Mailing List Archive

Multiple subnets on same VLAN
Hi,

I'm needing to merge two subnets that were before in two diferent VLANs in
the same VLAN (attached to one untagged ethernet port) in a MLX router.

I configured multiple IP subnets in the same router-interface and I'm
experiencing a lot of network issues. I am now trying to configure the
subnets, let's say 192.168.50.1/24, 192.168.51.1/24 and 192.168.52.1/24 in
distinct virtual interfaces belonging to the same VLAN, however I am not
being able to accomplish this since only one router-interface is allowed.

I thought configuring them in different loopback ports and then configure
multiple unnumered interfaces or trunk various VLANs but none of this ideas
seem possible as well.

Anyone knows how can I accomplish this and can provide a brief config
example?

Thank you in advance!

--
Best Regards,
José
Re: Multiple subnets on same VLAN [ In reply to ]
Am 12.11.2014 um 01:53 schrieb José Santos:
> I configured multiple IP subnets in the same router-interface and I'm
> experiencing a lot of network issues.

That should work, what problems do you have with this setup?

--
Gerald

_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
Re: Multiple subnets on same VLAN [ In reply to ]
Do you have “no route-only” on the physical interface(s)? I’ve had trouble with routing between multiple subnets on a router-interface once and things started behaving normally after changing that.

- Charles

From: foundry-nsp [mailto:foundry-nsp-bounces@puck.nether.net] On Behalf Of José Santos
Sent: Tuesday, November 11, 2014 6:53 PM
To: foundry-nsp@puck.nether.net
Subject: [f-nsp] Multiple subnets on same VLAN

Hi,
I'm needing to merge two subnets that were before in two diferent VLANs in the same VLAN (attached to one untagged ethernet port) in a MLX router.

I configured multiple IP subnets in the same router-interface and I'm experiencing a lot of network issues. I am now trying to configure the subnets, let's say 192.168.50.1/24<http://192.168.50.1/24>, 192.168.51.1/24<http://192.168.51.1/24> and 192.168.52.1/24<http://192.168.52.1/24> in distinct virtual interfaces belonging to the same VLAN, however I am not being able to accomplish this since only one router-interface is allowed.

I thought configuring them in different loopback ports and then configure multiple unnumered interfaces or trunk various VLANs but none of this ideas seem possible as well.
Anyone knows how can I accomplish this and can provide a brief config example?
Thank you in advance!

--
Best Regards,
José
Re: Multiple subnets on same VLAN [ In reply to ]
Jose,

This is pretty easy on the MLX. This is also referred to as “Super Netting”.

The trick is to create two separate VE interfaces, one for each subnet’s default gateway, then assign both VE interfaces to the same VLAN. You will need to create the VE first before adding it to the MLX’s VLAN.

Config would look something like:

Interface ve 100
Ip address 10.0.1.100

Interface ve 101
Ip address 10.0.1.101

Vlan 100
Router-interface
Ve 100
Ve 101

Apologies for not being able to confirm the exact syntax; don’t have access to a router right now.

Wilbur

From: Charles Monson <monson@wins.net<mailto:monson@wins.net>>
Date: Wednesday, November 12, 2014 at 6:15 AM
To: "foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>" <foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>>
Subject: Re: [f-nsp] Multiple subnets on same VLAN

Do you have “no route-only” on the physical interface(s)? I’ve had trouble with routing between multiple subnets on a router-interface once and things started behaving normally after changing that.

- Charles

From: foundry-nsp [mailto:foundry-nsp-bounces@puck.nether.net] On Behalf Of José Santos
Sent: Tuesday, November 11, 2014 6:53 PM
To: foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>
Subject: [f-nsp] Multiple subnets on same VLAN

Hi,
I'm needing to merge two subnets that were before in two diferent VLANs in the same VLAN (attached to one untagged ethernet port) in a MLX router.

I configured multiple IP subnets in the same router-interface and I'm experiencing a lot of network issues. I am now trying to configure the subnets, let's say 192.168.50.1/24<http://192.168.50.1/24>, 192.168.51.1/24<http://192.168.51.1/24> and 192.168.52.1/24<http://192.168.52.1/24> in distinct virtual interfaces belonging to the same VLAN, however I am not being able to accomplish this since only one router-interface is allowed.

I thought configuring them in different loopback ports and then configure multiple unnumered interfaces or trunk various VLANs but none of this ideas seem possible as well.
Anyone knows how can I accomplish this and can provide a brief config example?
Thank you in advance!

--
Best Regards,
José
Re: Multiple subnets on same VLAN [ In reply to ]
Thank you all for your input.

I have the multiple subnets configured in the same ve interface. The issues
we were experiencing were lost TCP packets, low tranfer rates, stalled
downloads ...

Example of config:
interface ve 11
ip address 192.168.10.1/28
ip address 192.168.10.129/28
ip address 192.168.11.1/25
ip address 192.168.11.129/26
!

After a lot of digging we concluded the issues were not related with this
change, but with trafic fragmentation that is ocurring in a GRE tunnel we
had setup at the same time.

