• March 28, 2024, 05:56:38 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Pages: [1] 2

Author Topic: VLAN Routing  (Read 20556 times)

ivveh

  • Level 1 Member
  • *
  • Posts: 1
VLAN Routing
« on: May 16, 2017, 02:50:49 PM »

Hi there,

I have a DSG-1510-28X (Build 1.33.B001) HW version A1 and I'm interested in doing some routing.
First of I want to be able to do inter VLAN routing but can't really get that to work. The switch itself can reach any client connected to it. SVI's don't do any help. I can reach SVI's from clients from any VLAN, but it stops there.
Adding a default route works but only for the switch again. Clients are locked inside their vlan/network.
So I've tried static routes, can't get that to work. I'd love to see some examples in this switch.
Tried static&default routes on clients, no cigar.

I'll mention I'm using trunks, but that shouldn't matter?

Someone said something about loopback interfaces for this switch but I can't really find a way to add that to a VLAN or SVI.

Kinda sucks since a lot of retailer advertise this being a L3 switch with inter VLAN routing.

I'd appreciate any help!
Logged

patl

  • Level 1 Member
  • *
  • Posts: 9
Re: VLAN Routing
« Reply #1 on: December 23, 2018, 06:44:31 AM »

hi,

do you have find a solution ?
i have the same issue with a DGS1210  :(
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: VLAN Routing
« Reply #2 on: January 02, 2019, 11:14:50 AM »

Have you looked at the user manual on this? Anything regarding VLAN configurations?

hi,

do you have find a solution ?
i have the same issue with a DGS1210  :(
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

patl

  • Level 1 Member
  • *
  • Posts: 9
Re: VLAN Routing
« Reply #3 on: January 07, 2019, 06:29:57 AM »

DGS-1210 not have default routing, but have L3 features !!??!! each vlan can i have an ip address but not routing inter vlan
DGS-1510 have default routing and it's working with this model
configuration on a 1510 is more pro than a 1210, and i prefer that  :D
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: VLAN Routing
« Reply #4 on: January 08, 2019, 11:49:51 AM »

  • DGS-1510: According to this configuration example DGS-1510 should do routing.
  • DGS-1210: L3 features seem to be implemented only for REVF. Here is what the datasheet (DGS-1210-SERIES_REVF_DATASHEET_2.10_EN_US.pdf) says about routing within the "Advanced Features" section:

    Quote
    The DGS-1210 Series also supports advanced features such as static routing, With static routing, IP routes are manually entered into a routing table, which allows for communication between different user groups in different VLAN segments in a network. The switch can directly handle inter VLAN routing using multiple interfaces, making the network run faster and more efficiently. Because the switches can manage internal routing, the network router can be assigned to handle external traffic routing only.

    But maybe the present firmware version can't keep that promise. Hence, you could try the latest BETA release (v6.11B022_BETA, see release notes).
Logged

patl

  • Level 1 Member
  • *
  • Posts: 9
Re: VLAN Routing
« Reply #5 on: January 10, 2019, 07:17:05 AM »

  • DGS-1510: According to this configuration example DGS-1510 should do routing.
  • DGS-1210: L3 features seem to be implemented only for REVF. Here is what the datasheet (DGS-1210-SERIES_REVF_DATASHEET_2.10_EN_US.pdf) says about routing within the "Advanced Features" section:

    Quote
    The DGS-1210 Series also supports advanced features such as static routing, With static routing, IP routes are manually entered into a routing table, which allows for communication between different user groups in different VLAN segments in a network. The switch can directly handle inter VLAN routing using multiple interfaces, making the network run faster and more efficiently. Because the switches can manage internal routing, the network router can be assigned to handle external traffic routing only.

    But maybe the present firmware version can't keep that promise. Hence, you could try the latest BETA release (v6.11B022_BETA, see release notes).

inter vlan routing never works with the 1210, and works fine with same configuration with the 1510.
firmware of the 1210 : 7.11.B008
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: VLAN Routing
« Reply #6 on: January 11, 2019, 02:33:53 PM »

Hm, just stating that routing doesn't work without presenting the configuration of the switch (VLAN and SVI definitions, the static routing table), connected devices (IP address/mask, default gateway settings and eventually added static routes) and external routers (interface settings and routing tables) isn't very helpful, because this prevents any analysis that might reveal some configuration error to be the cause for the observed "non-routing" (instead of the assumed switch malfunction).
Logged

patl

  • Level 1 Member
  • *
  • Posts: 9
Re: VLAN Routing
« Reply #7 on: January 13, 2019, 05:46:00 AM »

my configuration is very simple

2 vlans
1/ 192.168.1.0/24 interface vlan on the switch 192.168.1.250
2/ 192.168.0.0/24 interface vlan on the switch 192.168.0.250

each equipment on vlan have a default route to the interface vlan
each equipment can ping all interface vlan on the switch (ex endpoint on vlan 1 can ping 192.168.1.250 and 192.168.0.250)

impossible to ping another endpoint on other vlan.

