Re: FW: [enterasys] Vlan configuration issue.
Aern't Siemens and Enterasys joined now? Anyway, here's a DHCP config. You do this in the switch BTW. set dhcp enable set dhcp exclude 10.1.1.94 set dhcp pool data set dhcp pool data dns-server 10.8.4.8 set dhcp pool data default-router 10.1.1.94 set dhcp pool data network 10.1.1.64 255.255.255.224 set dhcp pool data domain-name something.net If you need options for VoIP phones, they'll be something like this Ericcson set dhcp pool data option 43 hex def etc or Cisco set dhcp pool data option 150 hex abc etc If you need to set up reserved pool addresses, then they occupy a pool each, like this set dhcp pool printer set dhcp pool printer default-router 10.1.1.94 set dhcp pool printer hardware-address 00:1f:29:1c:17:82 set dhcp pool printer host 10.1.1.67 255.255.255.224 set dhcp pool UPS set dhcp pool UPS default-router 10.1.1.94 set dhcp pool UPS hardware-address 00:c0:b7:4a:09:90 set dhcp pool UPS host 10.1.1.91 255.255.255.224 Hope it helps Billo Data Communications Co-Ordinator Information Technology Telecommunications Hunter New England Health Service ph 0249 213804 fax 0249 213038 william.ol...@hnehealth.nsw.gov.au Pal, Abhijit IN CCU SISL abhijit@siemens.com Monday, 8 June 2009 Dear All, Now I want to configure DHCP server on the C3 Switch for all the vlan. I have already gone through the configuration guide but not able to understand which steps are enough. Bellow is the IP Pool for Vlans. Vlan10: 192.168.10.XXX Vlan20: 192.168.20.XXX Vlan30:192.168.30.XXX Need your immediate help. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Pal, Abhijit IN CCU SISL Sent: Friday, June 05, 2009 11:15 AM To: 'stephen.faulk...@rikshospitalet.no' Subject: RE: [enterasys] Vlan configuration issue. Hi Stephen, Thanks a lot... This is certainly going to be great help to configure the required scenario. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Stephen Faulkner [mailto:stephen.faulk...@rikshospitalet.no] Sent: Thursday, June 04, 2009 8:53 PM To: Enterasys Customer Mailing List Subject: RE: [enterasys] Vlan configuration issue. Hello again. I tested something similar to this in our lab using a C3 as a router and a C2 and C3 as VLAN 10 and VLAN20 switches respectively. I have no B3 switches here, but assume they are similar. I did the configs and design in my head and it worked first time (unusual for me!). I had only 2 laptops. Server-laptop in VLAN30 and a client laptop that I used for testing VLAN 10 and 20 respectively. Here are the VLAN configs: This is C3 (router). First we create VLANs and attach to trunk port. I usually clear VLAN 1 from all ports. C3-ruter(su)-clear vlan egress 1 ge.*.*;lag.*.* show config vlan #vlan set vlan create 10 set vlan create 20 set vlan create 30 set vlan name 10 Vlan10 set vlan name 20 Vlan20 set vlan name 30 Vlan30 clear vlan egress 1 ge.1.1-48;lag.0.1-6 set vlan egress 10 ge.1.1 tagged set vlan egress 20 ge.1.2 tagged set vlan egress 30 ge.1.30 untagged # My server-laptop port set port vlan ge.1.30 30 modify-egress # Untagged to server-laptop This is the 'L2' switch for Vlan10 (a C2 in this case): show config vlan #vlan set vlan create 10 set vlan name 10 Vlan10 clear vlan egress 1 ge.1.10 set vlan egress 10 ge.1.1 tagged set vlan egress 10 ge.1.10 untagged ! set port vlan ge.1.10 10 modify-egress # Port for client-laptop - untagged And for VLAN 20 L2 switch: show conf vlan #vlan set vlan create 20 set vlan name 20 Vlan20 clear vlan egress 1 ge.1.10 set vlan egress 20 ge.1.1 tagged set vlan egress 20 ge.1.10 untagged set port vlan ge.1.10 20 modify-egress # Port for client-laptop - untagged I tested L2 VLAN connectivity by checking MAC tables with cleint laptop in VLAN 10: C3-ruter(su)-show mac MAC Address FID Port Type - - 00-11-88-13-40-21 1ge.1.1Learned 00-11-88-13-40-22 1ge.1.1Learned 00-1F-45-09-F2-11 1ge.1.2Learned 00-1F-45-09-F6-38 1host Management 00-16-D4-E7-10-9F 10 ge.1.1Learned # Laptop-client 00-24-81-B1-E6-F2 30 ge.1.30 Learned # Laptop-server Move laptop-client to Vlan20 switch. Can now see it in VLAN 20: C3-ruter(su)-show mac MAC Address FID Port Type - - 00-11-88-13-40-21 1ge.1.1Learned 00-11-88-13-40-22 1ge.1.1Learned 00-1F-45-09-F2-10 1ge.1.2Learned
Re: FW: [enterasys] Vlan configuration issue.
