Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Andrzejek on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VLANs on Procurve 2524's

Status
Not open for further replies.
aZLAn2000

aZLAn2000

Technical User
Oct 29, 2003
45
DK
Hi,

I have a problem with my Procurve 2524's. One of the switches has been configured with 4 VLANs for my Internet connections and DMZ. The default vlan should then connect to my internal lan but every time I connect it to a switch it stops responding on all vlans after a couple of minutes!? I have tried to enable/disable spanning-tree and connecting the switch to another switch on the network. I have doublechecked that theres no loop-back and the switch has been in Candidate and off mode with no luck. What have I done wrong?

/Christian
 
Sort by date Sort by votes
By the way... All ports are untagged.

/Christian
 
Upvote 0 Downvote
Hi Christian -

Your problem statement, as I read it, is "The default VLAN should then connect to my internal vlan but...".

There is not enough information to understand the problem statement. For example, I assume that you have a router or routing switch connecting these four VLANs, although you don't mention it.

What network device is supposed to be forwarding traffic from one VLAN to another?

Regards,
Ralph
 
Upvote 0 Downvote
Hi,

Yes. It sounds a bit tricky :)

Reason for VLAN:
I have a rack with all the switches for the internal network. Then I have another rack located elsewhere with my internet connections. Instead of having one switch for every router and then having loads of cables running over the floor I took 2524 switch out of the first rack and placed it in the router-rack.

I then made 4 VLANs for the routers. All of the routers need to connect to a switch and then connect to the dsl-modem because i need to be able to put equipment between them. This works fine. But the last VLAN i have must connect to the other rack with 5 other 2524 switches so all the routers can connect their internal interface to the LAN. This is where my problem occurs. When I connect to the local LAN my network works as it is supposed for a minute or two and then it dies and every thing connected to the switch can not be pinged or anything until I unplug the cable again. Why?

/Christian
 
Upvote 0 Downvote
Hello Christian -

I must admit that I probably will not be able to understand your network design and topology without seeing a network map (drawing) of it. In fact, it is difficult to accurately convey a topology of more then 2-3 network devices without a drawing.

Since you wrote, "When I connect to the local LAN my network works as it is supposed for a minute or two then dies..." I will assume that you have routers connecting your VLANs (I was worried that you did not).

When you write, "every thing connected to the switch can not be pinged or anything until I unplug the cable again", I assume that you mean "... cannot be pinged from a different VLAN". Is my assumption correct?

The comment about "until I unplug the cable again" is most intriguing! You mentioned that you have tried enabling Spanning Tree protocol, which suggest that you suspect a loop (as I do). Enabling STP will not necessarily solved all networking problems that can result from loops, although it will prevent the so-called broadcast storms (that can result from a loop).

With STP disabled, do you see any evidence of loops, based on FFI "excessive broadcasts" or "high collision or drop rate" "excessive late collisions" or other "M" (Major) or "W" (Warning) messages in the Switch Event Log?

Also, when in the failing mode, have you tried to isolate the issue by using pings over small portions of the end-to-end path? For example, can you ping the router's near interface (IP address) from your ping source? Can you ping the router's 'far' interface from the ping source? Can you ping the destination ip address from its nearest router? How many routers are in the end-to-end path?

Regards,
Ralph
 
Upvote 0 Downvote

Think i might have found the problem. When a cable is connected between two vlans on the same switch the switch will stop working. I have a Netscreen firewall in invisible mode where the inside interface is connected to 1 vlan and the dmz is connected to another vlan on the same switch. The switch can't see this netscreen and all packets are allowed from inside to dmz so it would look like a direct patch from the first vlan to the other. I must find a way to fix this - one way or the other.

/Christian
 
Upvote 0 Downvote
Christian -

Connecting two VLANs via a cable is not a valid configuration. It will cause address table "thrashing" as MAC addresses are seen alternately on the two VLANs.

You should connect two VLANs using a router or routing switch. Or, put all of those nodes all on one VLAN.

Regards,
Ralph
 
Upvote 0 Downvote
Okay... damn :) But thanks for helping me out.

/Christian
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kryptor
  • Locked
  • Question
VLANs causing me a headache!! 1
Replies
1
Views
669
meneerB
meneerB
starmanjl
  • Locked
  • Question
Can someone direct me to some docum
Replies
1
Views
192
meneerB
meneerB
Wadoki
  • Locked
  • Question
What is the command to enable 3rd party SFP+ transceivers on HP switch?
Replies
0
Views
176
Wadoki
Wadoki
AlphaMann
  • Locked
  • Question
Enabling DSCP 46 bit set priorization
Replies
0
Views
155
AlphaMann
AlphaMann
joblack23
  • Locked
  • Question
hp procurve training
Replies
0
Views
93
joblack23
joblack23

Part and Inventory Search

Sponsor

Back
Top