Hi, As far as i know you can't use layer 2 ip address (host IP) when routing features is in use, so the management address should be an interface vlan instead of the "set ip address".
Can you try it ? Regards, Sylvain CONTI Coordinateur technique+33 1 64 53 14 12 +33 6 78 78 07 47 INTEGRATEUR RESEAUX et SECURITE Agence Ile de France, Immeuble Le Montréal - 19bis av. du Québec - ZA Courtaboeuf - 91140 Villebon sur Yvette T : +33 1 64 53 14 14 F : +33 1 69 32 14 02 Siège social - Espace Jacques Cartier - BP 96031 - 35360 Montauban de Bretagne T : +33 2 99 06 61 61 F : +33 2 99 06 36 36 [email protected] www.retis.fr -----Message d'origine----- De : [email protected] [mailto:[email protected]] Envoyé : mercredi 24 août 2011 10:29 À : Enterasys Customer Mailing List Objet : [enterasys] Mgmt Traffic G3 Hey there, we have always had routing problems when traffic is destined for the host address. Now I would like to clean up this mess once and for all. >From the G3 release notes I see: The G3 only supports one default route. If a default route is configured on the router, it will take precedence over the default route configured for the host IP. "Works as designed" is mentioned. However, on N7 you can have two different default routes and it seems to work nevertheless. Does the N7 not work as designed? Also, I see a bug (apparently fixed a long time ago) Changes and Enhancements in 1.02.00.0043 11085 Corrected an issue where management packets destined to the switch host IP address received on a routed interface, were replied to using the IP address of the routed interface Now, is this still a bug or am I configuring sth wrong? Here's the interesting part of the config (G3): # Firmware Revision: 06.42.01.0046 ! #ip set ip address 192.168.XX.207 mask 255.255.255.0 gateway 192.168.XX.251 ... #Router Configuration router enable configure ip route 0.0.0.0 0.0.0.0 192.168.YY.251 ! interface vlan 30 ... interface vlan 130 ... ->show ip route Gateway Flags Use If Metric 0.0.0.0/0 192.168.YY.251 UG 32304315rt1 5 ->router>show ip route * 0.0.0.0/0 [1/0] via 192.168.YY.251, Vlan 30 Now everything sent to 192.168.XX.207 gets replied to with source ip from vlan 30 (not the host IP) and sent to gateway 192.168.YY.251 (not the host's gateway). Obviously, firewalls don't like that. How to remedy? What is the best practice? Thanks Tom --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