BTW Should have mentioned, you do not need to include a IP helper-address in the router (seems obvious, but you never know). Billo Data Communications Co-Ordinator Information Technology Telecommunications Hunter New England Health Service ph 0249 213804 fax 0249 213038 william.ol...@hnehealth.nsw.gov.au Pal, Abhijit IN CCU SISL abhijit@siemens.com Monday, 8 June 2009 Dear All, Now I want to configure DHCP server on the C3 Switch for all the vlan. I have already gone through the configuration guide but not able to understand which steps are enough. Bellow is the IP Pool for Vlans. Vlan10: 192.168.10.XXX Vlan20: 192.168.20.XXX Vlan30:192.168.30.XXX Need your immediate help. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Pal, Abhijit IN CCU SISL Sent: Friday, June 05, 2009 11:15 AM To: 'stephen.faulk...@rikshospitalet.no' Subject: RE: [enterasys] Vlan configuration issue. Hi Stephen, Thanks a lot... This is certainly going to be great help to configure the required scenario. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Stephen Faulkner [mailto:stephen.faulk...@rikshospitalet.no] Sent: Thursday, June 04, 2009 8:53 PM To: Enterasys Customer Mailing List Subject: RE: [enterasys] Vlan configuration issue. Hello again. I tested something similar to this in our lab using a C3 as a router and a C2 and C3 as VLAN 10 and VLAN20 switches respectively. I have no B3 switches here, but assume they are similar. I did the configs and design in my head and it worked first time (unusual for me!). I had only 2 laptops. Server-laptop in VLAN30 and a client laptop that I used for testing VLAN 10 and 20 respectively. Here are the VLAN configs: This is C3 (router). First we create VLANs and attach to trunk port. I usually clear VLAN 1 from all ports. C3-ruter(su)-clear vlan egress 1 ge.*.*;lag.*.* show config vlan #vlan set vlan create 10 set vlan create 20 set vlan create 30 set vlan name 10 Vlan10 set vlan name 20 Vlan20 set vlan name 30 Vlan30 clear vlan egress 1 ge.1.1-48;lag.0.1-6 set vlan egress 10 ge.1.1 tagged set vlan egress 20 ge.1.2 tagged set vlan egress 30 ge.1.30 untagged # My server-laptop port set port vlan ge.1.30 30 modify-egress # Untagged to server-laptop This is the 'L2' switch for Vlan10 (a C2 in this case): show config vlan #vlan set vlan create 10 set vlan name 10 Vlan10 clear vlan egress 1 ge.1.10 set vlan egress 10 ge.1.1 tagged set vlan egress 10 ge.1.10 untagged ! set port vlan ge.1.10 10 modify-egress # Port for client-laptop - untagged And for VLAN 20 L2 switch: show conf vlan #vlan set vlan create 20 set vlan name 20 Vlan20 clear vlan egress 1 ge.1.10 set vlan egress 20 ge.1.1 tagged set vlan egress 20 ge.1.10 untagged set port vlan ge.1.10 20 modify-egress # Port for client-laptop - untagged I tested L2 VLAN connectivity by checking MAC tables with cleint laptop in VLAN 10: C3-ruter(su)-show mac MAC Address FID Port Type - - 00-11-88-13-40-21 1ge.1.1Learned 00-11-88-13-40-22 1ge.1.1Learned 00-1F-45-09-F2-11 1ge.1.2Learned 00-1F-45-09-F6-38 1host Management 00-16-D4-E7-10-9F 10 ge.1.1Learned # Laptop-client 00-24-81-B1-E6-F2 30 ge.1.30 Learned # Laptop-server Move laptop-client to Vlan20 switch. Can now see it in VLAN 20: C3-ruter(su)-show mac MAC Address FID Port Type - - 00-11-88-13-40-21 1ge.1.1Learned 00-11-88-13-40-22 1ge.1.1Learned 00-1F-45-09-F2-10 1ge.1.2Learned 00-1F-45-09-F2-11 1ge.1.2Learned 00-1F-45-09-F6-38 1host Management 00-16-D4-E7-10-9F 10 ge.1.1Learned # Old entry not timed-out 00-16-D4-E7-10-9F 20 ge.1.2Learned # Maptop-client now moved to VLAN 20 00-24-81-B1-E6-F2 30 ge.1.30 Learned We have established L2 between all 3 switches, now let's try routing: Addresses I used: Laptop-server in VLAN 30 10.30.30.30/16 Laptop-client in VLAN 10 (and later VLAN 20) 10.10.10.10/16 (10.20.20.20/16) C3-ruter(su)-router#configure t Enter configuration commands: C3-ruter(su)-router(Config)#interface vlan 10 C3-ruter(su)-router(Config-if(Vlan 10))#ip address 10.10.10.1 255.255.0.0 C3-ruter(su)-router(Config-if(Vlan 10))#no sh C3-ruter(su)-router(Config-if(Vlan 10))#ex C3-ruter(su)-router(Config)#interface vlan 20 C3-ruter(su)-router(Config-if(Vlan 20))#ip address
RE: FW: [enterasys] Vlan configuration issue.
