Ok, I'm having a problem with some inter-vlan routing, and I think my brain has just frazzled today from trying to resolve it...if anyone has any advice on solving this, or can point out my schoolboy errors, I'd be greatly appreciative!
Here's the configuration:
*** Old System ***
The school has a Dell based network, with 5200 and 6200 switches located in multiple cabinets.
In the main server room, there is a 48 port 6200 switch, which we'll refer to as "OLD" for ease.
This connects to several VMware hosts, a SAN, a few workstations etc, and has a 10Gb module in that then connects onto a fiber backbone for distribution to other cabinets.
All production traffic is on vLAN 10, on the network 10.11.48.0/20
The switch has an IP assigned of 10.11.55.202, with a gateway of 10.11.55.254
IP routing is enabled.
*** New system ***
We've just added 2 X Dell 6224 switches, with stacking modules connected in a ring.
These are connected to new VMware hosts, SAN, NAS, UPSs etc - referred to as "NEW"
This is connected to the OLD switch via a 4 port LAG
The new switch currently has an IP of 10.11.56.250 / 20, with a gateway of 10.11.55.254
As part of the new kit install, we wanted to separate off different functions into some new vLANS.
Here was the plan:
vLAN setupRoleIP assignedMask
10Production10.11.56.25020
11iSCSI10.11.64.25024
12vMotion10.11.65.25024
13Management10.11.66.25024
14Trunk 10.11.67.25024
15VoIP10.11.68.25024
The idea being that we would use vLAN 14 for all inter-switch trunk ports, and separating all other traffic off as needed. To do this, we're setting up distributed vSwitches on the 3 VMware hosts, also in vLAN14, each with 8 X ethernet connections into the pair of switches, equally split to give some resiliency.
*** The problem ***
I've got the vLAN 14 set up and running on both OLD and NEW switches. Each can ping it's own address on the .67 network, and also the partner switch - so I know the LAG if up and running, and data is being passed through.
But - I can't ping from the 10.11.55.202 address through to the 10.11.56.250 address or vice versa
Here's a partial config from OLD
!
interface vlan 10
name "Data"
routing
ip address 10.11.55.202 255.255.240.0
!
interface vlan 14
name "Trunk"
routing
ip address 10.11.67.249 255.255.255.0
exit
!
interface port-channel 4
description 'LAG_New_Rack'
spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
!
interface ethernet 1/g1
channel-group 4 mode auto
description 'New_rack'
spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
interface ethernet 1/g2
channel-group 4 mode auto
description 'New_rack'
spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
interface ethernet 1/g3
channel-group 4 mode auto
description 'New_rack'
spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
interface ethernet 1/g4
channel-group 4 mode auto
description 'New_rack'
spanning-tree disable
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
ip route 0.0.0.0 0.0.0.0 10.11.55.254
ip route 10.11.56.0 255.255.255.0 10.11.67.250
And from NEW
vlan database
vlan 10-15
vlan routing 10 1
vlan routing 11 2
vlan routing 12 3
vlan routing 13 4
vlan routing 14 5
vlan routing 15 6
vlan association subnet 10.11.48.0 255.255.240.0 10
vlan association subnet 10.11.64.0 255.255.255.0 11
vlan association subnet 10.11.65.0 255.255.255.0 12
vlan association subnet 10.11.66.0 255.255.255.0 13
vlan association subnet 10.11.67.0 255.255.255.0 14
vlan association subnet 10.11.68.0 255.255.255.0 15
exit
!
ip address 10.11.56.250 255.255.240.0
ip default-gateway 10.11.55.254
ip routing
ip route 10.11.48.0 255.255.240.0 10.11.67.249
interface vlan 10
name "Production"
routing
ip vrrp 10
ip vrrp 10 mode
ip vrrp 10 priority 50
no ip vrrp 10 preempt
exit
interface vlan 11
name "iSCSI"
routing
ip address 10.11.64.250 255.255.255.0
exit
interface vlan 12
name "vMotion"
routing
ip address 10.11.65.250 255.255.255.0
exit
interface vlan 13
name "Management"
routing
ip address 10.11.66.250 255.255.255.0
exit
interface vlan 14
name "Trunk"
routing
ip address 10.11.67.250 255.255.255.0
exit
interface vlan 15
name "VoIP"
routing
ip address 10.11.68.250 255.255.255.0
exit
!
interface port-channel 4
description 'LAG_old_cabinet'
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
!
interface ethernet 1/g23
channel-group 4 mode auto
description 'LAG link to old cabinet'
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
!
interface ethernet 1/g24
channel-group 4 mode auto
description 'LAG link to old cabinet'
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
!
interface ethernet 2/g23
channel-group 4 mode auto
description 'LAG link to old cabinet'
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
!
interface ethernet 2/g24
channel-group 4 mode auto
description 'LAG link to old cabinet'
switchport mode trunk
switchport trunk allowed vlan add 10,14
exit
After bashing my head on this for half a day, I'm wondering if I just need to simplify this, and have the LAG group on vLAN10, scrap the idea of vLAN14 and have the new subnets routed via 10.11.56.250, and just located on the NEW switch stack.
However, the goal was to eventually move over all the other switches, servers etc into the new vLANs, and segregate out and control the data flow around the school.
Any advice / help will be most welcome!