Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

i2ambler

8 Posts

19292

February 1st, 2007 13:00

6024 and routing between vlans.

Hey there.. I am new to the 6024 switch. and have the following scenario: 3 total vlans 1 production vlan 1 backup traffic vlan 1 vlan for an isolated machine available on the internet. I read that by default all of the vlans should be able to route traffic between themselves just by configuring an IP to the vlan. This does not appear to be the case. I have configured simply 3 vlans, and assigned them IP addresses. after i get the vlans communicating i can setup an ACL to block certain incoming traffic from the internet machine.. vlan 2 is the backup vlan, vlan 3 is the isolated vlan. Here is just a snippit of my config:


vlan database
vlan 2-3
exit
interface range ethernet g(13-23)
switchport access vlan 2
exit
interface ethernet g24
switchport access vlan 3
exit
interface vlan 1
ip address 192.168.0.100 255.255.255.0
exit
interface vlan 2
ip address 192.168.100.1 255.255.255.0
exit
interface vlan 3
ip address 192.168.200.1 255.255.255.0
exit

... thanks!

Message Edited by i2ambler on 02-01-2007 09:34 AM

tester25

626 Posts

February 1st, 2007 18:00

Routing is probably disabled on the 6024 by default. Go into config mode and run this command:

router rip enable

Let me know what the results are.

http://support.dell.com/support/edocs/network/pc6024/en/cli/html/rip.htm#1040634

Message Edited by tester25 on 02-01-2007 02:45 PM

i2ambler

8 Posts

February 1st, 2007 19:00

I dont need a route distrubuting protocol enabled, as far as I know, for these stub networks. I was under the impression that all vlans automatically could speak to each other by default if the vlans were assigned an IP address. For example: Vlan 1 192.168.0.100 Vlan 2 192.168.100.1 Vlan 3 192.168.200.1 According to a post I read here earlier - Thats all I should do to enable hosts from Vlan1 communcate to Vlan 2 or 3. From there I would just create acl to block certain trafic. If this is not the case, can I please have a sample config that will give me more detail? Remember, this is a SIMPLE configuration.. 3 vlans with Vlan 1 and 2 blocking all but port 1500 traffic. This is to keep the third box on Vlan3 (which has an connection to the internet as well as a connection to vlan 3) from compromising the production network. Since the 6024 only supports ingress filtering, I could apply an ingress filter on vlan 1 and 2 once communication between vlans is established to keep them safe.. Thanks in advance.

tester25

626 Posts

February 1st, 2007 21:00

I'm doing this on a PowerConnect 6248 but the config on the 6024 should be very similar.  I don't have any restrictions on traffic between the VLANs like what you're planning to do.  The system connected to VLAN2 can contact the system connected to VLAN3, and vice versa.
 
console#show running-config
!Current Configuration:
!System Description "Dell PowerConnect"
!System Software Version 1.0.0.27
!
configure
vlan database
vlan 2-3
exit
stack
member 1 2
exit
ip address 192.168.1.100 255.255.255.0
interface vlan 2
routing
ip address  192.168.50.1  255.255.255.0
exit
interface vlan 3
routing
ip address  192.168.60.1  255.255.255.0
exit
ip routing
router rip
no enable
no hostroutesaccept
exit
username "admin" password 5f4dcc3b5aa765d61d8327deb882cf99 level 15 encrypted
no spanning-tree
!
interface ethernet 1/g1
switchport access vlan 2
exit
!
interface ethernet 1/g33
switchport access vlan 3
exit
enable password 5f4dcc3b5aa765d61d8327deb882cf99 encrypted
exit


Message Edited by tester25 on 02-01-2007 05:07 PM

kalex1

8 Posts

February 3rd, 2007 04:00

i2ambler,  as tester25 pointed out in his config, you need to enable routing on the switch.  by default its off and you can't route between vlans without a router.  since these are layer 3 switches, they have routing built in and you don't need a separate router.  you just need to enable routing.  i have this setup on my cisco lab and i do have to use a router, since my switches are not layer 3.
 
 
alex

i2ambler

8 Posts

February 5th, 2007 14:00

Unfortunately the 62xx and the 60xx are different routers and the configuration appears to be very much different. there is not 'routing' config for under my vlan interfaces.. I guess I will just call technical support when i get a chance.

tester25

626 Posts

February 5th, 2007 18:00

I'm just curious.  It seems like you are wanting to avoid using OSPF or RIP.  What's the main reason behind avoiding them?  I'm not trying to agitate you, I am just curious.
 
Anyways, I got a hold of a PowerConnect 6024 and set it up to route between two of my VLANs: 101 and 102.  I gave 101 an IP address of 192.168.17.254 and 102 an IP of 192.168.18.254.  I enabled RIP on the config level (not interface level).  I verified routing by connecting a host to each member port of the VLAN.  Each host could ping across to the other VLAN(subnet).
 
Here's an output of my running-config.
 
6024-1# show running-config

Router Configuration
-----------------------------
no spanning-tree
interface range ethernet all
spanning-tree disable
exit
interface range ethernet all
spanning-tree portfast
exit
interface range ethernet all
flowcontrol auto
exit
vlan database
vlan 101-102
exit
interface ethernet g17
switchport access vlan 101
exit
interface ethernet g18
switchport access vlan 102
exit
interface vlan 1
ip address 192.168.10.254 255.255.255.0
ip address 192.168.100.253 255.255.255.0
exit
interface vlan 101
ip address 192.168.17.254 255.255.255.0
exit
interface vlan 102
ip address 192.168.18.254 255.255.255.0
exit
router rip enable
hostname 6024-1
username admin password 5f4dcc3b5aa765d61d8327deb882cf99 level 15 encrypted
snmp-server location here
OOB host Configuration
-----------------------------
Empty configuration
_____________________________

StarLog

2 Intern

 • 

203 Posts

February 6th, 2007 21:00

tester, did you mean to have two ip's in the vlan1 area? or was one a typo. I figured you could have .254 and .253, but nt sure why a diff subnet.

tester25

626 Posts

February 7th, 2007 14:00

Yeah, that was a mistake.  It wasn't hurting anything for my configuration so I just left it there.  Laziness.  :smileyhappy:

i2ambler

8 Posts

February 7th, 2007 14:00

I dont need to use OSPF or RIP because I am trying to communicate between two stub networks not route between multiple routers. The only reason I would enable rip or ospf is for ease of routing table maintenance. Since I have no routing table to transfer, and no routers to transfer it to - why use a routing information protocol?? It was my understanding that vlan communication was enabled by default. I will try your config and see if it works..

YamakasY

70 Posts

January 6th, 2013 10:00

I'm also busy with this and can't get it working.

I have a attached router to my switch, pure for internetaccess from the hosts, but I would like to have routes between my vlans and from my vlans to my vlan1 where my router is in.

What gateway do I set for my hosts connected to the Vlans ? Are this the IP's of the Vlans ? If so, how does the routing goes to the internet ?

I have Rip enabled, but this doesn't change a thing yet.

Was this post helpful?

View All

0 events found

No Events found!

Top