Re: [Vyatta-users] Fwd: Activate intervlan routing
Ok, let me make sure I have this right. So if you have a virtual
machine with ip 10.30.104.X, with its adapter in the appropriate
vsiwtch in ESX to be on vlan 104, you can ping the 10.30.104.1 ip, but
the 10.30.104.1 ip can not ping the same host that just pinged it?
That sounds like a firewall issue at the host level. If you can ping
one from the other, then there is obviously two-way traffic
established, so something has to be blocking the packets originating
from the vyatta box. Either that or the vyatta box is not using the
appropriate source address and the return traffic is not being routed
properly. Try this from the unix shell on your vyatta:
ping -I 10.30.104.1 10.30.104.X
where X is the ip of a box that can ping the vyatta box. Let me know
what happens there...
I don't know how much you know about swithing, but the native vlan
just means that all untagged traffic into the interface is marked as
belonging to the native vlan, in this case 101. Since you have the
vlan101 ip space untagged on eth0 on your vyatta box, that is why you
can ping it from the switch when you add 101 as the native vlan to the
trunk.
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Nov 26, 2007, at 2:09 PM, youssef salameddine wrote:
Hello,
I attached the config of the two switches in the message.
Note tha the switches can't ping the vyatta, and vyatta can't ping
the switches ( vyatta and switches are in the same vlan 101). But
when i change the native vlan of the interface gi0/43 (Trunk between
sw1 and vyatta ) to 101 using the command switchport trunk native
vlan 101, i can ping sw1 and sw2 from vyatta , and switches can
ping vyatta.
Note also that each vms can ping all the interfaces of vyatta ( eth0
and all vif); but Vyatta can't ping vms .
VMs on the same vlan can communicate
The config of vyatta is very simple, because my goal is to route two
vlans : route vlan 104 and 106 in first time:
ethernet eth0{
description To_switch1
hw-id: ...
address 10.30.101.254 {prefix-length:24}
vif 104{
description:Vlan 104
address 10.30.104.1 {prefix-length:24}
}
vif 106{
description:Vlan 106
address 10.30.106.1 {prefix-length:24}
}
}
ps: Virtual switches of ESX tag Virtual machines packets with the
appropiate vlan ID.
Thanks a lot for your help.
sw1_ciscosw2_cisco___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Fwd: Activate intervlan routing
That is a capital I (eye) in the ping command by the way...
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Nov 28, 2007, at 3:30 PM, Aubrey Wells wrote:
Ok, let me make sure I have this right. So if you have a virtual
machine with ip 10.30.104.X, with its adapter in the appropriate
vsiwtch in ESX to be on vlan 104, you can ping the 10.30.104.1 ip,
but the 10.30.104.1 ip can not ping the same host that just pinged
it? That sounds like a firewall issue at the host level. If you can
ping one from the other, then there is obviously two-way traffic
established, so something has to be blocking the packets originating
from the vyatta box. Either that or the vyatta box is not using the
appropriate source address and the return traffic is not being
routed properly. Try this from the unix shell on your vyatta:
ping -I 10.30.104.1 10.30.104.X
where X is the ip of a box that can ping the vyatta box. Let me know
what happens there...
I don't know how much you know about swithing, but the native vlan
just means that all untagged traffic into the interface is marked as
belonging to the native vlan, in this case 101. Since you have the
vlan101 ip space untagged on eth0 on your vyatta box, that is why
you can ping it from the switch when you add 101 as the native vlan
to the trunk.
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Nov 26, 2007, at 2:09 PM, youssef salameddine wrote:
Hello,
I attached the config of the two switches in the message.
Note tha the switches can't ping the vyatta, and vyatta can't ping
the switches ( vyatta and switches are in the same vlan 101). But
when i change the native vlan of the interface gi0/43 (Trunk
between sw1 and vyatta ) to 101 using the command switchport trunk
native vlan 101, i can ping sw1 and sw2 from vyatta , and switches
can ping vyatta.
Note also that each vms can ping all the interfaces of vyatta
( eth0 and all vif); but Vyatta can't ping vms .
VMs on the same vlan can communicate
The config of vyatta is very simple, because my goal is to route
two vlans : route vlan 104 and 106 in first time:
ethernet eth0{
description To_switch1
hw-id: ...
address 10.30.101.254 {prefix-length:24}
vif 104{
description:Vlan 104
address 10.30.104.1 {prefix-length:24}
}
vif 106{
description:Vlan 106
address 10.30.106.1 {prefix-length:24}
}
}
ps: Virtual switches of ESX tag Virtual machines packets with the
appropiate vlan ID.
Thanks a lot for your help.
sw1_ciscosw2_cisco___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Fwd: Activate intervlan routing
Hello,
Thanks a lot for your help, I found that the problem was the firewall.
