Results 1 to 15 of 15
  1. #1
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965

    ProCurve 2626 and VLAN

    My provider assigned me a /27 IP space, lets say 216.88.57.32/27

    so the usable IPs are only from 216.88.57.34-62.

    I created VLANs on this switch and I am trying to assign IPs216.88.57.34-36 to VLAN ID 2 and 216.88.57.37-39 to vlan ID 3. VLAN ID 1 is the default vlan.

    I am beginning to think I am missing something here because everytime I try to assign IPs to VLAN 2 and VLAN 3, I keep getting the error "Inconsistent Value" I've try to contact HP support and search online but with no luck.

    Any ideas?
    Email: info ///at/// honelive.com

  2. #2
    Join Date
    Jan 2004
    Location
    North Yorkshire, UK
    Posts
    4,163
    You can't just assign a bunch of IP's to a vLan, they have to be valid subnets ... i.e. your

    216.88.57.32/27 - netmask 255.255.255.224 - 32 IP's

    can be divided into two /28's:
    216.88.57.32/28 - netmask 255.255.255.240 - 16 IP's
    216.88.57.48/28 - netmask 255.255.255.240 - 16 IP's

    or a combination of any network you fancy (two /29's and a /28):
    216.88.57.32/29 - netmask 255.255.255.248 - 8 IP's
    216.88.57.40/29 - netmask 255.255.255.248 - 8 IP's
    216.88.57.48/28 - netmask 255.255.255.240 - 16 IP's

    You can leave some of the ranges unused for future usage should you wish.

    After reading that above again, your provider doesn't seem to have set this up to allow you to use vLan's. Usable 34 onwards tells me that 33 is your gateway? In which case you will need your provider to set up a demarc vLan with something like a /30 outside of your allocated range, one IP in there for their router, and one IP for your switch, then route your /27 at your switches IP address. You can then apply the above...

    In all honesty, if you don't know how do this, get someone else to do it for you. Routing isn't as simple as people make out.

    Dan
    Last edited by dkitchen; 12-30-2007 at 12:20 PM.

  3. #3
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    I thought you were not going to go with vlans?
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  4. #4
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by Steven View Post
    I thought you were not going to go with vlans?
    Originally I wasnt going to go, but something else came up and the need for VLANs came into picture, heh.
    Email: info ///at/// honelive.com

  5. #5
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by dkitchen View Post
    You can't just assign a bunch of IP's to a vLan, they have to be valid subnets ... i.e. your

    216.88.57.32/27 - netmask 255.255.255.224 - 32 IP's

    can be divided into two /28's:
    216.88.57.32/28 - netmask 255.255.255.240 - 16 IP's
    216.88.57.48/28 - netmask 255.255.255.240 - 16 IP's

    or a combination of any network you fancy (two /29's and a /28):
    216.88.57.32/29 - netmask 255.255.255.248 - 8 IP's
    216.88.57.40/29 - netmask 255.255.255.248 - 8 IP's
    216.88.57.48/28 - netmask 255.255.255.240 - 16 IP's

    You can leave some of the ranges unused for future usage should you wish.

    After reading that above again, your provider doesn't seem to have set this up to allow you to use vLan's. Usable 34 onwards tells me that 33 is your gateway? In which case you will need your provider to set up a demarc vLan with something like a /30 outside of your allocated range, one IP in there for their router, and one IP for your switch, then route your /27 at your switches IP address. You can then apply the above...

    In all honesty, if you don't know how do this, get someone else to do it for you. Routing isn't as simple as people make out.

    Dan
    yes .33 is the gateway.

    Thanks for that information Dan, I will contact them at once and further look into this.

    Just for clarification, when you say 216.88.57.32/29 - netmask 255.255.255.248 - 8 IP's, only 34-38 are usable, correct? 32 is network, 33 is gateway and 39 is Broadcast, right? Or is the gateway IP the IP of the switch which was given from the /30?
    Last edited by HNLV; 12-30-2007 at 08:08 PM.
    Email: info ///at/// honelive.com

  6. #6
    Join Date
    Jun 2001
    Location
    Denver, CO
    Posts
    3,301
    In order to do what you want to do properly, your colo provider will need to give you a layer 3 hand off, where there's a /30 or /29 used specifically each side of the hand off, and they route the /27 to your side of the hand off. You can then divvy up the /27 as needed, provided you have a layer 3 switch [I don't know if the 2626 is or isn't].
    Jay Sudowski // Handy Networks LLC // Co-Founder & CTO
    AS30475 - Level(3), HE, Telia, XO and Cogent. Noction optimized network.
    Offering Dedicated Server and Colocation Hosting from our SSAE 16 SOC 2, Type 2 Certified Data Center.
    Current specials here. Check them out.

  7. #7
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    Quote Originally Posted by Anantha View Post
    Just for clarification, when you say 216.88.57.32/29 - netmask 255.255.255.248 - 8 IP's, only 34-38 are usable, correct? 32 is network, 33 is gateway and 39 is Broadcast, right?
    Yes.

