• January 26, 2021, 07:08:42 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Nortel/Avaya ERS 5632FD Routing  (Read 6021 times)

0 Members and 1 Guest are viewing this topic.

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Nortel/Avaya ERS 5632FD Routing
« on: July 15, 2015, 02:28:20 PM »
Hello,

following situation: (should be quite simple)
VLAN Clients id 71
VLAN Server id 70

The Clients should communicate with the Servers in the Server-VLAN and the ERS5632FD should route between the VLANs.
 (in vlan 70 is a firewall/router allready)
So i created VLAN 70 and VLAN 71 on the Switch.

I configured the following:


5632FD(config)# int vlan 71
5632FD(config-if)# ip address 192.168.71.1 255.255.255.0

5632FD(config)# int vlan 70
5632FD(config-if)# ip address 192.168.70.250 255.255.255.0

5632FD(config)# ip routing


Auf dem Client (win8) in Vlan71 habe ich dann eine static IP eingestellt.
IP Address: 192.168.71.10
Netmask: 255.255.255.0
Def-GW: 192.168.71.1 (the 5632FD-Switch as router)

Now the problem:

i thought that is the basic setup and should work...
but:

I can ping with the client the Switch     192.168.71.10 -ping-> 192.168.70.250 works
i CAN'T ping with the client the Firewall 192.168.71.10 -ping-> 192.168.70.1 doesn't work

But in the Switch Console i can ping 192.168.70.1 (Host is reachable)?

what's wrong?
i think its only a small configuration problem... i hope ;) , because the scenario is quite simple.


Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #1 on: July 15, 2015, 02:59:09 PM »
What code are you running on your 5632?

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #2 on: July 15, 2015, 03:21:58 PM »
What do you mean with code?
SW/FW Version?
Or do you mean running-conf?

  ***************************************************************
  *** Ethernet Routing Switch 5632FD                          ***
  *** Avaya                                                   ***
  *** Copyright (c) 1996-2012,  All Rights Reserved           ***
  ***                                                         ***
  *** HW:03       FW:6.0.0.15  SW:v6.3.0.013                  ***
  ***************************************************************

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #3 on: July 15, 2015, 04:02:13 PM »
The software version is the important one.  Humm.  v6.3.0  There were a number of bugs in those early v6.3.0 code releases that really made it important to upgrade to something newer.  Specifically there were DHCP issues and problems with port speeds.  So I would really recommend you upgrade your code first before you try to get it working.  There is v6.3.5 out now which seems to be working very well for me.

 :)

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #4 on: July 15, 2015, 04:07:30 PM »
Thank you for your advice, i will try that out and give you feedback.
The thing is, I configured nearly nothing except of VLANs and Routing.

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #5 on: July 15, 2015, 05:32:55 PM »
Where is 192.168.70.1?  And does it know how to get back to 192.168.71.0/24?  The router that's acting as the default for 192.168.70.0/24 has to know how to route back or else any reply gets dropped in the bit-bucket.

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #6 on: July 15, 2015, 05:44:07 PM »
I am a beginner in Networking,

the only thing i configured, was the Sophos Firewall (VM) with the static IP 192.168.70.1 in VLAN 70

Then i configured the Switch like I described in the first port. The only things I did not mentioned,
was the VLAN Config, which was quite simple.

Can you tell me, if the basic configuration of my routing is correct?
Respectively what do I have to configure on the Switch side, so that my concept could work?

I am new at Avaya/Nortel, but the Commands seem to be nearly same except of a few differents in VLAN Config

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #7 on: July 15, 2015, 06:18:32 PM »
We were all beginners at some point, even if that was a very long time ago now.  :)

The ERS 5632 should be configured correctly.  What I think is going on is a routing issue between the firewall and the ERS 5632.

I can ping with the client the Switch     192.168.71.10 -ping-> 192.168.70.250 works
This works because you are pinging the switches interface.  The switch always knows how to get to it's self even without a routing protocol or static routes being used.  From the ERS 5632's point of view a packet comes in to it on it's 192.168.71.1 interface from 192.168.71.10.  The packet is destine for 192.168.70.250 which is it's self on another VLAN.  The switch looks in it's route table for how to get to 192.168.70.250 which it has since it's a local interface.  So no problem.  The switch then also knows how to send the reply back to your computer at 192.168.71.10 as it's in a subnet local to it's self.

i CAN'T ping with the client the Firewall 192.168.71.10 -ping-> 192.168.70.1 doesn't work
This is my quick guess as to what's going on.  This is an example of what happens when you have two routers, but they don't know about each other.  No routing protocol or static routes I assume.  As before, from the ERS 5632's point of view a packet comes in to it on it's 192.168.71.1 interface from 192.168.71.10.  The packet is destine for 192.168.70.1 this time.  The ERS 5632 looks in it's routing table and sees it can send the packet out the 192.168.70.250 interface since it's in the same subnet as 192.168.70.1.  The switch routes the packet and sends it on it's way to 192.168.70.1.  Problem though.  The packet gets to 192.168.70.1 (your firewall) and is processed.  The firewall knows how to talk to the 192.168.70.0/24 subnet since it's on it.  But does it know how to talk to the 192.168.71.0/24 subnet?  The firewall has to know how to reply back to your workstation on 192.168.71.10 by either a static route saying to get to 192.168.71.0/24 go through 192.168.70.250 or by using a routing protocol so both routers know about each other and how to route between them.  Without the knowledge of how to respond back to the 192.168.71.0/24 subnet, your firewall drops the packet as destination unreachable.

