Description:

On an XS and GS-45xx series switch, it is not possible to route the management VLAN when the routing function is used. Any communication on this network is therefore restricted to the management network itself. Also, it is not possible to create a routing interface for the management network (System → Connectivity → IPv4).

When a LANCOM managed switch is managed from the LANCOM Management Cloud (LMC), the management VLAN is always set to VLAN 1. If the VLAN ID 1 is used in a scenario, routing for the corresponding network is impossible.

To avoid this behavior, a placeholder network is created in the LMC and the management VLAN is modified by an add-in script. After this, a routing interface can be created in the Detail configuration for the management network. This enables routing for this network.

This article describes how to enable routing for the management network of an XS or GS-45xx series switch that is managed via the LMC.


Requirements:

  • LCOS SX as of version 5.20 Rel (download latest version)
  • Access to the LANCOM Management Cloud including your own project and an LMC license for the switch
  • Any web browser for accessing the LANCOM Management Cloud
  • The use of Add-ins must be activated in the LMC (Project specifications → Basic → Use Add-ins)


Scenario:

Current situation:

  • A site uses the management network 192.168.45.0/24. The switch initially obtains an IP address from this network via DHCP.
  • On an XS or GS-45xx series switch managed via the LMC, routing is to be enabled for the management network.


Implementation:

  • Two networks are created in the LMC:
    • A placeholder network with the IP address range 172.23.56.0/24 (Dummy), which replaces the actual management network within the switch.
    • The actual management network with the IP address range 192.168.45.0/24 (Management).
    • The Management VLAN 1 is changed to VLAN ID 200 using an Add-in script, which allows VLAN-ID 1 to be used for another network and thus enables routing for that network.


Procedure:

This scenario assumes that the switch is unconfigured. The procedure for an existing installation may differ.


1) Pairing the switch with the LANCOM Management Cloud and assigning the LMC license:

1.1) Connect the switch to the LANCOM Management Cloud as described in the following Knowledge Base article:

Pairing a LANCOM device with the LMC

1.2) Switch to the menu Devices.

1.3) Click No License to go to the License menu.

1.4) Select a suitable license for the switch and click Assign licenses.



2) Configuring the networks in the LANCOM Management Cloud:

2.1) Change to the Networks menu and click Add Network → Network.

2.2) Modify the following parameters and then click Save:

  • Enter a descriptive name for the placeholder network (in this example Dummy).
  • In the box Global IP range, enter an unused IP address range in CIDR notation (in this example, the network 172.23.56.0/24).
  • Activate the option Tag network data (VLAN).
  • Enter the VLAN ID 200. This is the management VLAN, which is set by the add-in script imported in step 3.

If the VLAN ID 200 is already in use, you can enter any other unused VLAN ID. In this case, the management VLAN in the Add-in script must also be adjusted to this value (see step 3).

2.3) Create another network, adjust the following parameters and click Save:

  • Enter a descriptive name for the actual management network (in this example Management).
  • In the box Global IP range, enter the IP address range of the management network in CIDR notation (in this example 192.168.45.0/24).
  • Activate the option Tag network data (VLAN).
  • Enter the VLAN ID for the management network (in this example VLAN ID 50).

It is also possible to use VLAN ID 1 for the management network by ensuring that the option Tag network data (VLAN) is not enabled and no VLAN ID is entered. The LMC then implicitly uses VLAN 1.

2.4) Change to the Sites menu and click Add site.

2.5) Enter a descriptive name for the site (in this example Office) and click Add.

2.6) For the site, go to the Networks tab and click on Assign networks.

2.7) Choose the networks created in steps 2.2 and 2.3 and click Assign.

2.8) For the site, change to the Devices tab and click on Assign devices.

2.9) Choose the switch connected to the LMC in step 1 and click Assign.



3) Importing the add-in script for the DNS server and the management VLAN, and assigning the variables:

First download the following script and save it on your computer. The script sets the management VLAN to VLAN ID 200 and allows a DNS server to be set.