with my new 1510 all is working fine.
vlan are directly connected, so no routes to add

wireshark indicate that the switch route packet to the wrong Vlan
on the switch all ARP are in the good vlan
mac address table is good.

there is nothing complicated and i tried to add ACL, tried asymetric Vlan
Dlink support indicate to me that i have to take 1510 instead of 1210
 
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: VLAN Routing
« Reply #8 on: January 13, 2019, 12:04:23 PM »

Quote
wireshark indicate that the switch route packet to the wrong Vlan

Hm, this means that besides the two VLANs you mentioned, there must be at least a third ("wrong") one (having a switch IP interface), because otherwise the only other (second) one besides the first one would always be the "proper" one - hence routing would work. Second, from what you say follows, that the switch _does_ routing between VLANs, it only selects a wrong VLAN for packet forwarding. Or in case that the "wrong" VLAN doesn't have a switch IP interface, would the packets then be erroneously bridged to that VLAN? Third, how can you see from wireshark running at a device other than the switch, how the switch indeed forwards (or bridges) IP packets? Or did you use Port Mirroring?

Quote
each equipment can ping all interface vlan on the switch (ex endpoint on vlan 1 can ping 192.168.1.250 and 192.168.0.250)

This is probably due to the so called "weak host model" that any multihoming host (like your switch) might operate, even if it is not configured for (or able to do) routing.

Just for completeness: Can you tell the VLAN settings for the ports involved (untagged/tagged/no memberships, and also important: The PVID settings)?

Let's assume you try to ping from device 192.168.0.10 to 192.168.1.10. Before you start, you delete the ARP caches of both devices and the intermediate switch and start Wireshark on both devices.

Can you restrict the problem to one of the following steps that doesn't work (?):
  • At 192.168.0.10: You should see an outgoing (broadcast) ARP request asking for the MAC address for 192.168.0.250.
  • At 192.168.0.10: You should receive an incoming (unicast) ARP reply coming from the switch interface, which tells the requested MAC address for 192.168.0.250.
  • At 192.168.0.10: You should see an outgoing IP packet (an echo request) sent from 192.168.0.10 to 192.168.1.10, encapsulated into an Ethernet frame from the local device's MAC address to the switch's MAC address corresponding to 192.168.0.250, that was resolved in steps 1 and 2.
  • At 192.168.1.10: You should see an incoming (broadcast) ARP request coming from the switch's MAC address that belongs to 192.168.1.250, that asks for the MAC address for 192.168.1.10
  • At 192.168.1.10: You should see an outgoing (unicast) ARP reply sent from the device's MAC address back to the switch's MAC address that corresponds to 192.168.1.250.
  • At 192.168.1.10: You should see an incoming IP packet sent from 192.168.0.10 to 192.168.1.10, encapsulated into an Ethernet frame from the switch's MAC address corresponding to 192.168.1.250 to the MAC address of the local device.
  • At 192.168.1.10: You should see an outgoing IP packet (an echo reply) sent from 192.168.1.10 to 192.168.0.10, encapsulated into an Ethernet frame from the local device's MAC address to the switch's MAC address corresponding to 192.168.1.250
  • At 192.168.0.10: You should see an incoming IP packet sent from 192.168.1.10 to 192.168.0.10, encapsulated into an Ethernet frame from the switch's MAC address corresponding to 192.168.0.250 to the MAC address of the local device.
Up to which step can you proceed or rather which step will fail?

For example, if you can proceed to step 6 (inclusive) and step 7 fails (no echo reply sent), this might be due to a local host's firewall setting that refuses (drops) echo requests that stem from networks other than the local one (default behaviour of Windows).

Quote
Dlink support indicate to me that i have to take 1510 instead of 1210

Did they tell why? I mean: Routing between VLANs is an included/promised product feature, and if it doesn't work, you should return the switch to your dealer and get your money back.
« Last Edit: January 13, 2019, 12:34:07 PM by PacketTracer »
Logged

patl

  • Level 1 Member
  • *
  • Posts: 9
Re: VLAN Routing
« Reply #9 on: January 19, 2019, 08:36:00 AM »

sorry, but i haven't my 1210 anymore
Logged

drave

  • Level 1 Member
  • *
  • Posts: 3
Re: VLAN Routing
« Reply #10 on: October 25, 2019, 01:00:58 PM »

I think i'll hijack this forum back to the original question, ive been given a 1510-28X and cant get any routing between vlans

