tagged E1-E6,F3,F5 
   exit 
vlan 100 
   name "Servers and Devices" 
   untagged E1-E10,F4-F6 
   ip address 10.0.10.254 255.255.255.0 
   ip helper-address 10.0.10.1 
   tagged F3 
   exit 
vlan 254 
   name "Outside" 
   untagged A7,F2-F3,F7-F8 
   ip address 10.1.10.254 255.255.255.0 
   exit 
ip route 0.0.0.0 0.0.0.0 10.1.10.10 
spanning-tree
ip ssh
no tftp client
no tftp server
password manager
password operator

     

    DHCP server config:

     

    option domain-search "ns.example.loc";

# Lease time is in seconds.
# Current settings: default-lease-time 12 hours
default-lease-time 43200;
max-lease-time 43200;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

######################################################################
### BEGIN VLAN ADDRESSING SCHEME

# Vlan 1: Management
subnet 10.0.0.0 netmask 255.255.255.0 {
	range 10.0.0.100 10.0.0.200;
	option routers 10.0.0.254;
	option domain-name-servers 10.0.0.1, 8.8.8.8; # , 208.67.220.220;
}

# Vlan 10: Student
subnet 10.0.1.0 netmask 255.255.255.0 {
	range 10.0.1.50 10.0.1.200;
	option routers 10.0.1.254;
	option broadcast-address 10.0.1.255;
	option lpr-servers 10.0.10.8;
	option domain-name-servers 10.0.1.1, 208.67.222.222, 208.67.220.220;
}

# Vlan 20: Staff
subnet 10.0.2.0 netmask 255.255.255.0 {
	range 10.0.2.50 10.0.2.200;
	option routers 10.0.2.254;
	option broadcast-address 10.0.2.255;
	option lpr-servers 10.0.10.8;
	option domain-name-servers 10.0.2.1, 8.8.8.8; # 208.67.222.222, 208.67.220.220;
}

# Vlan 30: WiFi_Student
subnet 10.0.3.0 netmask 255.255.255.0 {
	range 10.0.3.50 10.0.3.200;
	option routers 10.0.3.254;
	option broadcast-address 10.0.3.255;
	option lpr-servers 10.0.10.8;
	option domain-name-servers 10.0.3.1, 208.67.222.222, 208.67.220.220;
}

# Vlan 40: WiFi_Staff
subnet 10.0.4.0 netmask 255.255.255.0 {
	range 10.0.4.50 10.0.4.200;
	option routers 10.0.4.254;
	option broadcast-address 10.0.4.255;
	option lpr-servers 10.0.10.8;
	option domain-name-servers 10.0.4.1, 208.67.222.222, 208.67.220.220;
}

# Vlan 50: WiFi_Guest
subnet 10.0.5.0 netmask 255.255.255.0 {
	range 10.0.5.50 10.0.5.200;
	option routers 10.0.5.254;
	option broadcast-address 10.0.5.255;
	option domain-name-servers 208.67.222.222, 208.67.220.220;
}

# Vlan 100: Servers and printers
subnet 10.0.10.0 netmask 255.255.255.0 {
	range 10.0.10.50 10.0.10.200;
	option routers 10.0.10.254;
	option broadcast-address 10.0.10.255;
	option domain-name-servers 10.0.10.1, 8.8.8.8;
}

# Vlan 254: Outside
subnet 10.1.10.0 netmask 255.255.255.0 {
	range 10.1.10.50 10.1.10.200;
	option routers 10.1.10.254;
	option broadcast-address 10.1.10.255;
	option domain-name-servers 10.1.10.1;
}

     


    #internet
    #ProCurve
    #unreachable
    #modem
    #VLAN
    #5308xl
    #routing


  • 2.  RE: HP Procurve 5308xl inter-vlan routing; no internet

    Posted Jul 30, 2014 07:07 PM

    Your modem needs a route, eg, 

    10.0.0.0 255.255.0.0 10.1.10.254



  • 3.  RE: HP Procurve 5308xl inter-vlan routing; no internet

    Posted Jul 31, 2014 10:18 AM
    @Vince-Whirlwind wrote:

    Your modem needs a route, eg, 

    10.0.0.0 255.255.0.0 10.1.10.254

    Vince,

    thank you for your reply.

     

    Putting your suggestion into the switch gives me the following:

     

    10.1.10.254 can not be switch IP address and route gateway at the same time.

     

    Edit: I think I understand what you were saying, you were telling me to add a static route to the modem. The modem now contains the following static route

     

    10.0.0.0 255.255.0.0 10.1.10.254

     

    Now all vlans are able to ping the modem (yay!)

     

    Unfortunately; no vlan except 254 can reach the outside internet:

     

    From vlan 40:

     

    traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
 1  10.0.4.254 (10.0.4.254)  4.844 ms  12.724 ms  2.259 ms
 2  10.1.10.10 (10.1.10.10)  1.626 ms  5.411 ms  6.300 ms
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *

     

     

     



  • 4.  RE: HP Procurve 5308xl inter-vlan routing; no internet

    Posted Jul 31, 2014 03:56 PM
    Now you probably have to look at your NAT config on the modem.


  • 5.  RE: HP Procurve 5308xl inter-vlan routing; no internet

    Posted Aug 06, 2014 12:57 PM

    Just solved this today. The solution was not in the switch, but in my modem. After adding a route back to the switch for the 10 network, I needed to make sure the subnetting was correct for the modem's ip address.

     

    So before it was

     

    10.1.10.10 255.255.255.0

     

    now it is

     

    10.1.10.10 255.0.0.0

     

    And all is well.

     

    Thank you Vince for helping me out this far.