×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Procurve Networking Weirdness

Procurve Networking Weirdness

Procurve Networking Weirdness

(OP)
HI there,

We are experiencing some weird issues with our ProCurve network setup...

We have 2x 2910al-24G switches which form our Core network stack. These are split into 2 Port-based VLANS.
VLAN 1 = Production, Tagged P1-2, Untagged P3-16.
VLAN 2 = DMZ, Tagged P1-2, Untagged P3-16.
Port 1 and 2 are used to link the 2 switches togeather using 2 Cat5e cables.
Spanning tree is enabled on both switches.

Going into these switches are 4 Cables provided from our suppliers' upstream network. The 4 cables are split into 2 VLAN's - Prod and DMZ - and are plumbed into the switches based on the Port Based VLAN. These form 2 Subnets - Production on 10.0.0.0/255.255.224.0 and DMZ on 172.16.16.0/255.255.240.0.

Upstream of the core stack is a Virtualised Firewall which is used to control access, aswell as route between VLAN's, listening on 10.0.31.254 and 172.16.31.254.

We can plug in both DMZ 2 uplink cables and they work perfectly. We can get access to the firewall and the internet beyond.

However when we plug in the DMZ 1 uplink cables, we loose all connectivity on the DMZ 2 uplink. DMZ 1 continues to work and we can get out to the internet.

Having discussed this with our suppliers networks team, they think the issue is being caused by Spanning Tree.
They have recommended the following setup - image attached.

Does this make sense? Will it work? How easy is it to configure the necessary Trunk links and priorities?

Apologies for the long-windedness - advanced network config like this is pretty new to me...

Any info appreciated.

Cheers
Gavin

RE: Procurve Networking Weirdness

what does your current topology look like; can you put together a diagram and post it?? also, what is DMZ1 and DMZ2??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

RE: Procurve Networking Weirdness

(OP)
Attached is a network layout diagram...

Woops, DMZ1 & DMZ2 are the suppliers naming... DMZ1 is the DMZ Subnet (172.16) and DMZ2 is the Prod Subnet (10.0)

RE: Procurve Networking Weirdness

can you post configs of all of the switches involved (preferrably as .txt file attachments much like your .jpg and .pdf attachments in the thread)?? if possible ask your provider if they will provide you with configuration information that is relevant to your connection(s) and post that as well. Chances are that it is a spanning-tree issue, but i'd like to see some configs before jumping to conclusions.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

RE: Procurve Networking Weirdness

(OP)
Config's are available here:

ACT-STAR-SW01 - www.card.co.uk/files/ACT-STAR-SW01.txt
ACT-STAR-SW02 - www.card.co.uk/files/ACT-STAR-SW02.txt

Some of the initial suggestions from the supplier is a Spanning Tree issue... They're a Cisco house though so not familiar with the HP kit...

I'll see what other information I can get out of them though :)  

RE: Procurve Networking Weirdness

(OP)
Ok, as a quick update to this, we're going to try and re-configure the network tomorrow, using the same VLAN IDs as the supplier is using, and pass both VLANs through the uplink cables.

We're also going to try and configure some Spanning Tree priorites for our core stack. However i'm in 2 minds as to whether we need to utilise MTSP, configure one STG for each VLAN, with the root's being shared across both switches - I.e. SW01 is Root for STG1 and SW02 is root for STG2.
Thoughts?

Cheers
Gavin

RE: Procurve Networking Weirdness

i've had a bitch of a time getting cisco and hp to work together. let me restate that, i've had a bitch of a time getting pvst+/rpvst+ to work with other vendors switches using MSTP so be very careful that you don't cause a loop. good luck.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

RE: Procurve Networking Weirdness

(OP)
AS an update to this, we had a very successful day yesterday.

Rebuilt the core switches from the ground up, creating the necessary VLANs, changed the primary, set up trunk uplink ports on the stack, assigned the necessary spanning tree priorities to the switches, plugged in the uplink cables, and it all worked perfectly - spanning tree behaved, could get out to both gateways and failover worked aswell :)

Switch configs' for reference are:
ACT-STAR-SW01: www.card.co.uk/files/ACT-STAR-SW01.txt
ACT-STAR-SW02: www.card.co.uk/files/ACT-STAR-SW02.txt

Then proceeded to build the distribution switches, following much the same process as above on the first 2, and a single VLAN setup on the last 4, and these also worked perfectly :)

A couple of configs' for reference are:
ACT-STAR-SW03 - Multi-VLAN setup: www.card.co.uk/files/ACT-STAR-SW03.txt
ACT-STAR-SW05 - SIngle VLAN setup: www.card.co.uk/files/ACT-STAR-SW05.txt

SO thanks for all the assistance...

If anybody has any comments on the above configs in order to improve, please feel free :)

Cheers
Gavin

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close