Wired Intelligent Edge

Hi,

I hope someone can point me in the right direction. Basically, I have a working main core switch. Config shown below.  I also am in the process of building a test switch which will be a proof of concept so that I can eventually move my main switch over to replace the test one when the company moves into the new shared office.

The issue I'm having is that I cannot route out past the main switch. The packets take the correct route and hit the VLAN IP of the main switch but go no further and I'm struggling to understand why.

The main switch config is as follows:

; J9850A Configuration Editor; Created on release #KB.15.15.0008
; Ver #05:18.7f.ff.3f.ef:4d
hostname "HP-5406Rzl2"
module A type j9536a
module B type j9534a
module C type j9536a
module D type j9534a
timesync sntp
sntp unicast
sntp 100
sntp server priority 1 10.100.26.32
no telnet-server
telnet-server listen data
web-management listen data
ip ssh listen data
ip route 0.0.0.0 0.0.0.0 172.31.254.33
ip route 0.0.0.0 0.0.0.0 172.31.254.41 distance 110
ip routing
interface A1
name "Main Link"
exit
interface A2
name "Backup Link"
exit
interface A3
name "Link to Test Switch"
exit
snmp-server community "public" unrestricted
snmp-server listen data
snmp-server contact "None" location "Office"
oobm
disable
ip address dhcp-bootp
exit
vlan 1
name "DEFAULT_VLAN"
no untagged A1-A2,A4-A20,B1-B24,C1-C22,D1-D24
untagged A3,A21-A22
no ip address
exit
vlan 105
name "Link to Test Switch"
tagged A3
ip address 172.31.254.49 255.255.255.248
exit
vlan 275
name "Main Link"
untagged A1
ip address 172.31.254.36 255.255.255.248
exit
vlan 280
name "Backup Link"
untagged A2
ip address 172.31.254.44 255.255.255.248
exit
vlan 300
name "Data"
untagged A8-A20,B1-B24,C1-C22,D1-D24
tagged A1-A2
ip address 10.101.54.1 255.255.255.128
ip helper-address 10.101.54.2
exit
vlan 350
name "Voice"
tagged A1-A7,A9-A20,B1-B23,C1-C22,D1-D24
ip address 10.101.54.129 255.255.255.128
ip helper-address 10.101.54.2
qos dscp 101110
voice
exit
vlan 355
name "WiFi"
untagged A4-A7
tagged A1-A2
ip address 10.101.55.1 255.255.255.0
ip helper-address 10.101.54.2
exit
spanning-tree
no tftp server
tftp server listen data
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator

The test switch config is as follows:

; J9146A Configuration Editor; Created on release #W.14.38

hostname "ProCurve 2910al-24G-PoE Switch"
module 1 type J9146A
ip routing
vlan 1
name "LAN"
untagged 2-24
ip address 10.100.26.38 255.255.254.0
no untagged 1
exit
vlan 105
name "Link to Main Switch"
ip address 172.31.254.50 255.255.255.248
tagged 1
exit
ip route 0.0.0.0 0.0.0.0 172.31.254.49
snmp-server community "public" unrestricted
snmp-server contact ""

Doing a traceroute to a Google DNS server from the test switch while it's plugged into the correct port on the main switch results in the following:

ProCurve 2910al-24G-PoE Switch# traceroute 8.8.8.8
traceroute to 8.8.8.8 ,
1 hop min, 30 hops max, 5 sec. timeout, 3 probes
1 172.31.254.49 6 ms 3 ms 3 ms
2 * * *
3 * * *

However, going the same on the main switch results in success. I can't understand what is configured incorrectly on the main switch for this not to work. I also can't get to any device on the main switch, packets just hand at the IP of the VLAN 105 on the main switch.

Could someone help me out and show my where I'm going wrong.

Thanks.

I've missed the static route on the main switch haven't I?

It doesn't know how to get back to the test switch which is why the traceroute hangs.

Wish I hadn't left work.....

Happy to receive confirmation before I give this solution a go tomorrow!

Thanks.

So, that seemed to make no difference.

Can someone tell me why I can't route between these 2 vlans. The switches route to the IP address of the VLAN on the other switch but it then just fails. I can't figure out why.

Test switch

ProCurve 2910al-24G-PoE Switch(config)# traceroute 8.8.8.8
traceroute to 8.8.8.8 ,
1 hop min, 30 hops max, 5 sec. timeout, 3 probes
1 172.31.254.49 6 ms 4 ms 3 ms
2 * * *

Main Switch

traceroute to 10.100.26.39 ,
1 hop min, 30 hops max, 5 sec. timeout, 3 probes
1 172.31.254.50 1 ms 1 ms 1 ms
2 * * *
3 * * *

Thanks.

For routing to work, all of the devices in the path have to have a properly populated routing table. You might consider running RIPv2 or OSPF to accomplish this automatically. But since I don't see redundant routes, it really won't do much other than make things easier.

This is what your environment should look like:

1. PC on vlan 1 on test switch should point to 10.100.26.38 as its default gateway.
2. Test switch should use 172.31.254.49 as its default gateway, and it does.
3. The main switch has a default gateway which I assume is ok. The main switch also needs a route back to the PC subnet on the test switch: 10.100.26.0/23 to 172.31.254.50 (ip route 10.100.26.0/23 172.31.254.50)
4. The default gatway of the main switch, 172.31.254.33 & 41, would also need routes back to 10.100.26.0/23 through 172.31.254.36 & 44 respectively.
5. If 172.31.254.33 & 41 are doing NAT, then this is as far as you would have to go. Otherwise, you need to keep adding static routes on upstream routers pointing back downstream.

You might find that looking at the routing tables will help, "show ip route".