Unsolved
This post is more than 5 years old
2 Posts
0
8589
August 7th, 2010 11:00
Need help with VLANs / weird problem
I have a very weird problem that I will try to explain to you:
I have 2 Dell Powerconnect 2824 Switched in Managed Mode
I have 2 PFSense firewalls with 4 NICs (2 WAN, 1 LAN, 1 pfsync)
I have 1 server with 2 NICs
I have 2 network ports for internet provided by the data center
The powerconnect switches are default except for me creating a VLAN2 on the first switch and a VLAN3 on the 2nd switch. I have the VLANs set to Untagged. I am using ports 17,18,19,20 on each switch for these VLANs
Internet port1 from the data center goes into SW1/port 17
Internet port2 from the data center goes into SW2/port 17
SW1/port18 goes into PF1/WAN1
SW2/port18 goes into PF1/WAN2
SW1/port19 goes into PF2/WAN1
SW2/port19 goes into PF2/WAN2
I have failover configured on each PFSense for the WAN's
I have a cable going from SW1/port24 to SW2/port24 to link the two default VLAN 1's
I have Server NIC 1 plugged into SW1/port1
I have Server NIC 1 plugged into SW2/port1
PF1 LAN port is plugged into SW1/port3
PF2 LAN port is plugged into SW2/port3
With this configuration if I unplug Server NIC 2 I cannot get to PF2 from the server. Its like the switches are not connected to each other.
Now here is the kicker, if I unplug Internet port1 from the data center that goes into SW1/port 17 I can now get to PF2. Its like that link is causing a loop or something, or I have my VLANs set up wrong.
Any help on this one?
jhabers
2 Posts
0
August 7th, 2010 12:00
OK I did some more research and think I found out what is going on...correct me if I am wrong...
I found this statement
"PowerConnect switches are not PerVlan Spanning Tree aware like Cisco devices. If you connect the two switches with both cables you will create a physical loop and one of the ports will go to blocking, thus blocking an entire vlan."
I believe what is happening is that the 2 internet connections are tied back together on the datacenters equipment and along with my crossover going from sw1 to sw2 its causing a loop since I am assuming that my switches dont support PVST.
So if this is the case is my only option to get 2 more physical switches and use them for each internet port and totally get rid of trying to do VLAN's?
Thanks
Jon
reference: http://en.community.dell.com/support-forums/network-switches/f/866/p/17002352/17133453.aspx
bh1633
909 Posts
0
August 9th, 2010 10:00
You are probably correct that this is a spanning tree problem. The 2824 is a little limited though in being able to check the STP state of the switches.
You can ask your ISP what kind of STP they are running and explain to them that your switches only run ieee single instance spanning tree and see what their suggestion is.
You could also just disable spanning tree on the 2824 switches and see what happens. Since you do not have a logical loop (netowrk is segmented by vlans) on your network, I doubt this will cause any issues for you.