Comware

 View Only
last person joined: 3 days ago 

Back to discussions
Expand all | Collapse all

Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

This thread has been viewed 0 times

  • 1.  Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 01:13 AM

    1) Existing network is having three tier architecture i.e. Core, Distribution & Access.
    2) Apart from Default VLAN (VLAN 1) four more VLANs have been created. Core switch is connected with UTM.

    3)We are able to PING UTM, internet, IPs on LAN from end points under Default VLAN but we are unable to PING UTM & internet host(s) from end points under other VLANs.

    4)UTM has been replaced with L3 device. No improvement.

    5) UTM has been replaced with managed L2 device to check. Found no issue.

    Can you throw some light? More details like configuration/schematic can be shared by mail.

    Look forward for your valued feedback.


    #5510
    #HP


  • 2.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 05:07 AM

    @sushobhanm 

    What is the default gateway configured on the end points under other VLANs. Can you share the configuration of the switch and connectivity diagram



  • 3.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 09:44 AM

    VLAN 101 

    IP - 10.147.9.1/24

    Gateway - 10.147.9.1

    VLAN 102

    IP - 10.147.10.1/24

    Gateway - 10.147.10.1

    HPE 5510 Connected to Fortinet 60E [Working as SD-WAN] [IP - 10.147.0.1 255.255.248.0]