I discovered that this morning when i added a vm in the vlan 104 and the
vyatta pinged this machine,so i released that the service firewall was
enable.
thanks again for you help
2007/11/28, Aubrey Wells [EMAIL PROTECTED]:
That is a capital I (eye) in the ping command by the way...
*
*
*-- *
* Aubrey Wells*
*Senior Engineer*
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Nov 28, 2007, at 3:30 PM, Aubrey Wells wrote:
Ok, let me make sure I have this right. So if you have a virtual machine
with ip 10.30.104.X, with its adapter in the appropriate vsiwtch in ESX to
be on vlan 104, you can ping the 10.30.104.1 ip, but the 10.30.104.1 ip
can not ping the same host that just pinged it? That sounds like a firewall
issue at the host level. If you can ping one from the other, then there is
obviously two-way traffic established, so something has to be blocking the
packets originating from the vyatta box. Either that or the vyatta box is
not using the appropriate source address and the return traffic is not being
routed properly. Try this from the unix shell on your vyatta:
ping -I 10.30.104.1 10.30.104.X
where X is the ip of a box that can ping the vyatta box. Let me know what
happens there...
I don't know how much you know about swithing, but the native vlan just
means that all untagged traffic into the interface is marked as belonging to
the native vlan, in this case 101. Since you have the vlan101 ip space
untagged on eth0 on your vyatta box, that is why you can ping it from the
switch when you add 101 as the native vlan to the trunk.
*
*
* --*
* Aubrey Wells*
* Senior Engineer*
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Nov 26, 2007, at 2:09 PM, youssef salameddine wrote:
Hello,
I attached the config of the two switches in the message.
Note tha the switches can't ping the vyatta, and vyatta can't ping the
switches ( vyatta and switches are in the same vlan 101). But when i change
the native vlan of the interface gi0/43 (Trunk between sw1 and vyatta ) to
101 using the command switchport trunk native vlan 101, i can ping sw1 and
sw2 from vyatta , and switches can ping vyatta.
Note also that each vms can ping all the interfaces of vyatta ( eth0 and
all vif); but Vyatta can't ping vms .
VMs on the same vlan can communicate
The config of vyatta is very simple, because my goal is to route two vlans
: route vlan 104 and 106 in first time:
ethernet eth0{
description To_switch1
hw-id: ...
address 10.30.101.254 {prefix-length:24}
vif 104{
description:Vlan 104
address 10.30.104.1 {prefix-length:24}
}
vif 106{
description:Vlan 106
address 10.30.106.1 {prefix-length:24}
}
}
ps: Virtual switches of ESX tag Virtual machines packets with the
appropiate vlan ID.
Thanks a lot for your help.
sw1_ciscosw2_cisco___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
--
SALAMEDDINE Youssef
Étudiant Master2 Architecture des Systèmes et Réseaux
183, Rue de Charonne
Appt 117
75011 Paris
06 31 36 39 94
[EMAIL PROTECTED]
-
O
O ^__^
o (oo)\___
(__)\ )\/\
||w |
|| ||
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] Fwd: Activate intervlan routing
Hello,
I attached the config of the two switches in the message.
Note tha the switches can't ping the vyatta, and vyatta can't ping the
switches ( vyatta and switches are in the same vlan 101). But when i change
the native vlan of the interface gi0/43 (sw1) to 101 (switchport trunk
native vlan 101), i can ping sw1 and sw2 from vyatta , and switches can ping
vyatta.
Each vms can ping all the interfaces of vyatta ( eth0 and all vif); but
Vyatta can't ping vms .
VMs on the same vlan can communicate
The config of vyatta is very simple, because my goal is to route two vlans :
route vlan 104 and 106 in first time:
ethernet eth0{
description To_switch1
hw-id: ...
address 10.30.101.254 {prefix-length:24}
vif 104{
description:Vlan 104
address 10.30.104.1 {prefix-length:24}
}
vif 106{
description:Vlan 106
address 10.30.106.1 {prefix-length:24}
}
}
ps: Virtual switches of ESX tag Virtual machines packets with the appropiate
vlan ID.
Thanks a lot for your help.
2007/11/22, Aubrey Wells [EMAIL PROTECTED]:
Hmm. Can you post your configs in this new scenario (the switch and
vyatta).
Also, a netstat -rn (or route print from windows) form two hosts that
can't talk to each other would be helpful. It feels like there's a route
missing somewhere.
*
*
* --*
* Aubrey Wells*
* Senior Engineer*
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
sw1_cisco
Description: Binary data
sw2_cisco
Description: Binary data
attachment: VM_vlan104.PNG___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
