5

I'm trying to depreciate usage of VLAN 1 on my ProCurve switches; 1 is unused. I understand that VLAN 1 must exist, but I want to remove it from all ports, especially trunks between switches.

The problem I have is that stacking does not seem to work without VLAN 1.

I have changed the primary VLAN and management VLAN on all the switches:

(config)# primary-vlan 42
(config)# management-vlan 42
(config)# no vlan 1 untagged 25

Port 25 is the link between the 2 switches I'm testing with; the stack master and a member switch; I only want tagged traffic between the switches, no untagged frames.

show stacking on the master shows all members as "UP" but I can not telnet any of them:

Telnet failed: Connection timed out.

All switches have manually assigned (static) IP addresses on VLAN 42, and all exist in the same /25 subnet, as does my desktop. I can telnet the switches directly from my desktop to the individual switch IP addresses, just not from the master switch.

Do I need to reboot the switches to have the primary-vlan change take effect? Or is there something else I'm missing?

EDIT: show vlans output:

Status and Counters - VLAN Information

Maximum VLANs to support : 16                   
Primary VLAN : ADM   
Management VLAN : ADM   

802.1Q VLAN ID Name         Status      
-------------- ------------ ------------
1              LEGACY       Port-based  
12             PRD          Port-based  
14             IDMZ         Port-based  
15             LAN          Port-based  
16             WLS          Port-based  
17             PUB          Port-based  
18             SPW          Port-based  
20             PABX         Port-based  
42             ADM          Port-based
fukawi2
  • 5,327
  • 3
  • 30
  • 51
  • 1
    Which HP ProCurve switch model(s) are you using? – ewwhite Dec 17 '12 at 03:51
  • 1
    Sorry, I did forget that. The stack master is a 2510G-48, the member I'm testing with is a 2510-24. The other members in the stack are 2510G-24, 2510-48 and 2520-8-PoE. All show the same behaviour, and all are running latest available firmware. – fukawi2 Dec 17 '12 at 04:13
  • I'm just a bit rusty on procurve but try to mark the primary vlan as untagged. – eldblz Dec 17 '12 at 07:31
  • Can you also provide a exibit of command "show vlans" please? – eldblz Dec 17 '12 at 07:41
  • Edited the OP to show the vlan output. I haven't tried making the ADM untagged; I'm nervous about loosing all my connectivity to the remote switch if I do that. I am getting the impression that having no untagged VLAN on a port is an unsupported configuration with undefined behaviour? – fukawi2 Dec 17 '12 at 21:55
  • 2
    When setting up our 5400zl's we had to set one vlan as untagged and tag everything else. It just wouldn't work with all set to tagged. – R. S. Jan 29 '13 at 00:36
  • @kormoc That seems like it might be the case; I'd accept that as the answer if you post it as such. – fukawi2 Feb 04 '13 at 04:26

1 Answers1

3

When setting up our 5400zl's we had to set one vlan as untagged and tag everything else. It just wouldn't work with all set to tagged.

R. S.
  • 1,624
  • 12
  • 19