Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

VLAN configuration migrating from CISCO

This thread has been viewed 3 times

  • 1.  VLAN configuration migrating from CISCO

    Posted Dec 06, 2019 10:16 AM

    Hi,

     

    im trying to migrate from old Cisco switches to new 2930M models.

    Despite replicating the configuration across we are still not getting full connectivity.

     

    the config is as follows:


    hostname "HEBS-SW-TEST"
    module 1 type jl320a
    gvrp
    ip route 0.0.0.0 0.0.0.0 10.1.1.31
    ip routing
    interface 1
    name "MPLS Link"
    exit
    interface 2
    name "Test PC"
    exit
    snmp-server community "public" unrestricted
    oobm
    ip address dhcp-bootp
    exit
    vlan 1
    name "DEFAULT_VLAN"
    no untagged 1-2
    untagged 3-24
    no ip address
    exit
    vlan 10
    name "MPLS"
    untagged 1
    tagged 2
    ip address 10.1.1.254 255.255.255.0
    exit
    vlan 20
    name "DATA"
    untagged 2
    ip address 10.1.33.31 255.255.255.0
    exit
    spanning-tree 2 admin-edge-port
    spanning-tree mode rapid-pvst
    no tftp server
    no autorun
    no dhcp config-file-update
    no dhcp image-file-update
    password manager

     

    The Test PC on Port 2 cannot see the "MPLS" Vlan Network (10)

     

    being new to aruba switches can anyone see something obvious that could be causing issues?

     

    thanks.

     



  • 2.  RE: VLAN configuration migrating from CISCO

    MVP GURU
    Posted Dec 06, 2019 11:18 AM

    Hi, that config shows us that on your Aruba 2930M:

     

    • IP Routing is enabled
    • Default Gateway (for any other unknown network) is defined
    • VLAN 10 has a SVI
    • VLAN 20 has a SVI
    • VLAN 1 hasn't a SVI and thus it doesn't partecipate to IP Routing
    • port 2 is no untagged member of VLAN 1 (Default)
    • port 2 is tagged member of VLAN 10
    • port 2 is untagged member of VLAN 20
    • port 1 is untagged member of VLAN 10
    • ports 3-24 were left untagged members of VLAN 1 (Default)

    so a properly connected host configured accordingly with an IP Address belonging to VLAN 20 network (10.1.33.0/24) using the 10.1.33.31 as its default gateway should be able to successfully complete an ICMP Ping test executed against:

     

    • VLAN 20 SVI 10.1.33.31
    • VLAN 10 SVI 10.1.1.254
    • Gateway of Last Resort (Default gateway) 10.1.1.31 [*]
    • Any other host connected with the same principle preliminarily discussed above (host addressing) to any other possible port untagged member of VLAN 20 (no other ports are untagged members of VLAN 20) and/or VLAN 10 (port 1 is untagged member of VLAN 10) on the very same Switch.
    • Eventually to any Internet host IF the Default Gateway is used to connect to Internet through a NAT.

    Clearly you should be 100% sure that no OS Firewall jumps in to block ICMP Ping and invalidate your tests on hosts you're using.

     

    [*] since the Default Gateway should be directly connected to the Switch and since it has an IP addressing compatible with the one used on VLAN 10 ("MPLS")...it's highly probable that it was connected to port 1...does the 10.1.1.31 know how to reply back to hosts on 10.1.33.0/24 network via 10.1.1.254 VLAN 10 SVI Address? in other terms...is there a static route on that device used to instruct how to reach back networks defined on Aruba 2930M other than the network it is directly connected into?