Hi, Not so clear. The DHCP server will serve ip to all the bellow mentioned vlans. So the DHCP server will hold different ip pool. But what about the Relay agent? Without relay agent will the DHCP server be able to serve ip to separate vlans? And one more help I need. I have issued set ip address command with the ip address on all the switches. But not able to telnet them from a PC. How to set up ip addresses on all the Switches so that I can telnet to them from any PC in the N/W? Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 -Original Message- From: William Olive [mailto:william.ol...@hnehealth.nsw.gov.au] Sent: Monday, June 08, 2009 1:15 PM To: Enterasys Customer Mailing List Subject: Re: FW: [enterasys] Vlan configuration issue. Aern't Siemens and Enterasys joined now? Anyway, here's a DHCP config. You do this in the switch BTW. set dhcp enable set dhcp exclude 10.1.1.94 set dhcp pool data set dhcp pool data dns-server 10.8.4.8 set dhcp pool data default-router 10.1.1.94 set dhcp pool data network 10.1.1.64 255.255.255.224 set dhcp pool data domain-name something.net If you need options for VoIP phones, they'll be something like this Ericcson set dhcp pool data option 43 hex def etc or Cisco set dhcp pool data option 150 hex abc etc If you need to set up reserved pool addresses, then they occupy a pool each, like this set dhcp pool printer set dhcp pool printer default-router 10.1.1.94 set dhcp pool printer hardware-address 00:1f:29:1c:17:82 set dhcp pool printer host 10.1.1.67 255.255.255.224 set dhcp pool UPS set dhcp pool UPS default-router 10.1.1.94 set dhcp pool UPS hardware-address 00:c0:b7:4a:09:90 set dhcp pool UPS host 10.1.1.91 255.255.255.224 Hope it helps Billo Data Communications Co-Ordinator Information Technology Telecommunications Hunter New England Health Service ph 0249 213804 fax 0249 213038 william.ol...@hnehealth.nsw.gov.au Pal, Abhijit IN CCU SISL abhijit@siemens.com Monday, 8 June 2009 Dear All, Now I want to configure DHCP server on the C3 Switch for all the vlan. I have already gone through the configuration guide but not able to understand which steps are enough. Bellow is the IP Pool for Vlans. Vlan10: 192.168.10.XXX Vlan20: 192.168.20.XXX Vlan30:192.168.30.XXX Need your immediate help. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Pal, Abhijit IN CCU SISL Sent: Friday, June 05, 2009 11:15 AM To: 'stephen.faulk...@rikshospitalet.no' Subject: RE: [enterasys] Vlan configuration issue. Hi Stephen, Thanks a lot... This is certainly going to be great help to configure the required scenario. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Stephen Faulkner [mailto:stephen.faulk...@rikshospitalet.no] Sent: Thursday, June 04, 2009 8:53 PM To: Enterasys Customer Mailing List Subject: RE: [enterasys] Vlan configuration issue. Hello again. I tested something similar to this in our lab using a C3 as a router and a C2 and C3 as VLAN 10 and VLAN20 switches respectively. I have no B3 switches here, but assume they are similar. I did the configs and design in my head and it worked first time (unusual for me!). I had only 2 laptops. Server-laptop in VLAN30 and a client laptop that I used for testing VLAN 10 and 20 respectively. Here are the VLAN configs: This is C3 (router). First we create VLANs and attach to trunk port. I usually clear VLAN 1 from all ports. C3-ruter(su)-clear vlan egress 1 ge.*.*;lag.*.* show config vlan #vlan set vlan create 10 set vlan create 20 set vlan create 30 set vlan name 10 Vlan10 set vlan name 20 Vlan20 set vlan name 30 Vlan30 clear vlan egress 1 ge.1.1-48;lag.0.1-6 set vlan egress 10 ge.1.1 tagged set vlan egress 20 ge.1.2 tagged set vlan egress 30 ge.1.30 untagged # My server-laptop port set port vlan ge.1.30 30 modify-egress # Untagged to server-laptop This is the 'L2' switch for Vlan10 (a C2 in this case): show config vlan #vlan set vlan create 10 set vlan name 10 Vlan10 clear vlan egress 1 ge.1.10 set vlan egress 10 ge.1.1 tagged set vlan egress 10 ge.1.10 untagged ! set port vlan ge.1.10 10 modify-egress # Port for client-laptop - untagged And for VLAN 20 L2 switch: show conf vlan #vlan set vlan create 20 set vlan name 20 Vlan20 clear vlan egress 1 ge.1.10
RE: FW: [enterasys] Vlan configuration issue.
