CRS226 - Routing Between Switched Groups

smmicek · September 19, 2014, 3:41pm

Hi Everybody,

I’m typically pretty self sufficient in learning these things, but I decided to make this a little more painless and just ask the question. I have DNS servers on ports eth01 and eth02 with eth01 as the master. Then I have a software VOIP PBX on eth08. The VOIP PBX can’t reach our DNS, and it seems that it’s an isolation setting of some sort.

My question is: How do I allow routing between switched groups, other switched groups, and independent ports?

I appreciate the help!

becs · September 22, 2014, 12:10pm

IP addresses configured on the master-ports of switch groups and IPs on the independent ports will allow routing between them.

DLNoah · September 22, 2014, 12:37pm

More specifically, the IPs on ether1/2 and the IP on the master port for ether8 need to be in different subnets.

For example, this will work, as the DNS servers & PBX will route traffic for each other to the CRS, which will get it sent to the right place:

CRS226 Ether1 - 10.1.1.1/24
DNS Server 1 - 10.1.1.2/24 - Gateway 10.1.1.1
DNS Server 2 - 10.1.1.3/24 - Gateway 10.1.1.1

CRS226 Ether8 - 10.2.2.1/24
PBX - 10.2.2.2/24 - Gateway 10.2.2.1

And this will not work, as the DNS servers & PBX will attempt to ARP for each other (because they are in the same subnet), and the ARPs will not work because the separate switch groups are not in the same broadcast domain:

CRS226 Ether1 - 10.1.1.1/24
DNS Server 1 - 10.1.1.2/24
DNS Server 2 - 10.1.1.3/24

CRS226 Ether8 - 10.1.1.10/24
PBX - 10.1.1.11/24

smmicek · September 22, 2014, 6:21pm

That’s strange, because I have them set up with IP addresses just like that.

eth01 is the master port for eth02 with public IP addresses on the DNS servers. We’ll call them 10.0.0.162 and 10.0.0.163 with a gateway of 10.0.0.161.
eth01 has the IP address 10.0.0.161.
eth08 has no master switch port and is set to a local ip of 10.1.1.1 connected to the PBX with gateway set accordingly, and an IP address of 10.1.1.2.

I still can’t reach 10.0.0.16X from 10.1.1.2, and it’s the same from any other port or group of switched ports.

DLNoah · September 23, 2014, 8:22am

What subnet masks do you have set up for those addresses? If, for example, the machines are Windows, the default subnet mask it will suggest for a 10.X.X.X address is 255.0.0.0, which would put the two networks in the same subnet.