Unsolved
This post is more than 5 years old
41 Posts
0
72954
November 1st, 2014 20:00
Powerconnect 6248 Inter-VLAN routing to gateway
I'm trying to use the 6248 as a layer 3 device for the two VLANs on a ESXi host. I can see inter-vlan routing is working OK as from the ESXi host, VLAN 10 and ping VLAN 20 and vice versa. The ESXi's gateway is set to the management IP address of 192.168.15.55 which is on the same subnet as the netgear router that connects to the Internet.
However, while ESXi host can reach 192.168.15.55, it can't reach the Internet. The only way I can reach the Internet is if I ping a public IP from the 6248.
What is the best way to get routing working so that the ESXi host can access the Internet?
Below are the key areas of the config
ip address 192.168.15.55 255.255.255.0
ip default-gateway 192.168.15.1
ip routing
interface vlan 10
name "Management"
routing
ip address 10.0.0.1 255.255.255.240
ip mtu 1500
exit
interface vlan 20
name "vMotion"
routing
ip address 10.0.0.17 255.255.255.248
ip mtu 9000
exit
interface ethernet 1/g1
description "****Connection-to-Netgear****"
spanning-tree disable
interface ethernet 1/xg4
description "****10g-to-ESXi****"
spanning-tree disable
mtu 9216
switchport mode general
switchport general allowed vlan add 10,20 tagged
0 events found
DELL-Josh Cr
Moderator
•
9.6K Posts
•
113 Points
0
November 3rd, 2014 09:00
Hi,
Try setting the default gateway on the ESXi host to be on the same subnet as the VLAN it is on, not having it jump all the way to the router, have the default gateway be 10.0.0.1. The switch should then route it to the netgear.
PowerConnect48
41 Posts
0
November 6th, 2014 12:00
using 10.0.0.1 didn't work
DELL-Josh Cr
Moderator
•
9.6K Posts
•
113 Points
0
November 6th, 2014 13:00
You can put the default gateway back to what it was, it seems like it routes to 192.168.15.55 fine, so it is getting to the right VLAN, which is VLAN 1, which isn’t routable. You may want to move the internet VLAN to a different VLAN. Is the port from the 6224 to the negear a trunk port or an access port?
PowerConnect48
41 Posts
0
November 6th, 2014 13:00
Just more info, I added a route on the Netgear router that looks like:
10.0.0.0 255.255.255.0 192.168.15.55
I can ping VLAN 10 - 10.0.0.1 and VLAN 10.0.0.17 on the Dell PowerConnect but nothing behind the Dell PowerConnect
PowerConnect48
41 Posts
0
November 6th, 2014 20:00
"Is the port from the 6224 to the negear a trunk port or an access port?"
As shown in the inital config, gi1/1 isn't configured. I can't change the port type on the Netgear router side so if I made it a trunk then it would lose connection
PowerConnect48
41 Posts
0
November 7th, 2014 07:00
Just to clarify what I mean by point 2. If I try to create a VLAN that is on the same subnet as the subnet I use to connect to the switch I get the following error
console(config)#interface vlan 99
console(config-if-vlan99)#ip address 192.168.15.99 255.255.255.0
Subnet conflict between specified IP Address and current configuration.
All routing interfaces, service ports and network ports must be configured on
different subnets.
DELL-Josh Cr
Moderator
•
9.6K Posts
•
113 Points
0
November 7th, 2014 07:00
You will have to remove the other configuration first. , so that you don't get the conflict. On ethernet 1/g1 it is set as an access port, you can change the VLAN that it is on still and it will send untagged traffic on that VLAN. Using the command switchport access vlan 99
You also could leave it on VLAN 1 and just move the management VLAN with the command ip address vlan 99
http://www.dell.com/support/Article/us/en/19/SLN285593/EN
http://wiki.xdroop.com/space/Dell/Power+Connect+6224/Routing
PowerConnect48
41 Posts
0
November 7th, 2014 07:00
1. Can I change the default VLAN from 1 to something that is routable?
2. "You need to add another VLAN so the internet is not on VLAN 1"
How could I do this if the Internet gateway (Netgear) is not VLAN aware?