The switch is reset to factory
The  switch IP address is set to 192.168.0.254
Router is plugged into port 24 with an ip address of 192.168.0.1
I create a single VLAN on ports 1-8 for ip'z of 192.168.2...... ,  ip for the vlan is 192.168.2.254

vlan 20
name testvlan,
interface range ethernet 1/0/1-1/0/8
switchport mode access
switchport access vlan 20
acceptable-frame admit-all
interface vlan 20
ip address 192.168.2.254 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.0.1 primary

No pinging or browseing between vlans, vlan 20 cannot get out to the net.
The documentation would seem to imply that routing is on by default as they only show how create a block between 2 vlans (corporate and guest) and dont show how any vlan connects to the vlan with the router/default route.   Ive tried ACL access lists , Access Maps/Filters. Nothing ive tried works.

any ideas gratefully accepted 
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: VLAN Routing
« Reply #11 on: October 25, 2019, 02:52:56 PM »

Hi.

maybe, a route back to 192.168.2.0/24 is missing?

I guess, all devices within 192.168.0.0/24 are configured to use 192.168.0.1 (your router) as their default gateway.
Hence, add the following route to your router:

net 192.168.2.0/24 next hop 192.168.0.254

PT
Logged

drave

  • Level 1 Member
  • *
  • Posts: 3
Re: VLAN Routing
« Reply #12 on: October 26, 2019, 04:12:52 AM »

Hi

Actually "router" as a description of the thing that connects me to the internet is probably an overstatement. Its the box i got from my cable company, so is very basic with no programability.
I could put an external (proper)router between the vlans but isnt this a L3 switch capable of routing on its own ??
Should there be an equivalent to the "next hop" statement and would'nt this be mentioned in the vlan setup examples

regards
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: VLAN Routing
« Reply #13 on: October 26, 2019, 12:50:51 PM »

Hi once more,

Quote
Should there be an equivalent to the "next hop" statement and would'nt this be mentioned in the vlan setup examples

No - and I guess the vlan setup examples only focus on routing between directly connected VLANs without the additional routing requirements needed, if one of these VLANs is conected to the Internet via another router.

Quote
I could put an external (proper)router between the vlans but isnt this a L3 switch capable of routing on its own ??

This wouldn't solve the problem, see below:

None of your devices within 192.168.0.0/24 including the router at 192.168.0.1 know the network 192.168.2.0/24 because they don't have a route to it! Hence if they receive a packet from 192.168.2.0/24 (which may only happen if you configured devices within network 192.168.2.0/24 to use the switch's address 192.168.2.254 as their default gateway - did you?) they look at their local routing tables and only find a default route that covers that network. Hence they send a reply for 192.168.2.0/24 to their default gateway which in case of the router is some other router at the provider's network and in case of any other device in network 192.168.0.0/24  is your router at 192.168.0.1. In any case the reply will not be sent back via the switch but to the Internet (and probably be dropped by your router, because traffic with private destination addresses mustn't be routed to the Internet).

You could change the default gateway of any device (except the router) within network 192.168.0.0/24 to 192.168.0.254 (the switch's address). Then any device within network 192.168.0.0/24 (except the router) could talk to devices within network 192.168.2.0/24 and to the Internet (due to the default route configured within your switch). And this would prove your switch is able to route IP traffic (hence check it).

But still your devices within network 192.168.2.0/24 can't talk to the Internet or to your router because this would require your router to be configured for the route I mentioned in my last post (so it would know how to forward reply traffic back from the Internet to recipients in network 192.168.2.0/24).

Internet access for devices at 192.168.2.0/24 would require you to exchange your Internet router by some other model that allows configuration of static routes towards the local network.

If you just want to subdivide the devices within your LAN into two groups that can't talk to each other but may share the Internet access via your router you could configure 'asymmetric' VLANs within your switch (provided your switch model supports this feature - according to the manual it should). In this case you could continue to operate a single IP network (192.168.0.0/24) only while the switch internally blocks any communication between any pair of devices that belong to different groups.

PT
« Last Edit: October 26, 2019, 04:42:32 PM by PacketTracer »
Logged

drave

  • Level 1 Member
  • *
  • Posts: 3
Re: VLAN Routing
« Reply #14 on: November 06, 2019, 07:11:19 AM »

Hello Again

Have been distracted by other things the last days but ....

yes you are absolutely right. Ive modified machines in the 192.168.0.... net with a default route of 192.168.0.254 and now they can route between vlans BUT as you say no access from the 192.168.2... vlan to the Internet. I tried adding a "ip route 192.168.2.0 255.255.255.0 192.168.2.254"  but this is rejected as no reponse from nexthop. What appart from default route is the static route configuration useful for ?? I will investigate this "asymmetric vlan" feature

thanks
Logged
Pages: [1] 2