But in the Switch Console i can ping 192.168.70.1 (Host is reachable)?
Correct.  The switch just fires the ping out closest interface to the destination.  The 192.168.70.250 interface.  Now your firewall sees a ping from 192.168.70.250 and knows perfectly well how to respond back to it since it's in the same subnet as it's self.  No routing required.

I hope this helps you understand what's going on!
« Last Edit: July 15, 2015, 06:20:12 PM by Telair »

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #8 on: July 15, 2015, 06:36:37 PM »
So, first I would like to thank you for your best effort to support me.
But it's not only the router 192.168.70.1, I am also not able to ping Servers in the 192.168.70.0/24 Network.

But in this Moment I have catched, that if I unterstood you correctly, the Server I am pinging, needs the Switch as Default Gateway, cause he needs to send the Pong back to the Client?

Should it be something like that?

Client (IP:192.168.71.10,GW:192.168.71.1)--ping->AnyServer(IP:192.168.70.123,GW:192.168.70.250(theSwitch))

Because at the moment the GW of AnyServer is not pointing to the Switch... That might be the problem?

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #9 on: July 15, 2015, 07:02:18 PM »
The only thing I would expect you to be able to ping on the 192.168.70.0/24 network from your workstation at 192.168.71.10 would be the ERS 5632 interface 192.168.71.250.  Everything else in the 192.168.70.0/24 subnet depends on the firewall to send the reply back as it is the default gateway in 192.168.70.0/24.  It is up to the default router for each subnet to know how to handle and route to different networks.  It is not up to the servers and workstations to know how to route.  The logic and flow looks something like this assuming there is a server at 192.168.70.16 you try to ping from 192.168.71.10.

1) 192.168.71.10 (send ping. Destination is not a local interface or subnet. Send to default gateway 192.168.71.1)

2) 192.168.71.1 (got ping. Destination is not a local interface. Destination subnet is in routing table as a local subnet. Send to local 192.168.71.250 subnet interface)

3) 192.168.70.250 (forward ping to server 192.168.70.16)

4) 192.168.70.16 (got ping from 192.168.71.10, send reply.  Destination is not a local interface or subnet. Send reply to default gateway 192.168.70.1)

5) 192.168.70.1 (got packet from 192.168.70.16 destine for 192.168.71.10. Destination is not a local interface or subnet. Destination is not in routing table. I don't know how to send this to 192.168.71.10. Drop packet)

6) Your ping actually made it to 192.168.70.16.  But the reply didn't make it back as the default gateway doesn't know how to send the reply back to the 192.168.71.0/24 subnet.  So from your end it looks like the ping fails.


If you made the switch the default gateway, it would work, yes.  But then you loose the ability of the firewall to enforce any rules on that subnet or NAT out to the Internet.  There are a few ways to make this work with the firewall still.  Probably the easiest way would be to put a static route on the firewall telling it to get back to the 192.168.71.0/24 subnet, the next hop is 192.168.70.250.  Then it understands how to send replies back to the 192.168.71.0/24 subnet and it should all work.

« Last Edit: July 15, 2015, 07:04:41 PM by Telair »

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #10 on: July 15, 2015, 07:07:48 PM »
Thank you for your explanation, now I've unterstood the logic behind that all :) I'll try that out next days and give you reply.

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #11 on: July 16, 2015, 05:11:04 PM »
My Problem is also at this time, that I cant Download any Firmware-Updates
(Ethernet Routing Switch 5000 series v7.0.0 if I am right) because I don't have a "Sold-to" number,
I bought the Switches used on eBay :(
Has anybody an idea?

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #12 on: July 16, 2015, 05:15:54 PM »
No, you don't want v7.x code.  That's for the new ERS 5900's, not your ERS 5632.  Can you contact the person you purchased it off of maybe to see if they have newer code?

Offline Net-Zwerg

  • Rookie
  • **
  • Posts: 9
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #13 on: July 16, 2015, 05:25:56 PM »
Ooh you are right, I didn't catched that thanks.
When reading this document, it looks like v6.6.1 is the newest available?
I like to read, that the Out-of-Band MGMT Port is activated with this release...

So, I look in the following days, that I can reach a guy who has full access to the Avaya Support.
But in my opinion, its not soo cool that Avaya makes it so difficult to download new Firmware for private person :(

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 965
Re: Nortel/Avaya ERS 5632FD Routing
« Reply #14 on: July 16, 2015, 05:30:35 PM »
There are actually two choices...  v6.6.1 is the new v6.6.x code which was designed to make the 5600's run more like small core routers.  Then there is v6.3.5 which is the latest in the v6.3.x code line which is more tested, but was designed to run the 5600's more like edge switches.  For most people I would recommend v6.3.5 right now unless they specifically wanted a feature in v6.6.x code.  The back out-of-band management port would be one of those new things in v6.6.x.