Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Donald_Wilkins

4 Posts

393

July 7th, 2014 11:00

Multiple Client subnet feature FS7610

All,


I have begun testing this feature and have concluded some observations.  During the setup to use this feature, I began with a typical setup that you would find with an older firmware version already in place.  One subnet for the client 1 network with the default gateway from that same subnet.  The switch ports remained untagged  (i.e.switchport access vlan ##).  I then began the conversion on the switch to enable the multiple subnet feature to work from a switching / L3 standpoint .  In order to enable tagging at the switch level, I needed to add 2 statements on the switch (switchport mode trunk & switchport trunk native vlan [vlan-id]).  The  switchport access vlan [vlan-id] previously on the interface was removed.  Any untagged packet would be assumed to be part of the same vlan originally configured and tagged packets would be allows going forward.


Anyway after applying the 2 lines to the 4 client 10Gb interfaces the NAS worked as previously configured (not tagged).  I then proceeded to enable tagging on the current client network so as to not need the native vlan config line, but that did not go well.  After configuration, it would not pass data.  I reverted back and things returned to normal.  (see switchport information below)


I then proceeded to add the second client network (I picked a client network that I had a local server on to test).  The IP addresses were assigned in the GUI and applied.  I was able to ping each  address of the newly assigned IPs.  What was interesting though is I am also able to ping the IP addresses across the routed network....which should not be possible.  Until I plug up a sniffer I cannot be certain how this is happening, but I am suspecting that the FS is returning the ping response via the original client network and not the new (supposedly isolated) network.  Unless my configuration is too liberal, I am thinking the routing table of the FS series is routing the response for the second client network.  In the testing scenario both client 1 and client 2 networks are routable by the same L3 switch.  In practical configuration, I would think the client 2 network would be on a DMZ and in this case, I would not like that the response transverses the client 1 network.


My switch port configuration (Cisco Nexus 5596)

interface Ethernet3/5
  description beta-nas-c0-0
  switchport mode trunk
  switchport trunk native vlan 51
  flowcontrol receive on
  flowcontrol send on

load balancing / bonding mode on NAS is ALB

Donald_Wilkins

4 Posts

July 7th, 2014 14:00

Update....


I removed the   "switchport trunk native vlan 51" and then tagged the original client network with vlan tag of 51 and it is working now.  So that issue was a result of having the tag of the same number as the native vlan.

Was this post helpful?

View All

No Events found!

Top