Hmmm. Most of this stuff is in the manuals!! I cannot answer regarding DHCP server features/functionality on the C3 itself. I have set up UDP forwarding (ip-helper) on these - that's all. If the C3 ITSELF is the DHCP server then I don't see the need for the relay function except in neighbouring routers where there may be DHCP clients. The 'set ip address' stuff. These Enterasys boxes (at least most of those that I know) are basically switches with some routing 'added'. That's why anything to do with the ROUTER functions has to be defined in the ROUTER context and not in the basic switch CLI. This may appear strange to those of us accustomed to IOS, but as long as it works Makes SNMP configuration interesting too, especially when the SNMP poller doesn't understand contexts. When you set the SWITCH IP address, you have to define which VLAN this IP address should belong to by setting the HOST VLAN on the switch. You must also be able to ROUTE to this 'host' VLAN (typically the switch's management VLAN). I have had problems with this myself, and found it easiest to access the switch through one of its router interface addresses (in some cases). Could be that newer firmware has made life easier. Regards Stephen (In compliance with the Security Policy of Rikshospitalet HF , the content of this message (including any attachments) is of a non-sensitive nature) - -Original Message- - From: Pal, Abhijit IN CCU SISL [mailto:abhijit@siemens.com] - Sent: Monday, June 08, 2009 11:13 AM - To: Enterasys Customer Mailing List - Cc: william.ol...@hnehealth.nsw.gov.au - Subject: RE: FW: [enterasys] Vlan configuration issue. - - Hi, - - Not so clear. - - The DHCP server will serve ip to all the bellow mentioned vlans. So - the DHCP server will hold different ip pool. But what about the Relay - agent? Without relay agent will the DHCP server be able to serve ip to - separate vlans? - - And one more help I need. I have issued set ip address command with - the ip address on all the switches. But not able to telnet them from a - PC. - - How to set up ip addresses on all the Switches so that I can telnet to - them from any PC in the N/W? - - Best Regards, - Abhijit Pal - - SIEMENS Information systems Limited. - GO/ GTAS(Global Technology Application Services) 13th Floor, Tower- - 2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. - DID:+91 33 2339 9396 - Board:+91 33 2339 9000 - Fax:+91 33 2339 9001 - - -Original Message- - From: William Olive [mailto:william.ol...@hnehealth.nsw.gov.au] - Sent: Monday, June 08, 2009 1:15 PM - To: Enterasys Customer Mailing List - Subject: Re: FW: [enterasys] Vlan configuration issue. - - Aern't Siemens and Enterasys joined now? - - Anyway, here's a DHCP config. You do this in the switch BTW. - - set dhcp enable - set dhcp exclude 10.1.1.94 - - set dhcp pool data - set dhcp pool data dns-server 10.8.4.8 - set dhcp pool data default-router 10.1.1.94 set dhcp pool data network - 10.1.1.64 255.255.255.224 set dhcp pool data domain-name something.net - - If you need options for VoIP phones, they'll be something like this - - Ericcson - set dhcp pool data option 43 hex def etc - - or Cisco - set dhcp pool data option 150 hex abc etc - - If you need to set up reserved pool addresses, then they occupy a pool - each, like this - - set dhcp pool printer - set dhcp pool printer default-router 10.1.1.94 set dhcp pool printer - hardware-address 00:1f:29:1c:17:82 set dhcp pool printer host - 10.1.1.67 255.255.255.224 - - set dhcp pool UPS - set dhcp pool UPS default-router 10.1.1.94 set dhcp pool UPS hardware- - address 00:c0:b7:4a:09:90 set dhcp pool UPS host 10.1.1.91 - 255.255.255.224 - - Hope it helps - - - Billo - Data Communications Co-Ordinator - Information Technology Telecommunications Hunter New England Health - Service ph 0249 213804 fax 0249 213038 - william.ol...@hnehealth.nsw.gov.au - - Pal, Abhijit IN CCU SISL abhijit@siemens.com Monday, 8 - June - 2009 - Dear All, - - Now I want to configure DHCP server on the C3 Switch for all the vlan. - I have already gone through the configuration guide but not able to - understand which steps are enough. Bellow is the IP Pool for Vlans. - - Vlan10: 192.168.10.XXX - Vlan20: 192.168.20.XXX - Vlan30:192.168.30.XXX - - Need your immediate help. - - Best Regards, - Abhijit Pal - - SIEMENS Information systems Limited. - GO/ GTAS(Global Technology Application Services) 13th Floor, Tower- - 2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. - DID:+91 33 2339 9396 - Board:+91 33 2339 9000 - Fax:+91 33 2339 9001 - - - From: Pal, Abhijit IN CCU SISL - Sent: Friday, June 05, 2009 11:15 AM - To: 'stephen.faulk...@rikshospitalet.no' - Subject: RE: [enterasys] Vlan configuration issue. - - Hi Stephen, - - Thanks a lot... This is certainly going to be great help to configure - the required scenario. - - Best Regards, -
Re: FW: [enterasys] Vlan configuration issue.
