Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Difficulty connecting 4 new Procurves for 1st time

Status
Not open for further replies.

southerly

Technical User
May 7, 2007
41
US
I have three 2626 and one 2824 switch I have obtained and want to make these work together over a trunked connection. They are cabled togther but cannot communicate over the trunks I thought I setup correctly.
They are accessible via the console each but no more and I have cabled them together on ports 25 and 26 in the expectation of trunking these together.
I have set an ip address for each and specified an untagged port on one 2626 for a PC.
My end design would consist of two VLANS, 75 and 302.
VLAN 75 would standalone across the four switches to carry file backup traffic from hosts cabled to each switch.
VLAN 302 would be used to manage the switches through a port on the one 2626 switches and using the trunk connections thereafter for managing the remaining switches.
 
post your configs

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Let me try again, see below, one of four:
BDC-UNI-INF-BKUP-A# sh run

Running configuration:

; J4903A Configuration Editor; Created on release #I.08.87

hostname "BDC-UNI-INF-BKUP-A"
snmp-server contact "Hosting"
snmp-server location "Charlestown Data Center"
time timezone -300
time daylight-time-rule Continental-US-and-Canada
mirror-port 24
no telnet-server
interface 24
no lacp
exit
trunk 24 Trk1 Trunk
ip default-gateway 172.16.200.129
sntp server 172.16.199.50
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
snmp-server community "c0mversehosting" Unrestricted
snmp-server community "comverseh0sting" Operator
snmp-server community "Netadmn9" Operator
vlan 1
name "DEFAULT_VLAN"
untagged 2-23
no ip address
tagged Trk1
no untagged 1
exit
vlan 75
name "File_Backups"
tagged Trk1
exit
vlan 302
name "BDC_Secure"
untagged 1
ip address 172.16.200.179 255.255.255.192
tagged Trk1
exit
ip authorized-managers 172.16.204.215 255.255.255.224
ip authorized-managers 192.168.101.88
ip authorized-managers 172.16.199.62
ip authorized-managers 172.16.200.129 255.255.255.255
spanning-tree Trk1 priority 4
ip ssh
password manager

BDC-UNI-INF-BKUP-A#
 
Two of four:

BDC-UNI-INF-BKUP-B#

Running configuration:

; J4900B Configuration Editor; Created on release #H.08.83

hostname "BDC-UNI-INF-BKUP-B"
snmp-server contact "Network-Admins"
snmp-server location "North_Denver"
time timezone -420
time daylight-time-rule Continental-US-and-Canada
interface 4
speed-duplex 100-full
exit
interface 5
speed-duplex 100-full
exit
interface 6
speed-duplex 100-full
exit
interface 8
speed-duplex 100-full
exit
interface 10
speed-duplex 100-full
exit
interface 11
speed-duplex 100-full
exit
interface 12
speed-duplex 100-full
exit
interface 13
speed-duplex 100-full
exit
interface 14
speed-duplex 100-full
exit
interface 15
speed-duplex 100-full
exit
interface 16
speed-duplex 100-full
exit
interface 17
speed-duplex 100-full
exit
interface 18
speed-duplex 100-full
exit
interface 19
speed-duplex 100-full
exit
interface 20
speed-duplex 100-full
exit
interface 22
speed-duplex 100-full
exit
interface 23
speed-duplex 100-full
exit
interface 24
speed-duplex 100-full
exit
interface 25
flow-control
no lacp
exit
interface 26
flow-control
no lacp
exit
trunk 25-26 Trk1 Trunk
ip default-gateway 172.16.200.129
snmp-server community "cnsITtlv" Operator
snmp-server community "cnsITtlv2007" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-24,Trk1
no ip address
exit
vlan 75
name "File_Backups"
tagged Trk1
exit
vlan 302
name "BDC_Secure"
ip address 172.16.200.178 255.255.255.192
tagged Trk1
exit
ip authorized-managers 172.16.200.129 255.255.255.255
aaa authentication telnet login radius local
aaa authentication telnet enable radius local
aaa authentication ssh login radius local
aaa authentication ssh enable radius local
aaa accounting exec start-stop radius
radius-server host 10.115.33.11 key netitittlv
spanning-tree Trk1 priority 4
ip ssh key-size 1024
password manager

BDC-UNI-INF-BKUP-B#
 
Three of four:

BDC-UNI-INF-BKUP-C# sh run

Running configuration:

; J4900B Configuration Editor; Created on release #H.08.83

hostname "BDC-UNI-INF-BKUP-C"
time timezone -720
interface 25
flow-control
no lacp
exit
interface 26
flow-control
no lacp
exit
trunk 25-26 Trk1 Trunk
ip default-gateway 172.16.200.129
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-24,Trk1
no ip address
exit
vlan 302
name "BDC_Secure"
ip address 172.16.200.177 255.255.255.192
tagged Trk1
exit
vlan 75
name "File_Backups"
tagged Trk1
exit
ip authorized-managers 172.16.200.129 255.255.255.255
spanning-tree Trk1 priority 4
password manager

BDC-UNI-INF-BKUP-C#
 
Four of four:

BDC-UNI-INF-BKUP-D# sh run

Running configuration:

; J4900B Configuration Editor; Created on release #H.08.83

hostname "BDC-UNI-INF-BKUP-D"
snmp-server contact "Network-Admins"
snmp-server location "North_Denver_L3"
time timezone -720
time daylight-time-rule Continental-US-and-Canada
interface 2
speed-duplex 100-full
exit
interface 3
speed-duplex 100-full
exit
interface 6
speed-duplex 100-full
exit
interface 8
speed-duplex 100-full
exit
interface 10
speed-duplex 100-full
exit
interface 11
speed-duplex 100-full
exit
interface 12
speed-duplex 100-full
exit
interface 14
speed-duplex 100-full
exit
interface 16
speed-duplex 100-full
exit
interface 18
speed-duplex 100-full
exit
interface 19
speed-duplex 100-full
exit
interface 20
speed-duplex 100-full
exit
interface 21
speed-duplex 100-full
exit
interface 22
speed-duplex 100-full
exit
interface 24
speed-duplex 100-full
exit
interface 26
flow-control
no lacp
exit
trunk 26 Trk1 Trunk
ip default-gateway 172.16.200.129
snmp-server community "cnsITtlv" Operator
snmp-server community "cnsITtlv2007" Operator Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 2-25,Trk1
no ip address
no untagged 1
exit
vlan 302
name "BDC_Secure"
untagged 1
ip address 172.16.200.176 255.255.255.192
tagged Trk1
exit
vlan 75
name "Backup_VLAN"
tagged 2-25,Trk1
exit
ip authorized-managers 172.16.200.129 255.255.255.255
aaa authentication telnet login radius local
aaa authentication telnet enable radius local
aaa authentication ssh login radius local
aaa authentication ssh enable radius local
aaa accounting exec start-stop radius
radius-server host 10.115.33.11 key netitittlv
spanning-tree Trk1 priority 4
ip ssh key-size 1024
password manager

BDC-UNI-INF-BKUP-D#
 
What does your physical topology look like?

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
BDC-UNI-INF-BKUP-A
P24
|
|
P26
BDC-UNI-INF-BKUP-B
P25
|
|
P26
BDC-UNI-INF-BKUP-C
P25
|
|
P26
BDC-UNI-INF-BKUP-D
P1
|
|
Test PC
 
I realized I had not turned on spanning-tree, so I enabled that in each of the Procurves. I enabled flow-control on the trunk ports for comparison, but, that had no affect so I disabled flow-control on each of the ethernet ports in the trunk configuration.
As of this writing, switch A (172.16.200.176) can ping the the adjacent switch (B), but no further. In addition, frmo the test PC, I can telnet to switch A but cannot ping past the A to the B switch (172.16.200.177).
 
Get rid of your trunk configs on all of the switches, you don't need them since you are not doing any link aggregation. Tag the individual uplink ports appropriately and you should be in business

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Prior to your last update I changed my trunk groups and put the trk2 setting where trk1 appeared on a second trunk port in the configurgation. Specifically on the middle two switches. After that, I can from any switch in the group ping any of the four.
With respect to your recent posting, can you specify sample commands?

Thanks.
 
Your VLAN tagging is probably OK, providing you've added the same VLANs as "TAGGED" to the TRK2 that you've created.

Not sure you understand what Procurve are talking about when they call something a "Trunk" - if you are Cisco-literate, then maybe it'll help to know that for Procurve, "Trunk" doesn't mean anything relating to VLANs, but it means something similar to a "Channel-Group".
In other words, a "Trunk" is a pair of ports which both provide the same connection between two switches, bundled as a "Trunk", preferably using LACP.
 
Ok, in my case, two ports are going in opposite directions as the switches are essentially chained together.
So back to the earlier recommendation, if I remove the trunk specification on the indicated ports above and just make then untagged in VLAN 302, I can manage them, correct?

The remaining ports in VLAN 75 I expect to leave isolated with a community of servers all sending file backups to a server in the same VLAN.

 
I have made some progress.
Based on the last recommendation, I removed the ports from the trunk configurations and just put those ports in VLAN 302 as untagged ports.
From each switch, I can ping the other three in the configuration.
However, from my test PC, I can only access the first device it is cabled to, the 172.16.200.176 Procurve.
I am unable to ping or telnet beyond that 2626 from my PC.
 
Some additional progress, I had static routes on my PC which prevented me from reaching the Procurves. With those deleted, I can now reach all four switches from my test PC.
That resolved, does this mean I must cross cable the VLAN 75 ports switch to switch? This certainly creates a physical segregation. Can't I logically segregate the traffic using the trunking, or is aggregation, method I described originally?
 
I think I understand your VLAN75 - you want a stand-alone VLAN for servers to send their backups on?

I don't see why you need to treat this any differently from the rest of your VLANs, trunking it each switch where it is needed.

What I don't get is this:
- you don't seem to have any device in VLAN 75 on any of your switches.
- you have almost all ports on one switch configured with VLAN75 as "tagged".

What's that all about?
 
I have not setup any test devices on VLAN 75.
My primary focus was getting VLAN 302 operational such
that I could ssh or telnet to the switches and complete setting up VLAN 75 for the backup server and hosts to be backed up.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top