Re: Lan Switching Issue

daboneman911 · ‎05-27-2011

I set up a 4506 switch that i am using for our new network setup. Currently, i have 2 vlans; 172X, 192X. All our servers have not been added to any vlans and they reside on a 10.10.10.X network. Once everything is done, I will also move them over to a vlan by themselves. I use the 172X for hosting and the 192X for our internal network. As of now, there is intervlan communication - i will limit that later on. for the 192X i have created DHCP pool and so far my test machine is able to pull an IP. The issue comes with DNS. our current DNS server is on the 10.10.10.X network. When i use this for DNS the machine cant connect go out to the internet. When i switch it to 4.2.2.2 i am able to get on the internet. On the switch, i have a default route pointing to the firewall (which is also the gateway) so the question is how do i get the pcs to use dns from the 10.x.x.x network. I am able to ping the 10.x.x.x network from the switch but not from the test host , even with the default route in place. any idea on how i can facilitate this?

N W · ‎05-27-2011

Hi

From your new internal lan pool, can you ping your DNS servers? You will need to be able to reach them before you can resolve DNS.

Only read that you cannot ping the 10 network. You will need to route to that from the internal network

daboneman911 · ‎05-27-2011

no i can't ping dns from the new pool .

N W · ‎05-27-2011

on your 4506 create vlan interface for the 10.x.x.x network. Connect your old switch to that as either a trunk port access port.

Inter lan routing will then take care on the rest, and your default gateway will be the same as all ways

daboneman911 · ‎05-27-2011

i already have a trunk port to the old switch and the management vlan on the 4506 is on the 10.x.x.x network.. i will create a vlan on the switch for the 10.x,x,x and test it out now.

N W · ‎05-27-2011

Vlan interface for the 10 network on the 4506, not just a vlan on a port, otherwise intervlan routing wont work.

What you have is your old switch connected to your new switch via a trunk port, traffic hits the 4506 and it has no way to route to the older switch because it only knows about it as layer 2 not layer 3. An Vlan interface will give it layer 3 and be able to route from 192 to 10

I'd also suggest having your default gateway as your 4506 for each vlan and from there a default route to your firewall and off out to the internet, if you have not set it up this way.

daboneman911 · ‎05-27-2011

ok let me try that.. hang on.

N W · ‎05-27-2011

traffic flow will be like this

Out to the internet

192.x -----> 4506 ----> firewall ------> router(if there)

|

10.x for DNS

All routing done on the 4506 then off to the f/w

daboneman911 · ‎05-27-2011

i just realised that interface vlan1 is already on the 10.x.x.x network.

N W · ‎05-27-2011

ad a test place a pc into vlan 1 on the 4506 and ping it from the 192. network.

remember turn off local firewalls

daboneman911 · ‎05-27-2011

i added a test pc to vlan 1. it is able to ping that pc from 192X. However, i am still not able to reach the dns, which is on that other switch. I have a trunk port setup and all the VLANS are allowed. anything else that i can try?