Hi Abhijit, If you want the switch to be the DHCP server on your VLANs you have to define a pool for each of the VLANs, and be sure the switch has an active IP address on each of the VLANs. If you have a central DHCP server, then you need to define an IP address for the switch on each of the VLANs and then use the ip helper-address command on each of the vlan interfaces. For example setting ip helper-address 192.168.100.100 on VLAN10 will make the switch relay DHCP requests to the DHCP server on IP 192.168.100.100. Regards, Kim Pedersen -- #dhcps ! set dhcp enable set dhcp pool pool-bms set dhcp pool pool-bms default-router 192.168.93.254 set dhcp pool pool-bms network 192.168.93.0 255.255.255.0 set dhcp pool pool-amx set dhcp pool pool-amx dns-server 192.168.92.254 set dhcp pool pool-amx default-router 192.168.92.254 set dhcp pool pool-amx network 192.168.92.0 255.255.255.0 set dhcp pool pool-wlan set dhcp pool pool-wlan dns-server 192.168.90.3 set dhcp pool pool-wlan default-router 192.168.91.254 set dhcp pool pool-wlan network 192.168.91.0 255.255.255.0 set dhcp pool pool-security set dhcp pool pool-security dns-server 192.168.90.3 set dhcp pool pool-security default-router 192.168.95.254 set dhcp pool pool-security network 192.168.95.0 255.255.255.0 set dhcp pool pool-lutron set dhcp pool pool-lutron default-router 192.168.94.254 set dhcp pool pool-lutron network 192.168.94.0 255.255.255.0 set dhcp pool pool-guest set dhcp pool pool-guest default-router 192.168.99.254 set dhcp pool pool-guest network 192.168.99.0 255.255.255.0 set dhcp pool MGMT set dhcp pool MGMT default-router 192.168.100.254 set dhcp pool MGMT network 192.168.100.0 255.255.255.0 ! #Router Configuration router enable configure interface vlan 90 no shutdown ip address 192.168.90.250 255.255.255.0 exit interface vlan 91 no shutdown ip address 192.168.91.254 255.255.255.0 exit interface vlan 92 no shutdown ip address 192.168.92.250 255.255.255.0 exit interface vlan 93 no shutdown ip address 192.168.93.254 255.255.255.0 exit interface vlan 94 no shutdown ip address 192.168.94.250 255.255.255.0 exit interface vlan 95 no shutdown ip address 192.168.95.254 255.255.255.0 exit interface vlan 96 no shutdown ip address 192.168.96.250 255.255.255.0 exit interface vlan 99 no shutdown ip address 192.168.99.250 255.255.255.0 exit interface vlan 100 no shutdown ip address 192.168.100.250 255.255.255.0 exit -- Stephen Faulkner wrote: Hmmm. Most of this stuff is in the manuals!! I cannot answer regarding DHCP server features/functionality on the C3 itself. I have set up UDP forwarding (ip-helper) on these - that's all. If the C3 ITSELF is the DHCP server then I don't see the need for the relay function except in neighbouring routers where there may be DHCP clients. --- To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys arch...@mail-archive.com
Re: [enterasys] Vlan configuration issue. Default GW
Title: Re: [enterasys] Vlan configuration issue. Default GW Hi Fransisco, Thanks for your suggestions - yes, I know the B3s don't do routing. I am trying to get it routing working on the central C3 switch. When I first worked on the problem, I was using a sniffer to monitor the traffic, and plugging into various ports on the different VLANs. On each VLAN I used the C3 switch as the default GW, and routing between VLANs was working perfectly fine, but as soon as I started to include Internet addresses the traffic stopped on the C3 switch (No arp requests were sent out, or any routing/traffic to the default GW. The immediate problem obviously had to be that there was no default route set. This was a couple of months ago now, and someone has suggested I set the default route on the router by using "ip route 0.0.0.0 0.0.0.0 (gateway address)" I think I've already tried this, but I will give it a go again now that it has been suggested. Kind regards, Kim Pedersen CNCS Ltd. Francisco Garcia Alvarez wrote: Hi Kim: >From the info you mention, I don't get clear if you are sure that the default route isn't working for the B3's. I mean, have you tried to sniff packets at the firewall internal segment to see if the data is getting there? Have you checked the fw logs? Another thing that you can try to rule out any issue w the fw is putting any switch or router on the same internal segment of the fw and pointing the default route to that device and see if the packets go the device. One good example, to check if the data goes the way it should is to ping anything within the range of the default route; if the packets are routed correctly, you should go to the arp table of that B3 switch and see the mac address of the router/switch or fw that manages the route to get to that destination. If it works, then the conf is correct and maybe the issue is with firewall. Francisco J Gar�Álvarez Administrador Redes Director��a Infor���tica Rama Judicial Puerto Rico (939)389-3059 francisco.gar...@ramajudicial.pr - Original Message - From: Kim Pedersen k...