One issue we still see is when we do a traceroute let's say from
192.168.11.2/25 to the outside, the router/gateway IP we see in the first
hop is ip address 192.168.10.1 instead of 192.168.11.1. However, this
doesn't seem to affect the traffic.

Thanks again,
José

On 14 November 2014 08:50, Jethro R Binks <jethro.binks@strath.ac.uk> wrote:

> In the past, we've simply done this (usually in the context off adding
> another IP subnet into a VLAN, but probably also when merging two VLANs
> with subnets too):
>
> vlan 24
> ta e 1/1
> router-interface ve 24
>
> interface ve 24
> ip address 10.0.1.100/24
> ip address 10.0.2.100/24
>
> Alternatively, in some cases I also have this sort of thing (ancient
> BigIron config):
>
> vlan 2
> ta e 1/1 to 1/3
> ip-subnet 10.0.1.0 255.255.255.0 name S1
> static e 1/1 to 1/2
> router-int ve 2
> ip-subnet 10.0.2.0 255.255.255.0 name S2
> static e 1/1 to 1/3
> router-int ve 3
>
> int ve 2
> ip address 10.0.1.100 255.255.255.0
>
> int ve 3
> ip address 10.0.2.100 255.255.255.0
>
> I can't really remember much about it now :)
>
> I'm not familiar with the trick just below.
>
> Jethro.
>
>
> On Thu, 13 Nov 2014, Wilbur Smith wrote:
>
> > Jose,
> >
> > This is pretty easy on the MLX. This is also referred to as “Super
> > Netting”.
> >
> > The trick is to create two separate VE interfaces, one for each subnet’s
> > default gateway, then assign both VE interfaces to the same VLAN. You
> > will need to create the VE first before adding it to the MLX’s VLAN.
> >
> > Config would look something like:
> >
> > Interface ve 100
> > Ip address 10.0.1.100
> >
> > Interface ve 101
> > Ip address 10.0.1.101
> >
> > Vlan 100
> > Router-interface
> > Ve 100
> > Ve 101
> >
> > Apologies for not being able to confirm the exact syntax; don’t have
> access to a router right now.
> >
> > Wilbur
> >
> > From: Charles Monson <monson@wins.net<mailto:monson@wins.net>>
> > Date: Wednesday, November 12, 2014 at 6:15 AM
> > To: "foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>" <
> foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>>
> > Subject: Re: [f-nsp] Multiple subnets on same VLAN
> >
> > Do you have “no route-only” on the physical interface(s)? I’ve had
> trouble with routing between multiple subnets on a router-interface once
> and things started behaving normally after changing that.
> >
> > - Charles
> >
> > From: foundry-nsp [mailto:foundry-nsp-bounces@puck.nether.net] On
> Behalf Of José Santos
> > Sent: Tuesday, November 11, 2014 6:53 PM
> > To: foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>
> > Subject: [f-nsp] Multiple subnets on same VLAN
> >
> > Hi,
> > I'm needing to merge two subnets that were before in two diferent VLANs
> in the same VLAN (attached to one untagged ethernet port) in a MLX router.
> >
> > I configured multiple IP subnets in the same router-interface and I'm
> experiencing a lot of network issues. I am now trying to configure the
> subnets, let's say 192.168.50.1/24<http://192.168.50.1/24>,
> 192.168.51.1/24<http://192.168.51.1/24> and 192.168.52.1/24<
> http://192.168.52.1/24> in distinct virtual interfaces belonging to the
> same VLAN, however I am not being able to accomplish this since only one
> router-interface is allowed.
> >
> > I thought configuring them in different loopback ports and then
> configure multiple unnumered interfaces or trunk various VLANs but none of
> this ideas seem possible as well.
> > Anyone knows how can I accomplish this and can provide a brief config
> example?
> > Thank you in advance!
> >
> > --
> > Best Regards,
> > José
> >
>
> . . . . . . . . . . . . . . . . . . . . . . . . .
> Jethro R Binks, Network Manager,
> Information Services Directorate, University Of Strathclyde, Glasgow, UK
>
> The University of Strathclyde is a charitable body, registered in
> Scotland, number SC015263.
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
Re: Multiple subnets on same VLAN [ In reply to ]
On Mon, 17 Nov 2014, José Santos wrote:

> Example of config:
> interface ve 11
> ip address 192.168.10.1/28
> ip address 192.168.10.129/28
> ip address 192.168.11.1/25
> ip address 192.168.11.129/26
> !
>
> After a lot of digging we concluded the issues were not related with this
> change, but with trafic fragmentation that is ocurring in a GRE tunnel we
> had setup at the same time.
>

> One issue we still see is when we do a traceroute let's say from
> 192.168.11.2/25 to the outside, the router/gateway IP we see in the
> first hop is ip address 192.168.10.1 instead of 192.168.11.1. However,
> this doesn't seem to affect the traffic.

