Unsolved
1 Rookie
•
4 Posts
0
1000
January 28th, 2022 09:00
OS10 single VLAN with two subnets routing issue
I am trying to resolve some routing issues implemented by a previous network admin.
I have two Dell S4128F-ON spines running OS10. I have VLAN24 designated for my camera system with two subnets. The main subnet is 172.20.24.0/24 and there's a secondary subnet that's only for two cameras at a remote site that's 172.21.24.0/24. I can ping all devices in the 172.20.24.0/24 subnet no matter which VLAN my computer is on, but the only way I can access cameras in the 172.21.24.0/24 subnet is to put my computer on VLAN24. So my inter VLAN routing isn't quite right for the 172.21.24.0/24 subnet.
Here's my current config for VLAN24:
interface vlan24
description CAMERAS
no shutdown
ip address 172.20.24.254/24
ip helper-address 172.20.1.20
ip helper-address 172.20.1.21
!
vrrp-group 24
virtual-address 172.20.24.1
I have tried to add "ip address 172.21.24.254/24 secondary" but it just breaks my connection to the two remote cameras. I also tried to add a new VLAN just for those two cameras, but it also broke my connection.
172.20.1.20 and 172.20.1.21 are my DHCP servers.
The remote switch is an old HP with the following config:
vlan 1
name "DEFAULT_VLAN"
untagged 1-28
ip address 172.21.24.2 255.255.255.0
exit
Is there any way to fix this easily?
DELL-Josh Cr
Moderator
•
9.4K Posts
0
January 28th, 2022 14:00
Hi,
How are the sites connected? It could be a routing between sites issue. I assume that putting the remote cameras on https://dell.to/3rYd1x2 isn’t viable?
BlueJupiter
1 Rookie
•
4 Posts
0
February 1st, 2022 12:00
The remote site connects back to my primary through a site-to-site VPN in my firewalls. The firewall VPN is routed so can I have the same 172.20.24.0/24 subnet in both locations?
DELL-Josh Cr
Moderator
•
9.4K Posts
0
February 1st, 2022 13:00
Most likely no, site to site vpn’s will require different subnets. So, it is configured correctly there, it just seems like it isn’t routing to that vlan properly.
BlueJupiter
1 Rookie
•
4 Posts
0
February 3rd, 2022 13:00
Packets are dropping at my Spines. If I changed my ip address config from a /24 to a /15 on VLAN24 would that allow me to ping those two cameras? I need to be able to ping cameras in the 172.20.24.0 subnet and 172.21.24.0 subnet. I realize I would need to change the subnet mask on those camera devices, but I'm just curious if that would fix the routing.
DELL-Josh Cr
Moderator
•
9.4K Posts
0
February 3rd, 2022 13:00
Maybe, it depends on where the issue that is causing it not to route is. You may want to try to use wireshark and see how far the packets are going.
BlueJupiter
1 Rookie
•
4 Posts
0
February 3rd, 2022 13:00
Can something be changed with my switch config in the first post to get the routing working properly? I'm not really sure where to go from here to troubleshoot.
DELL-Josh Cr
Moderator
•
9.4K Posts
0
February 3rd, 2022 15:00
Worth trying, it might just break communication with those cameras, but nothing worse than the current problem.