Skip to main content

hindutool1

1 Rookie

 • 

20 Posts

June 30th, 2016 20:00

Daniel,
  Thank you so much for your help. I was able (through some toiling) change the management interface. It is now set back to vlan 1.  Vlan 3 while labeled as management is a test vlan I am using.
Here is my second issue, I need all the Vlans to have internet access.

Just to recap.
Interface 1/g1 is connected to my router ("the internet") with an IP address of 192.168.1.1.  It is the only interface by which the switch sees the internet. As such, I have placed this port in general mode, allowing all vlans to access it. In doing so:

-The switch can ping the internet
-The switch can ping all vlans

VLAN 10 ("internet" per your recommendations) = 192.168.1.254 (same subnet as router) and functions as the gateway

Vlan 3 (this is a test vlan) = 192.168.3.1, machines on this subnet:

-are able to ping the router (192.168.1.1)
-are able to ping other vlans (vlan 1, vlan 100, vlan 3, etc)
-are NOT able to ping the internet (i.e. 8.8.8.8)

VLAN 100 (another test VLan can be ignored for now)

The appropriate static routes in the router are as always, in place.
I have included my configuration as well as the salient other outputs.  Thank you again so much for all of your help. I feel like I am almost there.....

---------------------------------------------------------------------------------------------------
console#show run
!Current Configuration:
!System Description "PowerConnect 6248P, 3.3.14.2, VxWorks 6.5"
!System Software Version 3.3.14.2
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 3,10,100
vlan routing 100 1
vlan routing 3 2
vlan routing 10 3
exit
sntp unicast client enable
sntp server 97.107.129.217
clock summer-time recurring USA
clock timezone -6 minutes 0 zone "CST"
stack
member 1 5
member 2 5
exit
ip address none
ip name-server 192.168.1.1
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.1.1
interface vlan 3
name "Management"
routing
ip address 192.168.3.1 255.255.255.0
exit
interface vlan 10
name "Internet"
routing
ip address 192.168.1.254 255.255.255.0
exit
interface vlan 100
name "Openstack"
routing
ip address 10.10.10.1 255.255.255.0
exit
username "admin" password 22f44f0f9450578bf3bf465cc5c54610 level 15 encrypted
!
interface ethernet 1/g1
description "Internet"
switchport mode general
switchport general pvid 10
switchport general allowed vlan add 3,10,100
exit
!
interface ethernet 1/g2
switchport access vlan 3
exit
!
interface ethernet 1/g6
switchport mode general
switchport general pvid 3
switchport general allowed vlan add 3,10
exit
!
interface ethernet 1/g8
switchport access vlan 10
exit
!
interface ethernet 2/g15
switchport access vlan 100
exit
exit
----------------------------------------------------------

-Output of the "show vlan" command
console#show vlan

VLAN       Name                         Ports          Type      Authorization
-----  ---------------                  -------------  -----     -------------
1      Default                          ch1-48,1/g1,   Default   Required
                                        1/g3-1/g7,
                                        1/g9-1/g48,
                                        1/xg3-1/xg4,
                                        2/g1-2/g14,
                                        2/g16-2/g48,
                                        2/xg3-2/xg4
3      Management                       1/g1-1/g2,1/g6 Static    Required
10     Internet                         1/g1,1/g6,1/g8 Static    Required
100    Openstack                        1/g1,2/g15     Static    Required

--------------------------------------------------------------------------------------------

-Output of "show ip interface" command
console#show ip interface

Management Interface:

IP Address..................................... 0.0.0.0
Subnet Mask.................................... 0.0.0.0
Default Gateway................................ 0.0.0.0
Burned In MAC Address.......................... F8B1.560B.6C42
Network Configuration Protocol Current......... None
Management VLAN ID............................. 1

Routing Interfaces:
                                                    Netdir   Multi
Interface    State  IP Address      IP Mask         Bcast    CastFwd
----------   -----  --------------- --------------- -------- --------
vlan 100     Up     10.10.10.1      255.255.255.0   Disable  Disable
vlan 3       Up     192.168.3.1     255.255.255.0   Disable  Disable
vlan 10      Up     192.168.1.254   255.255.255.0   Disable  Disable

--------------------------------------------------------------------------

-output of the "show ip route" command
console#show ip route

Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static
       B - BGP Derived, IA - OSPF Inter Area
       E1 - OSPF External Type 1, E2 - OSPF External Type 2
       N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2

S      0.0.0.0/0 [1/0] via 192.168.1.1,   vlan 10
C      10.10.10.0/24 [0/1] directly connected,   vlan 100
C      192.168.1.0/24 [0/1] directly connected,   vlan 10
C      192.168.3.0/24 [0/1] directly connected,   vlan 3


Final note: the 1/g6 interface is where i am doing my testing. it is a general port. I want this port to be primarily associated with VLAN 3 (i.e. PVID of 3) but with internet access. I have a windows PC connected to this port for testing.

-When the machine given an ip on the VLAN 10 subnet (192.168.1.x) it HAS internet access and can ping ALL VLans

-However when the machine is given an ip on VLAN 3 (192.168.3.x) it: 1)can ping all vlan IPs 2)Can ping the router (192.168.1.1) 3)Cannot ping the internet (8.8.8.8)

-In both cases, the windows pc is connected to the 1/g6 port

Any help or advice would be greatly appreciated. Sorry for being verbose, i am doing this more for me and for others who may google in the future for a solution to this problem.

