Would appreciate some help with this as it's been driving me crazy all night. I'm trying to get to grips with an Extreme Networks 3650GTS. I'm a Windows sysadmin primarily, with a small amount of Cisco experience, and I just can not for the life of me get this unit routing to an upstream firewall.
I have a few VLANs on the switch that are routing correctly between each other, 10.1.1.0/24, 10.2.2.0/24 etc. In Cisco-world I image I would make the uplink port a non-switchport, assign it an IP, put a static route in and point it to that interface or upstream IP. With this switch, I just can't seem to get that working.
So I've created a new VLAN 1010 for the link, 10.10.10.0/24 (wasteful, I know, but this is a lab environment), with an interface address of 10.10.10.2. The uplink port (port 48) is access VLAN 1010 and the upstream firewall is 10.10.10.1.
I can ping the firewall when source is 10.10.10.2, but no other VLANs can ping it as source. Help!
IP route and config below:
3650GTS-PWR+#sh ip route
Ip Route
DST MASK NEXT COST VLAN PORT PROT TYPE PREF
-------------------------------------------------------------------------------
10.1.1.0255.255.255.0 10.1.1.11 11 ---- C DB 0
10.2.2.0255.255.255.0 10.2.2.11 22 ---- C DB 0
10.9.9.0255.255.255.0 10.9.9.11 99 ---- C DB 0
10.10.10.0255.255.255.0 10.10.10.21 1010 ---- C DB 0
Total Routes: 4
-------------------------------------------------------------------------------
3650GTS-PWR+#sh run
! Embedded ASCII Configuration Generator Script
! Model = Ethernet Routing Switch 3650GTS-PWR+
! Software version = v6.1.1.017
!
! Displaying only parameters different to default
!================================================
enable
configure terminal
!
! *** CORE ***
!
! username "ro" "********" ro
! username "admin" "********" rw
!
! *** RADIUS ***
!
!
! *** RADIUS Dynamic Server ***
!
!
! *** TACACS+ ***
!
!
! *** SNMP ***
!
!
! *** IP ***
!
ip default-gateway 10.10.10.1
ip address switch 10.9.9.1
!
! *** IP Manager ***
!
!
! *** ASSET ID ***
!
!
! *** System Logging ***
!
!
! *** STACK ***
!
!
! *** Custom Banner ***
!
!
! *** SSH ***
!
!
! *** SSL ***
!
!
! *** SSHC ***
!
!
! *** MSTP (Phase 1) ***
!
!
! *** LACP (Phase 1) ***
!
!LACP mode is set to OFF on all interfaces to enable manipulation of
!ports with LACP enabled
interface Ethernet ALL
lacp mode port ALL off
exit
!
! *** VLAN ***
!
vlan create 11,22,99,1010 type port cist
vlan name 11 "Servers"
vlan name 22 "Workstations"
vlan name 99 "Mgmt"
vlan name 1010 "Interlink1010"
vlan ports 1-12,46 tagging tagAll
vlan ports 48 filter-unregistered-frames disable
vlan configcontrol flexible
vlan members 1 NONE
vlan members 11 1-12
vlan members 22 13-23
vlan members 99 25-47,49-52
vlan members 1010 46,48
vlan ports 1-12 pvid 99
vlan ports 13-24 pvid 22
vlan ports 25-47 pvid 99
vlan ports 48 pvid 1010
vlan ports 49-52 pvid 99
no auto-pvid
!
! *** 802.1ab ***
!
!
! *** 802.1ab vendor-specific TLVs config ***
!
!
! *** 802.1AB MED Voice Network Policies ***
!
!
! *** QOS ***
!
!
! *** RMON ***
!
!
! *** EAP ***
!
!
! *** EAP Guest VLAN ***
!
!
! *** EAP Fail Open VLAN ***
!
!
! *** EAP Voip VLAN ***
!
!
! *** Interface ***
!
interface Ethernet ALL
name port 1-12 "ESXi Host Trunk"
name port 13-24 Workstations
exit
!
! *** Rate-Limit ***
!
!
! *** MLT (Phase 1) ***
!
!
! *** MAC-Based Security ***
!
!
! *** LACP (Phase 2) ***
!
!
! *** ADAC ***
!
!
! *** MSTP (Phase 2) ***
!
!
! *** Port Mirroring ***
!
!
! *** VLAN Phase 2***
!
vlan mgmt 99
!
! *** MLT (Phase 2) ***
!
!
! *** PoE ***
!
!
! *** RTC ***
!
!
! *** Extreme Networks Energy Saver ***
!
!
! *** AUR ***
!
!
! *** AAUR ***
!
!
! *** L3 ***
!
interface vlan 11
ip address 10.1.1.1 255.255.255.0 2
interface vlan 22
ip address 10.2.2.1 255.255.255.0 3
interface vlan 1010
ip address 10.10.10.2 255.255.255.0 4
exit
ip route 0.0.0.0 0.0.0.0 10.10.10.1 1
!
ip routing
!
!
! *** IPV6 ***
!
!
! *** MLD ***
!
!
! *** FHS ***
!
!
! --- FHS Global settings ---
!
!
! --- IPV6 access list settings ---
!
!
! --- IPv6 mac access list settings ---
!
!
! --- IPV6 dhcp guard settings ---
!
!
! --- IPV6 RA Guard settings ---
!
!
! --- IPV6 Policy Port Map settings ---
!
!
! --- IPV6 FHS ND SBT Table settings ---
!
!
! --- IPV6 Source Guard Interface settings ---
!
!
! *** VLACP ***
!
!
! *** DHCP Relay ***
!
!
! *** L3 Protocols ***
!
!
! --- IP Directed Broadcast ---
!
!
! --- Proxy ARP ---
!
!
! --- UDP Broadcast Forwarding ---
!
!
! --- Route Policies ---
!
!
! --- RIP ---
!
!
! *** DHCP SNOOPING ***
!
!
! *** ARP INSPECTION ***
!
!
! *** IP SOURCE GUARD ***
!
!
! *** IGMP ***
!
interface vlan 1
ip igmp
exit
interface vlan 11
ip igmp
exit
interface vlan 22
ip igmp
exit
interface vlan 99
ip igmp
exit
interface vlan 1010
ip igmp
exit
!
! *** STACK MONITOR ***
!
!
! *** SLPP-guard ***
!
!
! *** DHCP Server ***
!
!
! *** SLAMON ***
!
!
! *** STORM CONTROL ***
!
!
! *** Fabric Attach ***
!
No comments:
Post a Comment