@cncsltd.com To: Enterasys Customer Mailing List enterasys@listserv.unc.edu Sent: Sun Jun 07 23:50:42 2009 Subject: Re: [enterasys] Vlan configuration issue. Default GW Hi Michael, With last resort I presume you mean default route/gw? This is what I would like to accomplish, but I don't know the command that will do it, and have either misunderstood the documentation or been unable to find out which command to use. I did try and specify a default route by defining a static route as 0.0.0.0/0.0.0.0, but it didn't work out. I did not spend too much time on the whys as I felt I was on shaky ground trying a configuration that wasn't directly mentioned in the product documentation. I have included the router specific configuration below: -- C2(rw)-router(Config)#show running-config ! interface vlan 90 no shutdown ip address 192.168.90.250 255.255.255.0 interface vlan 91 no shutdown ip address 192.168.91.254 255.255.255.0 interface vlan 92 no shutdown ip address 192.168.92.250 255.255.255.0 interface vlan 93 no shutdown ip address 192.168.93.254 255.255.255.0 interface vlan 94 no shutdown ip address 192.168.94.250 255.255.255.0 interface vlan 95 no shutdown ip address 192.168.95.254 255.255.255.0 interface vlan 96 no shutdown ip address 192.168.96.250 255.255.255.0 interface vlan 99 no shutdown ip address 192.168.99.250 255.255.255.0 interface vlan 100 no shutdown ip address 192.168.100.250 255.255.255.0 ! router rip -- Regards, Kim Pedersen Pasetta, Michael wrote: Have you tried to add a route of last resort in the switches router configuration? From: Kim Pedersen To: Enterasys Customer Mailing List Sent: Sat Jun 06 21:23:38 2009 Subject: Re: [enterasys] Vlan configuration issue. Default GW I have a question to add into this interesting thread, which adds a twist to Abhijit's scenario. I have a very similar setup to the diagram below, with the added difference that on my setup the IP addresses of the C3 switch on each of the VLANs (10,20 and 30) is set as the default gateway for the clients connected to the B3 switches. Above C3 switch in the diagram below, I have a firewall / internet router on VLAN 40, and I would like the C3 switch to route all non-local traffic to this firewall. I have been unable to get this to work, as the default route command on the C3 switch seems only to work for the C3 switch itself, and not for any routed networks. Does anyone have experience with this? Regards, Kim Pedersen CNCS Ltd. Pal, Abhijit IN CCU SISL wrote:
RE: FW: [enterasys] Vlan configuration issue.
If you like, you could look on the C3 as a Cisco Hybrid (CatOS + IOS). You do not require a relay agent in the router interface. You configure a pool for each address range you need to serve and the 'pool network' command defines the addresses that each pool will serve. The 'set IP address' command can be a tough concept to grasp. However, unlike the E1 for example, the IP address on the switch cannot be in a subnet that is on the router (NB this may change). What this means in practice is that, if the C3 is your only router then you manage the C3 by telnet to one of the router interfaces and don't bother with the set IP address' command. You will need to set an IP address on the B3s in order to manage them, of course. Billo Data Communications Co-Ordinator Information Technology Telecommunications Hunter New England Health Service ph 0249 213804 fax 0249 213038 william.ol...@hnehealth.nsw.gov.au Pal, Abhijit IN CCU SISL abhijit@siemens.com 06/08/09 7:12 PM Hi, Not so clear. The DHCP server will serve ip to all the bellow mentioned vlans. So the DHCP server will hold different ip pool. But what about the Relay agent? Without relay agent will the DHCP server be able to serve ip to separate vlans? And one more help I need. I have issued set ip address command with the ip address on all the switches. But not able to telnet them from a PC. How to set up ip addresses on all the Switches so that I can telnet to them from any PC in the N/W? Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 -Original Message- From: William Olive [mailto:william.ol...@hnehealth.nsw.gov.au] Sent: Monday, June 08, 2009 1:15 PM To: Enterasys Customer Mailing List Subject: Re: FW: [enterasys] Vlan configuration issue. Aern't Siemens and Enterasys joined now? Anyway, here's a DHCP config. You do this in the switch BTW. set dhcp enable set dhcp exclude 10.1.1.94 set dhcp pool data set dhcp pool data dns-server 10.8.4.8 set dhcp pool data default-router 10.1.1.94 set dhcp pool data network 10.1.1.64 255.255.255.224 set dhcp pool data domain-name something.net If you need options for VoIP phones, they'll be something like this Ericcson set dhcp pool data option 43 hex def etc or Cisco set dhcp pool data option 150 hex abc etc If you need to set up reserved pool addresses, then they occupy a pool each, like this set dhcp pool printer set dhcp pool printer default-router 10.1.1.94 set dhcp pool printer hardware-address 00:1f:29:1c:17:82 set dhcp pool printer host 10.1.1.67 255.255.255.224 set dhcp pool UPS set dhcp pool UPS default-router 10.1.1.94 set dhcp pool UPS hardware-address 00:c0:b7:4a:09:90 set dhcp pool UPS host 10.1.1.91 255.255.255.224 Hope it helps Billo Data Communications Co-Ordinator Information Technology Telecommunications Hunter New England Health Service ph 0249 213804 fax 0249 213038 william.ol...