    Quote Originally Posted by Anantha View Post
    Or is the gateway IP the IP of the switch which was given from the /30?
    No.

    Ok, so let's say you want to break your /27 into two /28's

    VLAN 2: /28 Machine/s in VLAN2 use the gateway of X.Y.Z.33, broadcast of X.Y.Z.47, netmask of 255.255.255.240

    VLAN 3 /28 Machine/s in VLAN3 use the gateway of X.Y.Z.49, broadcast of X.Y.Z.63, netmask of 255.255.255.240

    (I use names VLAN 2 and 3, because on some things VLAN 1 might be assigned as the default vlan to which every port might belong).

    It will then be up to your switch to have a default route to your /30 gateway ip.
    Daved @ Lightwave Networking, LLC.
    AS1426 https:/www.lightwave.net
    Primary Bandwidth: EGIHosting (NLayer, NTT, HE, Cogent)
    Xen PV VPS Hosting

  8. #8
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by Lightwave View Post
    Yes.



    No.

    Ok, so let's say you want to break your /27 into two /28's

    VLAN 2: /28 Machine/s in VLAN2 use the gateway of X.Y.Z.33, broadcast of X.Y.Z.47, netmask of 255.255.255.240

    VLAN 3 /28 Machine/s in VLAN3 use the gateway of X.Y.Z.49, broadcast of X.Y.Z.63, netmask of 255.255.255.240

    (I use names VLAN 2 and 3, because on some things VLAN 1 might be assigned as the default vlan to which every port might belong).

    It will then be up to your switch to have a default route to your /30 gateway ip.
    Thanks for your input.

    Although, I dont understand your last sentence; "It will then be up to your switch to have a default route to your /30 gateway ip."???

    The reason is because I remember in the configuration of the switch it has an option where it asks for the "Default gateway." And I am assuming I need to give the /30's gateway IP in that field.
    Email: info ///at/// honelive.com

  9. #9
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    Quote Originally Posted by Anantha View Post
    The reason is because I remember in the configuration of the switch it has an option where it asks for the "Default gateway." And I am assuming I need to give the /30's gateway IP in that field.
    That sounds right...

  10. #10
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by Jay Suds View Post
    In order to do what you want to do properly, your colo provider will need to give you a layer 3 hand off, where there's a /30 or /29 used specifically each side of the hand off, and they route the /27 to your side of the hand off. You can then divvy up the /27 as needed, provided you have a layer 3 switch [I don't know if the 2626 is or isn't].
    Yea, 2626 is in fact a managed Layer 3 device.

    When you say each side of the hand-off, there needs to be 2 /30 (or /29) and the /30 (or /29) which on my side of the hand off is where the /27 should be routed, right?
    Email: info ///at/// honelive.com

  11. #11
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    There will most likely just be one /30.

    for example, /30 X.Y.Z.196

    x.y.z.196 network
    x.y.z.197 "their side" your gateway
    x.y.z.198 "your side" the interface ip on your switch
    x.y.z.199 broadcast

  12. #12
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Ah, that makes sense now. I've already contacted my provider and referred them to this thread so that they get an idea of what I am talking about.

    They replied me with this...

    So basically, you want us to assign you a /30 for a point-to-point
    block, and statically route your /27 to your layer 3 switch?

    Once we route you the /27, you are free to divide it into any
    subnets/vlans you wish on your end; your vlan scheme would run
    independently of ours.
    Email: info ///at/// honelive.com

  13. #13
    Join Date
    Apr 2003
    Location
    San Jose, CA.
    Posts
    1,622
    Yep, that's what you want.

  14. #14
    Join Date
    Jan 2004
    Location
    North Yorkshire, UK
    Posts
    4,163
    Quote Originally Posted by Anantha View Post
    Ah, that makes sense now. I've already contacted my provider and referred them to this thread so that they get an idea of what I am talking about.

    They replied me with this...
    Yes, that's what you want. Bear in mind if you have anything on the end of your switch right now, until you have made the above changes your connectivity won't work.

    You will need a /30 from your provider, one IP on their switch, one IP on your switch, configured as a vLan on the port you're connecting to your provider. You then need to set your switch default gateway to your providers IP, and they will route your /27 at the IP of your switch.

    I am also hoping you're doing the configuration on the CLI, you can only do basic stuff via the web interface and probably won't be able to set this up from there.

    Dan
    Last edited by dkitchen; 12-31-2007 at 09:39 AM.

  15. #15
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by dkitchen View Post
    Yes, that's what you want. Bear in mind if you have anything on the end of your switch right now, until you have made the above changes your connectivity won't work.

    You will need a /30 from your provider, one IP on their switch, one IP on your switch, configured as a vLan on the port you're connecting to your provider. You then need to set your switch default gateway to your providers IP, and they will route your /27 at the IP of your switch.

    I am also hoping you're doing the configuration on the CLI, you can only do basic stuff via the web interface and probably won't be able to set this up from there.

    Dan
    Ah, I never use the web interface, the java applets take forever to load. I am using the CLI via the console, but I am using the "menu" interface instead.
    Email: info ///at/// honelive.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •