New VLAN on Notrel 5520 - Not accepting default IP/Route

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

JeffDixon83

Jeffrey
Thread Starter
Joined
Nov 10, 2017
Messages
5
(SEE ATTACHED IMAGE FOR MORE DETAILS)
I am in need of suggestions or tricks, on how i accomplished something in the past that i cannot replicate now. I have a CORE Stack of 10.2.8.0/24 network that has a downlink of fiber to a 2nd stack of 10.2.12.0/24. The 10.2.12.1 stack, houses the highlighted IP ROUTES in yellow in the CMD screen shot of the attachment. I am adding a new VLAN pre-established of 10.2.15.0/24. When i go to add the static route first, i mirror all the others, of the next hop being 10.2.8.1. ONCE i add that, it shows up on the "ROUTES" tab as the next hop, as 10.2.8.1, instead of its own, 10.2.15.1, like ALL the others highlighted?
I had this issue on those, but was able to resolve it CLI, but i have forgotten since its been a few years. Google reveals what i know, but i can't get past this on the NORTELs. Assuming that the default Static Route Next Hop is correct, i can't modify the 'routes' to show the 10.2.15.1 and when i go through CLI, it gives me the "Address is already in use error". Any help would be awesome!
 

Attachments

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,438
I'm really confused with the structure of your network. You need to put up a network diagram which shows which device has what subnet blocks and physical/virtual interfaces.

To have a route statement show the next hop being an IP on the same subnet makes no sense. The route entries are to tell the device where to send the packet if the destination IP is not on the same local LAN. Examining one of your route entries of 10.2.9.0 255.255.255.0 10.2.9.1. This says if you want to get to the 10.2.9.0 network, send it to this IP of 10.2.9.1. Well, if the source is already in the 10.2.9.0 subnet, the route will never be used because the traffic is local. If the source is on a different network, then 10.2.9.1 would never resolve correctly because the source has no direct communication path to 10.2.9.1.

Since we're talking about VLANs, then the interfaces with IPs are virtual. Assuming the VLAN virtual interfaces are all on the same device, you don't need to add any route statements. Say you have VLAN 9, 10, and 11 all defined on the same network device each with an IP of .1 and a subnet mask of /24. You don't have to add any route entries at all because all those subnets are locally connected. The network switch/router will know about this because it all gets created automatically in the route table. With most layer 3 devices when you do a show route type command, it will list everything it has in its route table and those routes/networks which are locally defined will have a tag such as a C which indicates its locally connected. With this in mind, a device on VLAN 9 which has its default gateway pointed to 10.2.9.1 can get to anything on the .10.x and .11.x network without any static route entries needed on that network device.

For routing between network devices, you just have to have each network device with an interface on the same subnet. So your core switch at 10.2.8.1 can communicate to the down stream switch if the down stream switch has an IP say at 10.2.8.2. On the 10.2.8.1 switch, you would put in static routes which say to get to 10.2.9.0/24 hosted on the down switch at 10.2.8.2, it would look like this:

10.2.9.0 255.255.255.0 10.2.8.2

What that above says to the router (10.2.8.1) is to get to 10.2.9.0 send the packet to 10.2.8.2.

To make this all easier to manage if you have more than a few static routes entered into any layer 3 network device is to use dynamic routing protocols if said device supports it. Typically all layer 3 devices have support RIP. And I would go out on a limb and say all current layer 3 devices have OSPF support. BGP is another animal which not all layer 3 devices support nor do you want to use it on a device that does have support because of the hardware intensive nature of this protocol....just depends on the hardware you have. There are other routing protocols like IS IS, IGRP, EIGRP.

On my home network, I'm running OSPF. If I make a modification to a subnet's parameter, add a subnet, or subtract it, I don't have to go to every layer 3 capable device to make the change. The changes get automatically propagated to participating member routers. Based on what I'm seeing here with your level of expertise, I wouldn't jump head first into using dynamic routing protocols. But it's something you should get up to speed and implement in a small environment as this is where you ultimately want to be with anything routing.
 