    CORE SWITCH CONFIGURATION -

    ****************************************************************************** * Copyright (c) 2010-2017 Hewlett Packard Enterprise Development LP * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** login: admin Password: <core_switch1>dis <core_switch1>display sa <core_switch1>display saved-configuration # version 7.1.045, Release 1122P02 # sysname core_switch1 # clock timezone Jayawardenepura add 05:30:00 clock protocol none # telnet server enable # irf mac-address persistent timer irf auto-update enable undo irf link-delay irf member 1 priority 1 # lldp global enable # password-recovery enable # vlan 1 # vlan 101 to 120 # ---- More ---- stp global enable # interface NULL0 # interface Vlan-interface1 ip address 10.147.5.5 255.255.248.0 vrrp dot1q vid 1 vrrp vrid 1 virtual-ip 10.147.5.1 vrrp vrid 1 priority 254 vrrp vrid 1 preempt-mode delay 5 # interface Vlan-interface101 10.147.9.1 255.255.255.0 interface Vlan-interface102 10.147.10.1 255.255.255.0 interface Vlan-interface103 # interface Vlan-interface104 # interface Vlan-interface105 # interface Vlan-interface106 # ---- More ---- interface Vlan-interface107 # interface Vlan-interface108 # interface Vlan-interface109 # interface Vlan-interface110 # interface Vlan-interface111 # interface Vlan-interface112 # interface Vlan-interface113 # interface Vlan-interface114 # interface Vlan-interface115 # interface Vlan-interface116 # interface Vlan-interface117 # interface Vlan-interface118 ---- More ---- # interface Vlan-interface119 # interface Vlan-interface120 # interface GigabitEthernet1/0/1 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/2 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/3 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/4 port link-mode bridge port link-type trunk ---- More ---- port trunk permit vlan all # interface GigabitEthernet1/0/5 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/6 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/7 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/8 port link-mode bridge port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/9 ---- More ---- port link-mode bridge # interface GigabitEthernet1/0/10 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface GigabitEthernet1/0/11 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface GigabitEthernet1/0/12 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface GigabitEthernet1/0/13 port link-mode bridge port link-type hybrid ---- More ---- port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface GigabitEthernet1/0/14 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface GigabitEthernet1/0/15 port link-mode bridge # interface GigabitEthernet1/0/16 port link-mode bridge # interface GigabitEthernet1/0/17 port link-mode bridge port link-type trunk port trunk permit vlan all combo enable copper # interface GigabitEthernet1/0/18 port link-mode bridge ---- More ---- port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged combo enable copper # interface GigabitEthernet1/0/19 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 201 to 202 combo enable copper # interface GigabitEthernet1/0/20 port link-mode bridge port link-type hybrid port hybrid vlan 1 untagged combo enable copper # interface GigabitEthernet1/0/21 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged ---- More ---- combo enable copper # interface GigabitEthernet1/0/22 port link-mode bridge port link-type hybrid port hybrid vlan 1 untagged combo enable copper # interface GigabitEthernet1/0/23 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged combo enable copper # interface GigabitEthernet1/0/24 port link-mode bridge port link-type trunk port trunk permit vlan all combo enable copper # interface M-GigabitEthernet0/0/0 ip address 192.168.1.1 255.255.255.0 ---- More ---- ipv6 address auto ipv6 address dhcp-alloc # interface Ten-GigabitEthernet1/0/25 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface Ten-GigabitEthernet1/0/26 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface Ten-GigabitEthernet1/0/27 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface Ten-GigabitEthernet1/0/28 port link-mode bridge ---- More ---- port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface Ten-GigabitEthernet1/1/1 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # interface Ten-GigabitEthernet1/1/2 port link-mode bridge port link-type hybrid port hybrid vlan 101 to 120 tagged port hybrid vlan 1 untagged # scheduler logfile size 16 # line class aux user-role network-admin # line class vty user-role network-operator ---- More ---- # line aux 0 user-role network-admin # line vty 0 15 authentication-mode scheme user-role network-operator # line vty 16 63 user-role network-operator # ip route-static 0.0.0.0 0 10.147.0.1 ip route-static 10.147.0.0 16 10.147.0.1 ip route-static 10.147.0.0 21 10.147.0.1 # radius scheme system user-name-format without-domain # domain system # domain default enable system # role name level-0 ---- More ---- description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # ---- More ---- role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # ---- More ---- local-user admin class manage password hash $h$6$XOJr4MqjuZ91RWSN$TM8UuTtAny7BLHOFzVDMm61MWiVJddLrFIS7LekOTyOtslvVoRiTUBALKewVBSly80zDtHp216stmUudV7JY/w== service-type ssh telnet http authorization-attribute user-role network-admin authorization-attribute user-role network-operator # ip http enable # return <core_switch1> dis <core_switch1>display displa <core_switch1>display ? acl Specify ACL configuration information adjacent-table Display adjacent table information alias Command alias configuration information archive Display archive information arp ARP module bfd BFD module bgp Border Gateway Protocol (BGP) module boot-loader Display software image files bootp BOOTP information buffer Buffer management function cfd Connectivity Fault Detection (CFD) module clock Clock status and configuration information copyright Display Copyright counters Statistics information cpu-usage CPU usage information crypto Crypto Module crypto-engine Crypto engine module current-configuration Current configuration cwmp CWMP information ddns Dynamic Domain Name System (DDNS) module debugging Current setting of debugging switches default-configuration Display system default configuration device Display device information ---- More ---- dhcp DHCP information diagnostic-information System information for diagnosis diagnostic-logfile Display diagnostic log file information diff Display the differences between two configuration files dldp DLDP information dns Domain Name System (DNS) module domain Add domain or modify domain attributes dot1x 802.1X module dying-gasp Dying-gasp configuration ecmp Equal-cost multi-path (ECMP) environment Display environment information ethernet Ethernet module exception Display exception configurations explicit-path Explicit path information fan Display fan status fib FIB information fips Federal Information Processing Standards (FIPS) 140-2 module ftp FTP module ftp-server FTP server information ftp-user FTP user information ha Service-Level High Availability ---- More ---- history-command The historical command information hotkey Display hotkeys hwtacacs HW Terminal Access Controller Access Control System (HWTACACS) module icmp ICMP information igmp IGMP information igmp-snooping IGMP snooping module ike Internet Key Exchange module ikev2 Internet Key Exchange version 2 (IKEv2) module info-center Information center module install Display information of system packages interface Status and configuration information for the interface ip IP information ip-subnet-vlan ipsec IP Security module ipv6 IPv6 information irf IRF system irf-port Display IRF port information isis IS-IS module issu In-Service Software Upgrade module kernel Kernel thread information l2-multicast Layer 2 multicast information ---- More ---- l2vpn Layer 2 Virtual Private Network (L2VPN) module lacp LACP protocol ldap Specify LDAP configuration information license Display license information line Terminal line status and configuration information link-aggregation Display link aggregation group information lldp Link Layer Discovery Protocol(802.1ab) local-proxy-arp Display Local proxy ARP information local-user Local users information logbuffer Display log buffer status and configuration information logfile Display log file information loopback-detection Loopback detection information mac-address MAC address information mac-authentication MAC authentication module mac-forced-forwarding MAC-forced forwarding configuration mac-list Specify a MAC address list mac-vlan MAC VLAN configuration information macsec MAC security module mad Multi-active detection information max-ecmp-num Display maximum ECMP number configuration memory Display the memory information memory-threshold Memory usage threshold information ---- More ---- mirroring-group Specify mirroring group mka MACsec Key Agreement protocol mld MLD information mld-snooping MLD snooping module monitor-link Monitor Link module mpls Multiprotocol Label Switching (MPLS) module mrib Multicast Routing Information Base (MRIB) module msdp Multicast Source Discovery Protocol (MSDP) module multicast Multicast module multicast-vlan Multicast VLAN module mvrp Multiple VLAN registration protocol nqa NQA module ntp-service Network Time Protocol (NTP) information oam OAM module openflow OpenFlow module osi OSI connection information ospf OSPF module ospfv3 OSPFv3 module packet-drop Packet dropping information packet-filter ACL application information for packet filtering password-control Display password control information pim Protocol Independent Multicast (PIM) module pim-snooping PIM snooping module ---- More ---- pki Public Key Infrastructure (PKI) module placement Program placement configuration poe PoE information poe-profile PoE profiles port Display port information port-configuration-mode Port configuration mode port-isolate Port isolation configuration port-security Port security module portal Portal authentication module power Display power status private-vlan Display private VLAN characteristics process Display the process information protocol-vlan Protocol-based VLAN proxy-arp Display proxy ARP information public-key Public key information qcn Quantized Congestion Notification (QCN) module qinq Display 802.1QinQ information qos Quality of Service (QoS) module qos-acl QoS and ACL module radius Display RADIUS configuration information rawip RawIP information rib Routing module rip Specify the RIP module ---- More ---- ripng Specify the RIPng module rmon RMON information role Specify the user role configuration information route-direct Direct routing module route-policy Display routing policy information route-static Unicast static routing information router Router information rrpp Rapid Ring Protection Protocol(RRPP) module rsvp Resource Reservation Protocol (RSVP) module rtm Real time management (RTM) module saved-configuration The saved configuration information scheduler Scheduler information security-logfile Display security log file information service-loopback Service loop back group sflow Display sFlow information sftp Secure FTP (SFTP) module smart-link Smart Link module snmp-agent SNMP information sntp Simple Network Time Protocol (SNTP) information ssh Secure Shell module ssh2 Secure Shell module version 2.0 ssl Secure Socket Layer (SSL) module startup Startup configuration file information ---- More ---- storm-constrain Port storm control stp Spanning Tree Protocol (STP) module supervlan Super VLAN information switch-mode Swtich mode switch-routing-mode Swtich routing mode system System information tcp TCP information telnet Telnet configuration this This view's current configuration time-range Time range status and configuration information track Track module traffic Traffic configuration information transceiver Transceiver information udp UDP information udp-helper UDP helper information user-group Display user groups configuration information user-interface Terminal line status and configuration information user-profile Display user profile information users Login users status and configuration information version System hardware and software version information version-update-record Version update record management vlan Display VLAN configuration information vlan-group Display 802.1X VLAN group information ---- More ---- voice-vlan Voice VLAN configuration information vrrp Virtual Router Redundancy Protocol(VRRP) module web Web configuration <core_switch1>display vers <core_switch1>display version HPE Comware Software, Version 7.1.045, Release 1122P02 Copyright (c) 2010-2017 Hewlett Packard Enterprise Development LP HPE 5510 24G SFP 4SFP+ HI 1-slot Switch JH149A uptime is 4 weeks, 6 days, 23 hours, 21 minutes Last reboot reason : Cold reboot Boot image: flash:/5510hi-cmw710-boot-r1122p02.bin Boot image version: 7.1.045, Release 1122P02 Compiled Jul 03 2017 16:00:00 System image: flash:/5510hi-cmw710-system-r1122p02.bin System image version: 7.1.045, Release 1122P02 Compiled Jul 03 2017 16:00:00 Slot 1: Uptime is 4 weeks,6 days,23 hours,21 minutes HPE 5510 24G SFP 4SFP+ HI 1-slot Switch JH149A with 2 Processors BOARD TYPE: 5510 24G SFP 4SFP+ HI 1-slot Switch DRAM: 1984M bytes FLASH: 512M bytes PCB 1 Version: VER.A Bootrom Version: 127 CPLD 1 Version: 002 CPLD 2 Version: 002 ---- More ---- Release Version: HPE 5510 24G SFP 4SFP+ HI 1-slot Switch JH149A-1122P02 Patch Version : None Reboot Cause : ColdReboot [SubSlot 0] 16GE+8COMBO+4SFP Plus [SubSlot 1] 2*SFP Plus MACSEC <core_switch1>display versiondevi <core_switch1>display device Slot Type State Subslot Soft Ver Patch Ver 1 5510 24G SFP 4SF Master 1 5510-1122P02 None P+ HI 1-slot Swi tch <core_switch1>exit