Yes, that makes sense, it picks the lowest configured IP on the ve. You
need to be careful of this if you are doing DHCP forwarding with ip
helper-address, as the DHCP server will see all the requests from any of
those subnets forwarded from that lowest configured IP and won't know
about the others. To service all the subnets in this vlan with DHCP, you
need to ensure they are all declared and grouped within a "shared-network
{" statement (in ISC DHCP).

(bitten by all this in around 2002!).

Jethro.



>
> Thanks again,
> José
>
> On 14 November 2014 08:50, Jethro R Binks <jethro.binks@strath.ac.uk> wrote:
>
> > In the past, we've simply done this (usually in the context off adding
> > another IP subnet into a VLAN, but probably also when merging two VLANs
> > with subnets too):
> >
> > vlan 24
> > ta e 1/1
> > router-interface ve 24
> >
> > interface ve 24
> > ip address 10.0.1.100/24
> > ip address 10.0.2.100/24
> >
> > Alternatively, in some cases I also have this sort of thing (ancient
> > BigIron config):
> >
> > vlan 2
> > ta e 1/1 to 1/3
> > ip-subnet 10.0.1.0 255.255.255.0 name S1
> > static e 1/1 to 1/2
> > router-int ve 2
> > ip-subnet 10.0.2.0 255.255.255.0 name S2
> > static e 1/1 to 1/3
> > router-int ve 3
> >
> > int ve 2
> > ip address 10.0.1.100 255.255.255.0
> >
> > int ve 3
> > ip address 10.0.2.100 255.255.255.0
> >
> > I can't really remember much about it now :)
> >
> > I'm not familiar with the trick just below.
> >
> > Jethro.
> >
> >
> > On Thu, 13 Nov 2014, Wilbur Smith wrote:
> >
> > > Jose,
> > >
> > > This is pretty easy on the MLX. This is also referred to as “Super
> > > Netting”.
> > >
> > > The trick is to create two separate VE interfaces, one for each subnet’s
> > > default gateway, then assign both VE interfaces to the same VLAN. You
> > > will need to create the VE first before adding it to the MLX’s VLAN.
> > >
> > > Config would look something like:
> > >
> > > Interface ve 100
> > > Ip address 10.0.1.100
> > >
> > > Interface ve 101
> > > Ip address 10.0.1.101
> > >
> > > Vlan 100
> > > Router-interface
> > > Ve 100
> > > Ve 101
> > >
> > > Apologies for not being able to confirm the exact syntax; don’t have
> > access to a router right now.
> > >
> > > Wilbur
> > >
> > > From: Charles Monson <monson@wins.net<mailto:monson@wins.net>>
> > > Date: Wednesday, November 12, 2014 at 6:15 AM
> > > To: "foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>" <
> > foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>>
> > > Subject: Re: [f-nsp] Multiple subnets on same VLAN
> > >
> > > Do you have “no route-only” on the physical interface(s)? I’ve had
> > trouble with routing between multiple subnets on a router-interface once
> > and things started behaving normally after changing that.
> > >
> > > - Charles
> > >
> > > From: foundry-nsp [mailto:foundry-nsp-bounces@puck.nether.net] On
> > Behalf Of José Santos
> > > Sent: Tuesday, November 11, 2014 6:53 PM
> > > To: foundry-nsp@puck.nether.net<mailto:foundry-nsp@puck.nether.net>
> > > Subject: [f-nsp] Multiple subnets on same VLAN
> > >
> > > Hi,
> > > I'm needing to merge two subnets that were before in two diferent VLANs
> > in the same VLAN (attached to one untagged ethernet port) in a MLX router.
> > >
> > > I configured multiple IP subnets in the same router-interface and I'm
> > experiencing a lot of network issues. I am now trying to configure the
> > subnets, let's say 192.168.50.1/24<http://192.168.50.1/24>,
> > 192.168.51.1/24<http://192.168.51.1/24> and 192.168.52.1/24<
> > http://192.168.52.1/24> in distinct virtual interfaces belonging to the
> > same VLAN, however I am not being able to accomplish this since only one
> > router-interface is allowed.
> > >
> > > I thought configuring them in different loopback ports and then
> > configure multiple unnumered interfaces or trunk various VLANs but none of
> > this ideas seem possible as well.
> > > Anyone knows how can I accomplish this and can provide a brief config
> > example?
> > > Thank you in advance!
> > >
> > > --
> > > Best Regards,
> > > José
> > >
> >
> > . . . . . . . . . . . . . . . . . . . . . . . . .
> > Jethro R Binks, Network Manager,
> > Information Services Directorate, University Of Strathclyde, Glasgow, UK
> >
> > The University of Strathclyde is a charitable body, registered in
> > Scotland, number SC015263.
> > _______________________________________________
> > foundry-nsp mailing list
> > foundry-nsp@puck.nether.net
> > http://puck.nether.net/mailman/listinfo/foundry-nsp
> >
>

. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks, Network Manager,
Information Services Directorate, University Of Strathclyde, Glasgow, UK

The University of Strathclyde is a charitable body, registered in
Scotland, number SC015263.