Comware

 View Only

  • 1.  OOBM over Trunks

    Posted Aug 03, 2020 04:03 AM

    Hi Professionals

    I need help with a network design.

     

    Switch 1 is connected to a WAN link which is tagged with a couple of VLANs.

    VLAN3 is for Management (of Switches and Server iLOs). For that purpose i have Switch 2, which has connections to all managed host interfaces.

    Network Design.jpg

    Everything works fine, exept that i can not access Switch 1 over the WAN (either ping, ssh, telnet, web).

    If I connect to one other switch with ssh, i can connect to switch1 with ssh.

    I think the problem is, that switch1 has Tagged VLAN3 (to propagate to other switches) and OOBM is untagged on VLAN3.

    Does anybody give an input or advice, how to realize that, so that also switch1 is accessible on VLAN3?

     

    Any input is appreciated.

     

    Kind regards

    giusi



  • 2.  RE: OOBM over Trunks

    Posted Aug 03, 2020 04:45 AM

    Hello  Schirinzi Giuseppe,

    Do you have an ACL on the tagged port? Please check, as there should be no difference if it is tagged or not. The connection should be to the vlan interfaces if it is defined on the port it should be allowed. There is also another possibility that there is no route on this switch /switch 1/ to the destination from where you are trying to reach it.

    Hope this helps!



  • 3.  RE: OOBM over Trunks

    Posted Aug 03, 2020 04:04 PM

    Hi Alex

    many thanks for Your quick answer.

    No, there are no ACLs configured.

    There is also configured a default route.

    I also have not configured any VLAN interface.

     

    Here the relevant part of the config

    #Switch 1

    interface Bridge-Aggregation49
     description Uplink WAN
     port link-type trunk
     undo port trunk permit vlan 1
     port trunk permit vlan 3 to ###
     port trunk pvid vlan 3000
     link-aggregation mode dynamic

    interface M-GigabitEthernet0/0/0
     ip address aaa.bbb.ccc.112 255.255.255.128

    interface Ten-GigabitEthernet2/0/1
     description Uplink WAN
     port link-mode bridge
     port link-type trunk
     undo port trunk permit vlan 1
     port trunk permit vlan 3 to ###
     port trunk pvid vlan 3000
     dldp enable
     port link-aggregation group 49

    interface Ten-GigabitEthernet2/0/24
     description Downlink Switch 2
     port link-mode bridge
     port access vlan 3

    ip route-static 0.0.0.0 0 aaa.bbb.ccc.126

    #Switch 2

    interface Vlan-interface1
     ip address aaa.bbb.ccc.110 255.255.255.128

    ip route-static 0.0.0.0 0 aaa.bbb.ccc.126

    But I'm not sure, if I made a fault on the default route.

    How can the route from the M-Interface go to Switch 2 and then go back to Switch 1 to the WLAN?

    As far as I know, I can't set a default route based on the source interface.

    Is static Route ip route-static 0.0.0.0 0 aaa.bbb.ccc.126 valid for the whole switch?

    How does switch 1 know, where to send this packets?

     

    Any help is appreciated.

     

    Best regards

    giusi



  • 4.  RE: OOBM over Trunks

    Posted Aug 05, 2020 04:03 AM

    Hello guisi,

    When you try to reach from the wan connection - aaa.bbb.ccc.112 - the management interface of switch1 - is it from the same subnet, how is the routing to it and from it to the ip address you are trying to reach it.

    Yes, the static route is valid for the whole switch unless you are using vpn-instance (VRF) which is a separate routing table for its interfaces.

    Maybe from switch 2 it is reaching from peer to peer connection to the ip address on interface M0/0/0, but from the WAN the ip address is not reachable on switch1, you may try to ping from the interface ip address to the device you need to see if it has reachabiity. 

    Is the gateway - aaa.bbb.ccc.126 - reachable from switch 1?



  • 5.  RE: OOBM over Trunks

    Posted Nov 12, 2020 08:01 PM

    Hi I have the same problem. with a very similar setup:

    Ich have two IRF Stacks of 5950 in different datacenters connected via a static trunk. The OOBM interfaces are only reachable from datacenter A and are in our mgmt vlan 400. The OOBM interfaces in datacenter B are connected to a management switch, which is connected via static trunk to the datacenter B 5950 stack.

    I cant reach the management interface of the 5950 in datacenter B from a host connected to the mgmt vlan in datacenter A. The correct arp entries are generated on both ends. I can see ping requests at the host in datecenter A when i do a ping from the 5950 in datecenter B, but the answers are never arriving,

    This issue occurs with FW 5950_7.10.R6301 - with FW 5950_7.10.R6205P03 everything is working as expected.

    It seems to be a bug in FW FW 5950_7.10.R6301. Or is there a new configuration need which i have overlooked?

    https://h10145.www1.hpe.com/downloads/SoftwareReleases.aspx?ProductNumber=JH402A

    trunk.png



Related Content