Sincerely,

Prashant

hindutool1

1 Rookie

 • 

20 Posts

July 14th, 2016 15:00

Title: Powerconnect 6248P VLAN internet access

Daniel,

  Thank you again for your words of wisdom.  INDEED, the issue was with the router. It was not allowing the other subnets access to the internet. The router I was using was an old home router --- Linksys E1000. Obviously not the best router to use, but after I flashed it with DD-WRT, and opened the appropriate holes in the iptable it worked fine.

Now that I have everything in order and because I have spent nearly 3 months trying to figure this out, I thought I might share my toils and troubles with future generations wishing to use this switch with a home router.  I am therefore giving an introduction to my setup:

To configure the router (Linksys E1000 router flashed with DD-WRT):

1) Make sure you are using dd-wrt or its equivalent, or make sure that you have a router that will allow you to edit the iptables to allow subnets not part of the router main subnet to access the internet. In dd-wrt, enter the following command to open iptables to all subnets (so that machines on those subnets can access the internet):

iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr`

This is entered under "Administration--->Commands"

2) Because the router lives on the 192.168.1.x subnet (in this example the router IP address is 192.168.1.1), the switch must have a reserved IP address on this subnet as well (i.e. 192.168.1.254 - or any free ip address). This IP address will function as your new gateway for all VLANS you create

Set up the static routes (in the router software) with the following:

10.10.10.0        255.255.255.0        192.168.1.254
(New VLAN)        (netmask)       (IP address of switch, aka "the gateway")


3) Create a DHCP reservation for the switch in your router software using wither IP address (192.168.1.254) and/or its MAC address.  

You are now set.

------------------------------------------------------------------------------------------------------

Powerconnect 6248P Configuration:
Introduction - My setup consists of 2 stacked 6248P switches connected by stacking cables. UNIT 1 provides the INTERNET interface to the router. Essentially port 1/g1 is connect directly to the router which is connected tot he internet. Unit 2 houses all the ports my servers connect tow and the various Vlans that house them.

Vlan 1: default vlan - not used
Vlan 3: "Management" VLAN - used only for OOB networks but not in this example" ----->192.168.3.1
Vlan 10: "THE INTERNET" VLAN - this provides internet access for your other vlans"---->192.168.1.254 (NOTE THIS IS THE ADDRESS OF THE SWITCH ON THE ROUTER SUBNET AKA "The gateway")
Vlan 100: internal vlan used for local networking between machines ---->10.10.10.1
Vlan 200: internet access for servers with 2 NICS that are part of Vlan 100 ------>20.20.20.1

Again, 1/g1 is connected directly to the router (192.168.1.1), and therefore provides internet access via Vlan 10. It DOES NOT need to be in general mode (thanks to the tip from Daniel)

Here is the switch configuration:
console#show run
!Current Configuration:
!System Description "PowerConnect 6248P, 3.3.14.2, VxWorks 6.5"
!System Software Version 3.3.14.2
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 3,10,100,200
vlan routing 100 1
vlan routing 3 2
vlan routing 10 3
vlan routing 200 4
exit
sntp unicast client enable
sntp server 97.107.129.217
clock summer-time recurring USA
clock timezone -6 minutes 0 zone "CST"
stack
member 1 5
member 2 5
exit
ip address none
ip name-server 192.168.1.1
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.1.1
interface vlan 3
name "Management"
routing
ip address 192.168.3.1 255.255.255.0
exit
interface vlan 10
name "Internet"
routing
ip address 192.168.1.254 255.255.255.0
exit
interface vlan 100
name "Openstack"
routing
ip address 10.10.10.1 255.255.255.0
exit
interface vlan 200
name "Openstack_internet"
routing
ip address 20.20.20.1 255.255.255.0
ip helper-address 192.168.1.1
exit
username "admin" password 22f44f0f9450578bf3bf465cc5c54610 level 15 encrypted
!
interface ethernet 1/g1
description "Internet"
switchport access vlan 10
exit
!
interface ethernet 2/g1
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g2
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g3
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g4
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g5
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g6
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g7
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g8
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g9
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g10
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g11
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g12
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g13
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g14
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g15
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g16
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g17
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g18
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g19
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g20
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g21
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g22
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g23
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g24
switchport mode general
switchport general pvid 100
switchport general allowed vlan add 10,100
exit
!
interface ethernet 2/g25
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g26
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g27
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g28
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g29
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g30
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g31
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g32
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g33
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g34
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g35
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
!
interface ethernet 2/g36
switchport mode general
switchport general pvid 200
switchport general allowed vlan add 10,200
exit
exit


-----------------------------------------------------------------------

So that's it! On a personal note, I have heard some grumblings about these switches on message boards...  I have no idea why. They are EXCELLENT! and the CLI is very easy to navigate. In addition, firmware updates ARE FREE and the support as you can see is fantastic.  In fact, I struggled by myself for two months without success until i posted a help query on this same thread. Daniel answered it right away, and got me on the right track. I have zero networking experience whatsoever, and am a medical professional by trade. Everything I have learned is by reading, internet searches, and trial and error. Up until 3 months ago, I had no idea what a switch was or how to connect a machine to anything but a home router! Thanks again Daniel for your help. I hope this posts helps someone in the future.

Sincerely,

Prashant

Was this post helpful?

View All

No Events found!

Top