A Little VLAN help please.....?

B

BigBadAl

Limp Gawd
Joined
Sep 16, 2010
Messages
349
Hi all, new to Hardforum. Been viewing for Aaagggeeesss but only managed to get registered today, the downside to free email addresses....:eek:

Network Pics thread Is pure pr0n!:eek::cool:

Anyway, to the point, I have acquired a nice little HP Procurve 1810G-24 switch for use at home and to play about with VLANs some more but I seem to have hit a stumbling block.

I may also be that I have misunderstood just how VLANs work/supposed to work but here goes.

I have my IPCop as Red, Green and Orange and my Procurve set to have ports 1-12 in VLAN2 and ports 13-24 in VLAN3.

DHCP is on the Green (VLAN2) and static addresses only on Orange.

Now I thought that was it but I hooked a notebook up to a port in the Orange portion of the switch and it picked up an IP Address....oddly enough it picked one up from the Green network.

Now further investigation of the VLAN config on the switch revealed that all 24 ports are members of VLAN1 (default, non-removeable VLAN) albeit untagged members. 1-12 are Tagged members of VLAN2 and excluded from VLAN3. 13-24 are excluded from VLAN2 and are Tagged members of VLAN3.

Now if you`re still with me, Thanx;)

So Have I overlooked something simple or do I just not have the basic grasp of VLANs

I did play around with exluding ALL ports from VLAN1 but I just lost access to the switch and had to reset it, I also tried to exlude ports 13-24 from VLAN1 and again, I lost access to the switch and had to reset it.

I give in, At the moment it`s working as i want but I`m a little unsure of just how separate the two "networks" should be....

Please help.

Thanx

Al
 
Is this a layer3 device? Do you have inter-vlan routing turned on?
How are your scopes setup for the vlans? Are they different subnets? Do you have an ip-helper on your orange vlan?
 
You need to setup ports to be access ports to a particular vlan, and not trunk ports with tagged vlans and a native untagged vlan1.

Try setting your vlan 2 or vlan 3 as the untagged vlan for the ports you are working with, or find some way to make them access ports (only members of a single vlan).
 
Ummm, can we come back a few levels please, I `m not quite that clued-up :confused::confused:

It`s a L2 Switch So I don`t think Inter-VLAN routing applies, at least not to the switch.

Scopes setup for VLANs? Sorry, I`m not with you.

Network addreses are 192.168.1.x/24 Green and 192.168.2.x/24 Orange, If that`s what you meant....:confused: Sorry :confused:

And I don`t even know what an IP-Helper is:rolleyes::eek:

I`ve tried RTFM but that single PDF is corrupt on HP`s site, has been for a few days now.
 
If you want multiple VLANs to be able to talk, you have to have something to route the vlans. They are networks after all.

Intervlan routing is needed either on a layer 3 switch or on a router that is capable of 802.1q.

IP-helper helps with networks when you have multiple subnets and you have a computer on one subnet that needs an ip address while your dhcp server resides on another subnet.

DHCP server: 192.168.1.5
Naturally, anything on the .1 subnet can get an address. So what about something on 192.168.5.xxx. This is where IP helper kicks in. Your router or L3 switch could have a VLAN 1 = 192.168.1.xxx, VLAN 5 = 192.168.5.xxx, etc...and set your gateway to 192.168.1.1 and 192.168.5.1. IP helper would know that you need a .5.xxx address, not a .1.xxx address.

If that helps or makes things fuzzier, post back and we'll try to help you out more.
 
Hmmm, OK, I think I got it all, all except the IP-Helper thing.

i.e. My Green Card in IPcop is 192.168.1.1 and my Orange Card in IPcop is 192.168.2.1.

DHCP on Green runs from 192.168.1.30 - 192.168.1.50 or something. Various static addresses on green for the switch and my AP are between the 1.1 and 1.30.

So I need to find out if I can get IPcop to do dot1q and do something about this IP-Helper thing.

Here`s a question.... The two networks are separate on IPcop as they are on separate NIC`s they only `come together` when they hit the switch so is that not separate/routed enough at that point? And if that is the case, is it not just a case of setting up the VLANs CORRECTLY on the switch?.

Sorry if this is all too Noob for you guys:eek::eek:
 
@corge, the ipcop will handle vlan routing and dhcp duties for him, he doesn't need layer 3 switch or ip-helper on the hp.

@BigBadAl, your vlan setup is wrong. Setup your "green" network ports to be native vlan 2, setup "orange" ports to be native vlan 3. on hp1810 this is done by changing the PVID of the ports.
I haven't played with ipcop in a while so don't remember setup required, also not sure if you can run dhcp on orange network out of the box or if that requires some mods. If you don't want dhcp on the orange you can setup static ips, just make sure to use the ipcop's orange interface ip address as the gateway for your comps on orange network.
 
Aaaah I've seen PVID somewhere in the VLAN config bits.

That option is greyed out though, I can't edit it at all...

It's on the same page as the VLAN naming bit I think
 
ok looks like they changed it a bit in the 1810. I was using my 1800 for reference.
Goto to Participation/Tagging Page you need to make green ports be U (untagged) in vlan 2 and orange ports be U in vlan 3.
 
BigBadAl said:
Ok, I'll give that a shot. What about their relationship with vlan1?
Click to expand...

They just come preconfigured with that, so it acts like standard unmanaged switch. Not sure about how it handles management though, so you might wanna leave one of the ports in vlan1 to not lock yourself out of configuration.
 
x.sci has a point, unless you want to change the management vlan on the switch you need to leave at least 1 port as native vlan 1 or you will lock yourself out of the switch. You could also take the easy way out and just make vlan 1 your green network.
 
OK... Now I`m lost.

If I set all my orange ports to untagged in VLAN3 they automatically exlude themselves from VLAN1, now that`s not a problem cuz only my servers are on there and I can still access them and they can still do what they`re supposed to.

If I set my green ports to untagged in VLAN2 they automatically exclude themselves from VLAN1 too, so I lose access.....

I may have a looksy into making VLAN1 (default management VLAN my green and having VLAN2 as my orange as Axan said....

I`ll have another think and a play with it and see what I can break then...:D:D
 
You must log in or register to reply here.
Back
Top