JeffDixon83

Jeffrey
Thread Starter
Joined
Nov 10, 2017
Messages
5
I understand your confusion and agree with it. Nothing about this build is normal and alot of discovery and tricks have been applied to resolve weird, things left by the IT consulting company before my time in 2010...which i am STILL discovering to this day. None the less, I created the 10.2.9.0, 10.2.11.0, 10.2.14.0, all from the 10.2.12.0 stack itself and all 3 vlans can and currently communicate with 10.2.12.0 as well as 10.2.8.0 stacks just fine, so with that assumption, adding the 10.2.15.0 subnet the same as i did the other 3 would yield no issue. I had planned to make Core 2, 10.2.15.2 as its device IP. See drawing attached, right hand side...
 

Attachments

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,438
For simplicity, you could consolidate all the VLAN interfaces on the 10.2.12.0 switch stack. It looks like each switch stack has a defined VLAN interface. You can actually have all the VLAN interfaces configured on the 10.2.8.0 switch stack. I would at a minimum reconfigure the right side to have all the routing interfaces on the 10.2.12.0 stack. This will greatly simplify the switch configurations.
 

JeffDixon83

Jeffrey
Thread Starter
Joined
Nov 10, 2017
Messages
5
Ok, in the original screen shot, all of that config shown is from the 10.2.12.0 stack. If i am following you correctly.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,438
Looking at the second screen shot in your original post, it looks like 10.2.8.1 is the gateway for everything which is confusing.

Are you able to get to the command line of the 10.2.8.1 and 10.2.12.1 switches to produce a route table? Ideally a config of each switch would be even better.
 

JeffDixon83

Jeffrey
Thread Starter
Joined
Nov 10, 2017
Messages
5
You are correct, 10.2.8.1 is. Only segregation is on the 10.2.12.1 stack that has its own source of Internet and Firewall. But internally, its all one.
If 10.2.8.1 happened to go DOWN....everything we use network wise, goes down too. 2018 we are separating them from each other which will require a new Domain, DNS, Active Directory, DHCP server, etc. The network has outgrown itself in the last 4 years to the point of catastrophy if 10.2.8.1 goes out. So, we have created vlans to help create that 'pretend' separation until the budget allows for a REAL separation of Domains. I have attached theNORTEL config of each stack to show you what monster i am working with. Appreciate your time, i know you have better things to worry about i am sure so i appreciate you.
 

Attachments

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,438
I'm sifting through the configs. Might take me some time to figure out what is going on here.

Side comment....I thought Juniper JUNOS configs were a mess to read without doing a "display set" formatted output. These Nortel configs are a mess to read through.

From my initial impressions, the 10.2.8.1 switch config is all over the map. It appears OSPF has been configured and running. RIP appears to be configured too but unclear if it's actively running.

In reference to your fear of single points of failures, switches set up in a stack inherently have redundancy. There are two mechanisms of redundancy with stacked switches. One is the use dual stacking interfaces to create a ring topology. The other is the default operation of switch stacks. There is a master and standby construct. If there are only two switches, one of the switches will be the master and the other slave/standby. If the master goes down, the standby/slave comes online and becomes the master. Depending on the switch the cut over can be pretty seamless with network traffic being uninterrupted or any interruptions would be brief. Stacks do have drawbacks but it depends on your operating environment. There are technologies out there which are designed to minimize the short comings of switch stacks.
 

JeffDixon83

Jeffrey
Thread Starter
Joined
Nov 10, 2017
Messages
5
yes, no matter how i export Putty via terminal to TXT, the second i edit anything in that text, it junks up the format and becomes out of whack and very hard to read. I exported them in a 'printable' format in hopes they wouldn't lose their word-wrap and formatting but i didn't open them to check. Thanks again. I think looking at things, what i have in place will work. Using 10.2.8.1 as the routing vlan and then having the default route of the new switch hit the 2nd firewall, should resolve my 'splitting of internet' issues.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,438
The word wrapping/formatting isn't what I was complaining about. It's how the commands and the parameters for various commands are laid out. I'm used to staring at configs which follow the now golden standard of Cisco IOS. Switches from Dell, Brocade, Mellanox, Aruba, Netgear ProSafe, etc, all follow a very similar layout. These Nortel switches don't come anywhere close. As I mentioned Juniper switches are way out there in the strangeness of command structure layout. But making a change in how the config is displayed makes it more readable.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top