DELL-Josh Cr
Moderator
•
9.6K Posts
•
113 Points
0
November 7th, 2014 07:00
In that case it is only passing untagged traffic on VLAN 1. VLAN 1 is not routable, so the return packets on the ping are being dropped because VLAN 1 won’t route back to VLAN 10. So you need to add another VLAN so the internet is not on VLAN 1. Then you can add the static route and not get “The specified Static Route Next Hop Router Address can't be in the same subnet as the service/network port”
PowerConnect48
41 Posts
0
November 7th, 2014 08:00
Josh -
Moving the default management VLAN 1 to VLAN 99 fixed my issue as shown www.dell.com/.../EN
As soon as I changed the default VLAN, everything routed as needed. Thanks!
PowerConnect48
41 Posts
0
November 7th, 2014 08:00
Speedtrap -
Thanks for your input but I don't believe you understood the issue at hand. Your reply was not valid for this.
speedstep
11 Legend
•
47K Posts
0
November 7th, 2014 08:00
RFC 1918 addresses do not route to each other nor do they go out to the internet because they require NAT to talk to the outside world.
Your netgear home router isnt a vpn router and wont route and or NAT between
The Internet Assigned Numbers Authority (IANA) hasreserved the following three blocks of the IP address
space for private internets: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
An enterprise that requests IP addresses for its external connectivity
will never be assigned addresses from the blocks defined above.
In order to use private address space, an enterprise needs to
determine which hosts do not need to have network layer connectivity outside the enterprise in the foreseeable future and thus could be classified as private. Such hosts will use the private address space defined above. Private hosts can communicate with all other hosts inside the enterprise, both public and private. However, they cannot have IP connectivity to any host outside of the enterprise. While not having external (outside of the enterprise) IP connectivity private hosts can still have access to external services via mediating
gateways (e.g., application layer gateways).
DELL-Josh Cr
Moderator
•
9.6K Posts
•
113 Points
0
November 11th, 2014 10:00
If you turn SSH back off does it start working again?
PowerConnect48
41 Posts
0
November 11th, 2014 10:00
I turned it off, routing still isn't working on VLAN 1. Any debugging commands you'd suggest?
PowerConnect48
41 Posts
0
November 11th, 2014 10:00
Today, routing is no longer working. The only change I've made since it was working was enabling SSH.
1. I've plugged a laptop in directly to the switch and can't reach any of the routable VLANs configured on the switch
2. Below is the configuration showing I've made the management VLAN something other 1.
console#show ip int
Management Interface:
IP Address..................................... 0.0.0.0
Subnet Mask.................................... 0.0.0.0
Default Gateway................................ 0.0.0.0
Network Configuration Protocol Current......... None
Management VLAN ID............................. 99
Routing Interfaces:
Netdir Multi
Interface State IP Address IP Mask Bcast CastFwd
---------- ----- --------------- --------------- -------- --------
vlan10 Up 10.0.0.1 255.255.255.240 Disable Disable
vlan 20 Up 10.0.0.17 255.255.255.248 Disable Disable
vlan 1 Up 192.168.15.55 255.255.255.0 Disable Disable
---
interface vlan 1
routing
ip address 192.168.15.55 255.255.255.0
-------
console#show ip rout
Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static
B - BGP Derived, IA - OSPF Inter Area
E1 - OSPF External Type 1, E2 - OSPF External Type 2
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2
S 0.0.0.0/0 [1/0] via 192.168.15.1, vlan 1
C 10.0.0.0/28 [0/1] directly connected, vlan 10
C 10.0.0.17/29 [0/1] directly connected, vlan 20
C 192.168.15.0/24 [0/1] directly connected, vlan 1
===============
Question -
It appears now that VLAN 1 is not routing just like before. What are some debugging commands I can use to confirm this? Or better yet, how can I fix it?