We are moving from a Linux based router to a L3 switch, Dell 6224. I've never configured a router before but I have experience with the Linux firewall, DHCP, DNS, etc. configuration so I was picked to configure the new router/ switch.
We have 8+ subnets (labs) in the current configuration and the Linux host provides routing, DNS and firewall for all of them. The Linux host allows routing between the subnets except for one subnet which is has restricted access coming in to all the subnets and blocks all traffic going out. In the new configuration we want to keep the Linux host for the firewall and DNS services and connect all the subnets as before.
My first attempt at the configuration created a VLAN for each subnet. Then I created a new subnet/ VLAN for the Linux host. This looked like a very common setup for everyone so I thought I was doing it right. All the VLANs could communicate with each other and so I started the next step.
When I changed the NIC address of the Linux host and put it on the new management subnet things stop working – sort of-. I could ping most addresses on other VLANs or the management subnet but I see that 20-80% of the pings are dropped.
I cannot verify that my configuration is correct but if some of the pings work I expect I have most of it correct.
The ping requests that do succeed have response times of 200-500mS.
My first guess was that there is a circular route somewhere and that the pings are getting lost in the complexity of things. But the ping I'm doing is from the Linux host to the new switch so I would not expect it to get lost.
What I'm hoping to find from this group of folks is that they have seen something like this before and I need to look at this example configuration.
I have tried to telnet to other hosts but they fail to connect.
I have changed the switch configuration so many times in the past few days that I don't have a working configuration that I could post right now. I will create a configuration and post it if someone has any ideas where to start debugging this issue.
Even if I simplify the network to the Linux host and one VLAN/ subnet the ping problem does not get better. I have tried different cables/ ports/ hosts.
I'm not sold on VLANs as the only solution; I just want all the subnets (labs) to communicate. The purpose of using subnets is simply to isolate the labs and keep traffic congestion low. Labs don’t need to share resources on a regular basis; they just copy files or view configurations from/ to each other etc. If there is a better/ simpler solution using this switch I'm all for it.
Thanks in advance for any help anyone can provide,
October 13, 2008 8:35 PM
October 16, 2008 12:29 PM