Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Procurve Networking Weirdness

Status
Not open for further replies.
fatmcgav

fatmcgav

Technical User
Sep 2, 2009
9
GB
HI there,

We are experiencing some weird issues with our ProCurve network setup...

We have 2x 2910al-24G switches which form our Core network stack. These are split into 2 Port-based VLANS.
VLAN 1 = Production, Tagged P1-2, Untagged P3-16.
VLAN 2 = DMZ, Tagged P1-2, Untagged P3-16.
Port 1 and 2 are used to link the 2 switches togeather using 2 Cat5e cables.
Spanning tree is enabled on both switches.

Going into these switches are 4 Cables provided from our suppliers' upstream network. The 4 cables are split into 2 VLAN's - Prod and DMZ - and are plumbed into the switches based on the Port Based VLAN. These form 2 Subnets - Production on 10.0.0.0/255.255.224.0 and DMZ on 172.16.16.0/255.255.240.0.

Upstream of the core stack is a Virtualised Firewall which is used to control access, aswell as route between VLAN's, listening on 10.0.31.254 and 172.16.31.254.

We can plug in both DMZ 2 uplink cables and they work perfectly. We can get access to the firewall and the internet beyond.

However when we plug in the DMZ 1 uplink cables, we loose all connectivity on the DMZ 2 uplink. DMZ 1 continues to work and we can get out to the internet.

Having discussed this with our suppliers networks team, they think the issue is being caused by Spanning Tree.
They have recommended the following setup - image attached.

Does this make sense? Will it work? How easy is it to configure the necessary Trunk links and priorities?

Apologies for the long-windedness - advanced network config like this is pretty new to me...

Any info appreciated.

Cheers
Gavin
 
Sort by date Sort by votes
what does your current topology look like; can you put together a diagram and post it?? also, what is DMZ1 and DMZ2??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
can you post configs of all of the switches involved (preferrably as .txt file attachments much like your .jpg and .pdf attachments in the thread)?? if possible ask your provider if they will provide you with configuration information that is relevant to your connection(s) and post that as well. Chances are that it is a spanning-tree issue, but i'd like to see some configs before jumping to conclusions.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Upvote 0 Downvote
Ok, as a quick update to this, we're going to try and re-configure the network tomorrow, using the same VLAN IDs as the supplier is using, and pass both VLANs through the uplink cables.

We're also going to try and configure some Spanning Tree priorites for our core stack. However i'm in 2 minds as to whether we need to utilise MTSP, configure one STG for each VLAN, with the root's being shared across both switches - I.e. SW01 is Root for STG1 and SW02 is root for STG2.
Thoughts?

Cheers
Gavin
 
Upvote 0 Downvote
i've had a bitch of a time getting cisco and hp to work together. let me restate that, i've had a bitch of a time getting pvst+/rpvst+ to work with other vendors switches using MSTP so be very careful that you don't cause a loop. good luck.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
AS an update to this, we had a very successful day yesterday.

Rebuilt the core switches from the ground up, creating the necessary VLANs, changed the primary, set up trunk uplink ports on the stack, assigned the necessary spanning tree priorities to the switches, plugged in the uplink cables, and it all worked perfectly - spanning tree behaved, could get out to both gateways and failover worked aswell :)

Switch configs' for reference are:
ACT-STAR-SW01: ACT-STAR-SW02:
Then proceeded to build the distribution switches, following much the same process as above on the first 2, and a single VLAN setup on the last 4, and these also worked perfectly :)

A couple of configs' for reference are:
ACT-STAR-SW03 - Multi-VLAN setup: ACT-STAR-SW05 - SIngle VLAN setup:
SO thanks for all the assistance...

If anybody has any comments on the above configs in order to improve, please feel free :)

Cheers
Gavin
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

joblack23
  • Locked
  • Question
hp procurve training
Replies
0
Views
70
joblack23
joblack23
DanielUK
  • Locked
  • Question
HP Procurve 2650 and wireshark
Replies
7
Views
160
VinceWhirlwind
VinceWhirlwind
Borvik
  • Locked
  • Question
New ProCurve switch not visible
Replies
8
Views
147
Borvik
Borvik
texastig
  • Locked
  • Question
HP Procurve J9145A how to shut it off 1
Replies
4
Views
87
texastig
texastig
barp21
  • Locked
  • Question
HP Procurve 1810G-8
Replies
3
Views
95
VinceWhirlwind
VinceWhirlwind

Part and Inventory Search

Sponsor

Back
Top