     



  • 4.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 09:57 AM

    Schematic can be found in the below link:

    https://drive.google.com/file/d/1g_jlZI5zjvoU0d9IIVsHd9BSta4Nt7_p/view?usp=sharing

    We are able to ping all components from HPE Core Switch & END Point under Default VLAN. But we are unable to ping any component beyond HP Core Switch from END Point under VLAN of HP Core.

     



  • 5.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 11:09 AM

    @sushobhanm  The configuration shared is not in proper format, but what i could see that most of the interfaces are trunk ports or hybrid ports with vlan 1 untagged. If you are connecting a PC/Laptop on this switch to test the communication, configure the interface for as untagged  for that vlan (Eg:101)

    For example if you are connecting a PC in interface G1/0/1 which is part of VLAN 101

    Configure the interface as below.

    interface GigabitEthernet 1/0/1

    port link-type access

    port access vlan 101

    Now connect the PC in Gi1/0/1 and configure the IP Address of the PC in 10.147.9.x subnet and gateway as 10.147.9.1 



  • 6.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 11:22 AM

    pls see, if the config fle cn be better ccesed from below iink:

     

    https://drive.google.com/file/d/15-fWqkJYgoEZw3cwH6ZRGQZ9HtahOIhE/view?usp=sharing

     



  • 7.  RE: Typical Issue in integrating any L3 device with HP 5510 core switch over VLAN

    Posted Sep 07, 2020 09:54 PM

    Hi,

    I do not see any interfaces configured as access ports of other vlans (eg" Vlan 101 or 102 etc). All the interfaces are at default configuration (access ports for vlan 1 by default). There are few interfaces configured as trunk but those might be your uplink/downlink ports.

    Configure any interface as access port for other vlans and test (eg given earlier)

    interface GigabitEthernet 1/0/1

    port link-type access

    port access vlan 101

     

    Also there is 1 default route and 2 static routes in the configuation shared (below), you can remove the static router.

    ip route-static 0.0.0.0 0 10.147.0.1
    ip route-static 10.147.0.0 16 10.147.0.1
    ip route-static 10.147.0.0 21 10.147.0.1

     

    Also if the device is under support, you can log a case with HPE support for faster resolution so that one of hte support engineer can login remotely and fix the issue.