Hi,
I am confused about the behaviour of the "management-vlan" command. Experimenting with an HP ProCurve 2626 and an Aruba 2930F led to identical results.
An excerpt from the running configuration, identical for both ProCurve and Aruba switches:
ProCurve Switch 2626 / Aruba 2930F# show running-config
[...]
ip routing
[...]
vlan 1
name "DATA"
untagged 1-26
ip address 192.168.1.14 255.255.255.240
exit
vlan 9
name "MGMT"
ip address 192.168.9.6 255.255.255.248
tagged 1
exit
management-vlan 9
[...]
As you can see, ethernet 1 is assigned to both VLAN 1 (untagged), and VLAN 9 (tagged).
A PC connected to ethernet 1 has the following IP configuration:
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
[...]
IPv4 Address. . . . . . . . . . . : 192.168.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.240
Default Gateway . . . . . . . . . : 192.168.1.14
Pinging VLAN 1 SVI:
C:\Users\vvoica>ping -n 1 192.168.1.14
Pinging 192.168.1.14 with 32 bytes of data:
Reply from 192.168.1.14: bytes=32 time=1ms TTL=64
Ping statistics for 192.168.1.14:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
Pinging VLAN 9 SVI:
C:\Users\vvoica>ping -n 1 192.168.9.6
Pinging 192.168.9.6 with 32 bytes of data:
Request timed out.
Ping statistics for 192.168.9.6:
Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
After issuing "no management-vlan 9" pinging VLAN 9 SVI succeeded.
My expectation would have been to still be able to connect to the switch after issuing "management-vlan 9" but only from the ports on which VLAN 9 is tagged (in this case only from a PC connected to ethernet 1); this does not happen.
I had a thorough look at the "ArubaOS-Switch – How to Configure a Management VLAN" article by "esupport" but that only strengthen what I was already expecting from using this command.
I hope I made myself clear, any feedback will be appreciated.