Page 1 of 1

First Step to Debug L3 Switch

Posted: Tue May 23, 2017 2:47 pm
by triwaves
Hello,

I am struggling to get anywhere with a L3 switch implementation

I have read various posts and am starting with what seems to be the first basic connection test.

* I have one server hosted on AWS EC2 instance with public IP that I can connect to
* I defined one hub called home
* I defined one switch called Cloud Switch
* I defined virtual interface on switch connected to hub home with IP 192.168.1.254
* I have a raspberry pi running bridge SW in cascade mode to hub home
* RPi network is behind Linksys router using IP in range of 192.168.1.0/24 and successfully connects to AWS server (see picture)
* I have tried with and without securenat enabled

At this point I should be able to ping 192.168.1.254 but cannot.

Where should i look to figure out why I can't make this basic connection and see the switch virtual interface? Help appreciated as I can't continue learning the rest until I get one connection set up.

My goal is to have 3 sites all connected to the cloud server with a L3 switch creating access for all sites to one another and for a remote user to any site by connection to cloud.

I thought I would just try and get help to get a single branch running to fully understand the basics first.

Thanks in advance.

Re: First Step to Debug L3 Switch

Posted: Wed May 31, 2017 5:37 am
by thisjun
Where did you ping from?

Did you create localbridge?
Is it tap mode?

Re: First Step to Debug L3 Switch

Posted: Wed Jun 07, 2017 4:25 pm
by triwaves
thisjun wrote:
> Where did you ping from?
>
> Did you create localbridge?
> Is it tap mode?

Hi thisjun - thanks so much for reading and replying to my message ; I'm sorry for the delayed response, I somehow missed the notification it was responded to :( My bad, I hope to be able to make some progress.

I pinged from the RPi box at home that is cascade connected to the AWS sever hub called home.

The Rpi at home has a local TAP interface running

Re: First Step to Debug L3 Switch

Posted: Thu Jun 15, 2017 6:16 am
by thisjun
Did you configure bridge between tap and LAN interface?

Re: First Step to Debug L3 Switch

Posted: Sat Jun 17, 2017 5:27 pm
by triwaves
I have the tap interface running which was working for remote access to my network , not sure I understand what bridge you mean?

I have bridge SW running and cascade connected to central server.

Do you mean some local bridge in addition to the tap?

Re: First Step to Debug L3 Switch

Posted: Thu Jun 29, 2017 8:09 am
by thisjun
Please create OS bridge between tap and LAN interface.
http://forum.softether.org/viewtopic.ph ... 044#p22023

Re: First Step to Debug L3 Switch

Posted: Fri Sep 08, 2017 4:47 am
by triwaves
Where I got to on this is having a switch with two interfaces defined for two different subnets.

Names have changed ... but I have
* net1: 192.168.30.0 and an interface on the L3 switch of 192.168.30.254
* net2: 10.76.221.0 and an interface on the L3 switch of 10.76.221.254

On a PC in Net1 I tried to ping the L3 interface of 192.168.30.254 -- success
Since I can see the L3 interface I added a route : route ADD 10.76.221.0 MASK 255.255.255.0 192.168.30.254
On L3 switch I add a route: 10.76.221.0 / 255.255.255.0 to 10.76.221.254

On PC in Net1 I tried to ping the interface for Net2 : ping 10.76.221.254 -- success

So I think I get to the L3 switch Ok , but when I ping anything else on the 10.76 net I get no ping response

So I get packets to the L3 switch, and I can see the L3 interface for the other network on the switch, but I don't seem to have my packets forwarded anywhere beyond the interface itself.

Ideas I can try to debug? Thanks in advance

Re: First Step to Debug L3 Switch

Posted: Wed Sep 20, 2017 2:33 pm
by triwaves
Above didn't work because there was no valid route from the 10.76 net to the L3 switch. What I did instead was configure 2 fixed locations (hubs) into an AWS hosted server - both Raspberry Pi devices on the local network at the fixed location. Both are running secure NAT to eliminate need for any port configurations. I also added capability for android to VPN into server (as a 3rd hub)

I have successfully configured the L3 switch and can ping, VNC, etc. between the RPIs and the client! Thanks to this forum I was able to learn how to do that and understand it fairly well - appreciate all the people who take time to read and respond.

Now that I have the RPis working and the L3 switch working I'm on to the next phase of learning...

Please see diagram attached (sorry it's just by hand but I hope you get idea)

The RPi devices have manually added routes on them to steer traffic to proper 192.168.x.254 interface on the L3 switch. This works perfect from Rpi to Rpi.

If I connect a VPN client into a HUB directly (called home or cabin on the diagram) I can connect to the Rpi and it's DHCP on that HUB and communicate with all the machines on the same net as the Rpi (example all the 10.76.221.x machines). This gives full VPN access to the network.

With the L3 network however I don't understand how the routing could work to not only steer traffic to the correct port on the L3 switch, but to the machines the RPi is bridged to on that network.

Is there a way to use the L3 switch and bridge mode to keep the two networks permanently connected where every machine can see every machine? The Rpi are different subnets right now because I don't have control of the local DHCP server.

Re: First Step to Debug L3 Switch

Posted: Mon Oct 02, 2017 5:50 pm
by triwaves
Bump. Any ideas?

Re: First Step to Debug L3 Switch

Posted: Thu Oct 26, 2017 5:47 am
by thisjun
If you can configure DHCP server, pushing routes from DHCP is best way.
If you have control of gateway router, add routes to the router.
If you don't have neither, add routes on each hosts.