@hnehealth.nsw.gov.au Pal, Abhijit IN CCU SISL abhijit@siemens.com Monday, 8 June 2009 Dear All, Now I want to configure DHCP server on the C3 Switch for all the vlan. I have already gone through the configuration guide but not able to understand which steps are enough. Bellow is the IP Pool for Vlans. Vlan10: 192.168.10.XXX Vlan20: 192.168.20.XXX Vlan30:192.168.30.XXX Need your immediate help. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Pal, Abhijit IN CCU SISL Sent: Friday, June 05, 2009 11:15 AM To: 'stephen.faulk...@rikshospitalet.no' Subject: RE: [enterasys] Vlan configuration issue. Hi Stephen, Thanks a lot... This is certainly going to be great help to configure the required scenario. Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID:+91 33 2339 9396 Board:+91 33 2339 9000 Fax:+91 33 2339 9001 From: Stephen Faulkner [mailto:stephen.faulk...@rikshospitalet.no] Sent: Thursday, June 04, 2009 8:53 PM To: Enterasys Customer Mailing List Subject: RE: [enterasys] Vlan configuration issue. Hello again. I tested something similar to this in our lab using a C3 as a router and a C2 and C3 as VLAN 10 and VLAN20 switches respectively. I have no B3 switches here, but assume they are similar. I did the configs and design in my head and it worked first time (unusual for me!). I had only 2 laptops. Server-laptop in VLAN30 and a client laptop that I used for testing VLAN 10 and 20 respectively.
Re: [enterasys] Vlan configuration issue. Default GW
Hi Kim: What happens if you try out this: modify the config on the C3 eliminating all the vlans and routes and just put the default route 0.0.0.0 0.0.0.0 pointing to the fw-ip-interface. Does it works!!! The thing is to figure out if the issue is the default route per se or the combination of routes. Francisco J Gar�Álvarez Administrador Redes Direct��ía Inform��tica Rama Judicial Puerto Rico (939)389-3059 francisco.gar...@ramajudicial.pr - Original Message - From: Kim Pedersen k...@cncsltd.com To: Enterasys Customer Mailing List enterasys@listserv.unc.edu Sent: Mon Jun 08 08:04:52 2009 Subject: Re: [enterasys] Vlan configuration issue. Default GW Hi Fransisco, Thanks for your suggestions - yes, I know the B3s don't do routing. I am trying to get it routing working on the central C3 switch. When I first worked on the problem, I was using a sniffer to monitor the traffic, and plugging into various ports on the different VLANs. On each VLAN I used the C3 switch as the default GW, and routing between VLANs was working perfectly fine, but as soon as I started to include Internet addresses the traffic stopped on the C3 switch (No arp requests were sent out, or any routing/traffic to the default GW. The immediate problem obviously had to be that there was no default route set. This was a couple of months ago now, and someone has suggested I set the default route on the router by using ip route 0.0.0.0 0.0.0.0 (gateway address) I think I've already tried this, but I will give it a go again now that it has been suggested. Kind regards, Kim Pedersen CNCS Ltd. Francisco Garcia Alvarez wrote: Hi Kim: From the info you mention, I don't get clear if you are sure that the default route isn't working for the B3's. I mean, have you tried to sniff packets at the firewall internal segment to see if the data is getting there? Have you checked the fw logs? Another thing that you can try to rule out any issue w the fw is putting any switch or router on the same internal segment of the fw and pointing the default route to that device and see if the packets go the device. One good example, to check if the data goes the way it should is to ping anything within the range of the default route; if the packets are routed correctly, you should go to the arp table of that B3 switch and see the mac address of the router/switch or fw that manages the route to get to that destination. If it works, then the conf is correct and maybe the issue is with firewall. Francisco J G�Álvarez Administrador Redes Directo���a Inf���tica Rama Judicial Puerto Rico (939)389-3059 francisco.gar...@ramajudicial.pr - Original Message - From: Kim Pedersen k...@cncsltd.com mailto:k...@cncsltd.com To: Enterasys Customer Mailing List enterasys@listserv.unc.edu mailto:enterasys@listserv.unc.edu Sent: Sun Jun 07 23:50:42 2009 Subject: Re: [enterasys] Vlan configuration issue. Default GW Hi Michael, With last resort I presume you mean default route/gw? This is what I would like to accomplish, but I don't know the command that will do it, and have either misunderstood the documentation or been unable to find out which command to use. I did try and specify a default route by defining a static route as 0.0.0.0/0.0.0.0, but it didn't work out. I did not spend too much time on the whys as I felt I was on shaky ground trying a configuration that wasn't directly mentioned in the product documentation. I have included the router specific configuration below: -- C2(rw)-router(Config)#show running-config ! interface vlan 90 no shutdown ip address 192.168.90.250 255.255.255.0 interface vlan 91 no shutdown ip address 192.168.91.254 255.255.255.0 interface vlan 92 no shutdown ip address 192.168.92.250 255.255.255.0 interface vlan 93 no shutdown ip address 192.168.93.254 255.255.255.0 interface vlan 94 no shutdown ip address 192.168.94.250 255.255.255.0 interface vlan 95 no shutdown ip address 192.168.95.254 255.255.255.0 interface vlan 96 no shutdown ip address 192.168.96.250 255.255.255.0 interface vlan 99 no shutdown ip address 192.168.99.250 255.255.255.0 interface vlan 100 no shutdown ip address 192.168.100.250 255.255.255.0 ! router rip -- Regards, Kim Pedersen Pasetta, Michael wrote:
