VLAN routing

Post Reply
devlin
Member
Posts: 2
Joined: 19 Feb 2020 08:40

VLAN routing

Post by devlin »

Hi Guys

I have a problem with VLAN.
I have create a new VLAN (vlan 20)
ip interface:
Name IP Address Subnet Mask Status Forward Device
--------------------+------------------+---------------+------+-------+--------
FW 172.16.30.2 255.255.255.248 UP YES vlan 600
AC 192.168.20.254 255.255.255.0 UP YES vlan 20
PC 192.168.15.254 255.255.255.0 UP YES vlan 14
HANOI 192.168.17.254 255.255.255.0 UP YES vlan 18
Loopback 127.0.0.1 255.0.0.0 UP NO Loopback

ip route:
Dest Address Subnet Mask Gateway Addr Age Protocol
------------------+-----------------+-----------------+---------+-----------
0.0.0.0 0.0.0.0 172.16.30.1 69d 1h NETMGMT
127.0.0.1 255.255.255.255 127.0.0.1 436d12h LOCAL
172.16.30.0 255.255.255.248 172.16.30.2 69d 1h LOCAL
192.168.15.0 255.255.255.0 192.168.15.254 231d 0h LOCAL
192.168.17.0 255.255.255.0 192.168.17.254 231d 0h LOCAL
192.168.20.0 255.255.255.0 192.168.20.254 5d 4h LOCAL

show vlan port 4/14:
vlan type status
--------+---------+--------------
20 default forwarding


VLAN PC to VLAN AC --> ping KO
VLAN HANOI to AC --> ping KO
VLAN AC to VLAN PC --> ping OK
VLAN AC to HANOI --> ping OK

Why I can't ping VLAN AC from VLAN PC???
Thanks for your help.

silvio
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 1433
Joined: 01 Jul 2008 10:51
Location: Germany

Re: VLAN routing

Post by silvio »

If all your clients use the same device as default GW (within the three networks .254) than the issue is in the AC-device. Is there a local FW active? other network interface active? I assume that the PC/Hanoi devices can reach the GW in vlan 20.
regards
Silvio

devlin
Member
Posts: 2
Joined: 19 Feb 2020 08:40

Re: VLAN routing

Post by devlin »

Hi Silvio,

PC/ HANOI reach the GW in VLAN 20 but not devices (PC and router) and from ALCATEL I reach all device of VLAN 20.
Each device use their own VLAN GW and there is a FW. Do you think that the return ICMP is locked by FW? That's strange. The ALCATEL make the route.

My command to create the VLAN:
vlan 20 enable
vlan 20 name "AC"
ip interface "AC" address 192.168.20.254 mask 255.255.255.0 vlan 20
vlan 20 port default 4/14

Perhaps I forget something?

silvio
Alcatel Unleashed Certified Guru
Alcatel Unleashed Certified Guru
Posts: 1433
Joined: 01 Jul 2008 10:51
Location: Germany

Re: VLAN routing

Post by silvio »

No, it looks for me that the hardware-fw is in an own (small) network (vlan 600) - and all local routing is on the switch. This is a good design. But you have to make sure, that all the devices uses the correct mask and gateway (if you don't use dhcp).

But the local firewalls at the computer are possible reasons (because the traffic is comming from an other subnet). You can test from the switch to ping your devices with different source-ip:
> ping 192.168.20.xx source-interface AC (this will work)
> ping 192.168.20.x source-interface PC (this will not work)

regards
Silvio

Post Reply

Return to “OmniSwitch 6850 / 6850E”