I'm still having some issues with this, I thought I would provide some
more detail into this and see if I can get any help. I wish I had
something to create a drawing, but my trial for concept draw expired
and I don't know of anything else for OS X for that purpose. Please
bear with me as I describe how this is working.
There are two switches currently. a Summit x450 which I'm using as my
layer three device and border for the network currently. Off of that
is a Summit 200-24. On the x450 I have three vlans created, one for
the isp (which routes the traffic using bgp just fine), a management
vlan (192.168.0.0/24) and a customer vlan (192.168.1.0/24). This is a
real routeable /23, I'm just using rfc1918 address space to describe
the issue, as it should make no difference.
On the Summit x450, the ip address for the management vlan has been set
to 192.168.0.1. From this switch I'm going over to the Summit 200
using a cat5 ethernet cable. this is leaving port 5 of the switch and
connecting to port 25 on the Summit 200. Also going from port 2 on the
450 and connecting to port 26 on the 200 is a fiber connection using
multi mode fiber and two SX gbics. Link lights are good on all
physical connections. The customer vlan's ip address is 192.168.1.1.
The customer vlan is tagged with 3, the management vlan is tagged with
2.
On the Summit 200 I have created two vlans. There is the management
vlan and the customer vlan. The management vlan on the Summit 200 has
an ip address of 192.168.0.31 (assuming that this is how I set the ip
address for the switch on this vlan). Port 25 is in this vlan, and
ports 1-24 and port 26 is in the customer vlan, which does not have an
ip address as I don't want the switch to have an ip address in that
vlan. The customer vlan is tagged with 3, the management vlan is
tagged with 2. All ports have been added into their respective vlans
"tagged."
On either switch, when plugging in my powerbook I cannot ping the
default gateway of either vlan (the .1, from the vlan on the 450). I
also cannot ping across either vlan into the isp vlan, nor beyond to
the other side of their connection. When plugging my power book into
the switch the only arp entries I get are incomplete, so I figure
that's where my issue lies on that. Why would I not get an arp entry
if the port is enabled and added into the vlan tagged? Shouldn't that
just happen automatically or is there some weird configuration that I
didn't read about in the concept guides? I figure this is the same
problem on why from the switch (logged into the 450 through the
management port using a cross over cable) I cannot ping across the
fiber or cat 5 connections to the 200.
I have also added a default route into the 450 to point all traffic to
my ISP as long as it never reaches layer 3, it should stay behind the
450 through layer 2, or am I completely off base on this assumption as
well? Other things I've noticed that I find weird when trouble
shooting this. From the internet, I can ping my management vlan's ip
address of 192.168.0.1 which means traffic is passing through the
switch. I can also ssh into that ip address through the internet.
more detail into this and see if I can get any help. I wish I had
something to create a drawing, but my trial for concept draw expired
and I don't know of anything else for OS X for that purpose. Please
bear with me as I describe how this is working.
There are two switches currently. a Summit x450 which I'm using as my
layer three device and border for the network currently. Off of that
is a Summit 200-24. On the x450 I have three vlans created, one for
the isp (which routes the traffic using bgp just fine), a management
vlan (192.168.0.0/24) and a customer vlan (192.168.1.0/24). This is a
real routeable /23, I'm just using rfc1918 address space to describe
the issue, as it should make no difference.
On the Summit x450, the ip address for the management vlan has been set
to 192.168.0.1. From this switch I'm going over to the Summit 200
using a cat5 ethernet cable. this is leaving port 5 of the switch and
connecting to port 25 on the Summit 200. Also going from port 2 on the
450 and connecting to port 26 on the 200 is a fiber connection using
multi mode fiber and two SX gbics. Link lights are good on all
physical connections. The customer vlan's ip address is 192.168.1.1.
The customer vlan is tagged with 3, the management vlan is tagged with
2.
On the Summit 200 I have created two vlans. There is the management
vlan and the customer vlan. The management vlan on the Summit 200 has
an ip address of 192.168.0.31 (assuming that this is how I set the ip
address for the switch on this vlan). Port 25 is in this vlan, and
ports 1-24 and port 26 is in the customer vlan, which does not have an
ip address as I don't want the switch to have an ip address in that
vlan. The customer vlan is tagged with 3, the management vlan is
tagged with 2. All ports have been added into their respective vlans
"tagged."
On either switch, when plugging in my powerbook I cannot ping the
default gateway of either vlan (the .1, from the vlan on the 450). I
also cannot ping across either vlan into the isp vlan, nor beyond to
the other side of their connection. When plugging my power book into
the switch the only arp entries I get are incomplete, so I figure
that's where my issue lies on that. Why would I not get an arp entry
if the port is enabled and added into the vlan tagged? Shouldn't that
just happen automatically or is there some weird configuration that I
didn't read about in the concept guides? I figure this is the same
problem on why from the switch (logged into the 450 through the
management port using a cross over cable) I cannot ping across the
fiber or cat 5 connections to the 200.
I have also added a default route into the 450 to point all traffic to
my ISP as long as it never reaches layer 3, it should stay behind the
450 through layer 2, or am I completely off base on this assumption as
well? Other things I've noticed that I find weird when trouble
shooting this. From the internet, I can ping my management vlan's ip
address of 192.168.0.1 which means traffic is passing through the
switch. I can also ssh into that ip address through the internet.