Re: [enterasys] Vlan configuration issue. Default GW
Thank you everyone for the suggestions. The correct command was the "ip route 0.0.0.0 0.0.0.0 GWIP", and it worked out well. What gave me trouble earlier on was a combination of having multiple IPs on a single interface on the firewall, a unused but configured port on the firewall messing up the return routing and not doing the packet sniffing with the correct options set. With the support from this list I went ahead and made the necessary changes (on a production system) and worked my way through the setup piece by piece. With 32 vlans each using /24 networks I now have to implement switch access controls. Thanks again for the assistance. Regards, Kim Pedersen CNCS Ltd. Pasetta, Michael wrote: Try adding the following: ip route 0.0.0.0 0.0.0.0 (IP of your gateway router) You also need to make sure that the default router know how to get bac�� If your having issue, you can certainly contact the Enterasys GTAC at (800) 872-8440. From: Kim Pedersen [mailto:k...@cncsltd.com] Sent: Sunday, June 07, 2009 8:51 PM To: Enterasys Customer Mailing List Subject: Re: [enterasys] Vlan configuration issue. Default GW Hi Michael, With last resort I presume you mean default route/gw? This is what I would like to accomplish, but I don't know the command that will do it, and have either misunderstood the documentation or been unable to find out which command to use. I did try and specify a default route by defining a static route as 0.0.0.0/0.0.0.0, but it didn't work out. I did not spend too much time on the whys as I felt I was on shaky ground trying a configuration that wasn't directly mentioned in the product documentation. I have included the router specific configuration below: -- C2(rw)-router(Config)#show running-config ! interface vlan 90 no shutdown ip address 192.168.90.250 255.255.255.0 interface vlan 91 no shutdown ip address 192.168.91.254 255.255.255.0 interface vlan 92 no shutdown ip address 192.168.92.250 255.255.255.0 interface vlan 93 no shutdown ip address 192.168.93.254 255.255.255.0 interface vlan 94 no shutdown ip address 192.168.94.250 255.255.255.0 interface vlan 95 no shutdown ip address 192.168.95.254 255.255.255.0 interface vlan 96 no shutdown ip address 192.168.96.250 255.255.255.0 interface vlan 99 no shutdown ip address 192.168.99.250 255.255.255.0 interface vlan 100 no shutdown ip address 192.168.100.250 255.255.255.0 ! router rip -- Regards, Kim Pedersen Pasetta, Michael wrote: Have you tried to add a route of last resort in the switches router configuration? From: Kim Pedersen To: Enterasys Customer Mailing List Sent: Sat Jun 06 21:23:38 2009 Subject: Re: [enterasys] Vlan configuration issue. Default GW I have a question to add into this interesting thread, which adds a twist to Abhijit's scenario. I have a very similar setup to the diagram below, with the added difference that on my setup the IP addresses of the C3 switch on each of the VLANs (10,20 and 30) is set as the default gateway for the clients connected to the B3 switches. Above C3 switch in the diagram below, I have a firewall / internet router on VLAN 40, and I would like the C3 switch to route all non-local traffic to this firewall. I have been unable to get this to work, as the default route command on the C3 switch seems only to work for the C3 switch itself, and not for any routed networks. Does anyone have experience with this? Regards, Kim Pedersen CNCS Ltd. Pal, Abhijit IN CCU SISL wrote: Hello, I am describing the scenario. Five B3 switches will be connected with one C3 switch. Each B3 SW will be used as L2 SW and they will be in separate Vlan. One server which will be in separate vlan, will be directly connected to C3 switch. Now in C3 SW Vlan routing will happen. Attaching the worst Diagram came out of my best effort. What should I do? Best Regards, Abhijit Pal SIEMENS Information systems Limited. GO/ GTAS(Global Technology Application Services) 13th Floor, Tower-2,Millenium City Bldg, DN-62,Sector-5,SaltLake, Kolkata-700091. DID: +91 33 2339 9396 Board:+91 33 2339 9000 Fax: +91 33 2339 9001 --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys mpase...@enterasys.com --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys k...@cncsltd.com --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys mpase...@enterasys.com --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys k...@cncsltd.com --To unsubscribe from enterasys, send email to lists...@unc.edu with the body: unsubscribe enterasys