XS_GS-45xx_DNS-Server_Management-VLAN.json

If VLAN 200 is already in use, you can adjust this after importing the script by entering any unused VLAN ID (in quotation marks) after the OID path 16.1.2.3.11. Then click Save.


3.1) Change to the Add-ins menu and click Import.

3.2) Select the file XS_GS-45xx_DNS-Server_Management-VLAN.json and select the script DNS-Management-VLAN. Then click Import.

3.3) Confirm the message by clicking Close.

3.4) Click the Variables button.

3.5) Make sure, that the variable mgmt_dns is available.

At this point, the variable must not yet be assigned a value (the IP address of the DNS server in the management network), otherwise this value will apply to all devices that the variable is assigned to. Instead, the DNS server must be entered in the variable assignment for a specific switch (see step 3.11).

3.6) Switch to the menu Networks and click the placeholder network created in step 2.2 (in this example Dummy).

3.7) Switch to the Add-ins tab, choose the Add-in imported in step 3.2 and click Apply.

3.8.) Click Save.

3.9) Go to the Devices menu and click the Name of the switch to access the device settings.

3.10) Change to the Variables tab and click Add variables.

3.11) Select the variable mgmt_dns and, in the field New value, enter the IP address of the DNS server in the Management network (in this example the IP address 192.168.45.254). Then click Add.



4) Adjusting the Detail configuration:

4.1) Go to the Devices menu and click the Name of the switch to access the device settings.

4.2) Change to the Detail configuration tab and, in the menu System → IPv4 adjust the following parameters and click Save:

  • Disable the option DHCP client enabled, so that the IP parameters can be edited.
  • In the IP address field, enter an IP address from the placeholder network created in step 2.2 (in this example, the previously stored IP address 172.23.56.250).
  • In the IP mask field, enter the subnet mask of the placeholder network specified in step 2.2 (in this example, the previously stored subnet mask 255.255.255.0).
  • In the IP gateway field, enter the fictitious IP address of the default gateway for the placeholder network created in step 2.2 (in this example, the previously stored IP address 172.23.56.254).

4.3) In the Detail configuration under Configuration → Routing, activate the option Routing and click Save.

4.4) Go to the sub-menu Interfaces under Configuration → Routing.

4.5) Click on New entry to create a new interface.

4.6) Modify the following parameters and then click Save entry:

  • VLAN ID: Enter the VLAN ID for the Management network saved in step 2.3 (in this example VLAN ID 50).
  • Config method: From the drop-down menu, select the option manual so that the IP parameters can be entered manually.
  • IP address: Enter an IP address from the Management network created in step 2.3 which is to be used as the default gateway in the Management network (in this example the IP address 192.168.45.200).
  • IP mask: Enter the subnet mask specified in step 2.3 for the Management network (in this example 255.255.255.0).

4.7) Click Save to accept the routing interface.

4.8) Go to the sub-menu Routes under Configuration → Routing.

4.9) Click on New entry to create a new route.

4.10) Modify the following parameters and then click Save entry:

  • IP address: Leave the value as 0.0.0.0. This means that packets for any address range (other than local networks) are sent to the IP gateway (default gateway).
  • IP mask: Leave the value as 0.0.0.0. This means that packets for any address range (other than local networks) are sent to the IP gateway (default gateway).
  • IP gateway: Enter the IP address of the default gateway in the Management network (in this example 192.168.45.254).
  • Route type: Check that the option default is selected. This creates a default route.

4.11) Click Save to accept the default route.



5) Assigning VLAN IDs to the switch ports:

The VLAN IDs assigned to the networks (see step 2.2 and 2.3) must be assigned to at least one switch port. Otherwise an error message is issued and the configuration cannot be rolled out. For a management network (VLAN 200 in this example), it is sufficient to assign it to a single switch port.

5.1) Go to the Devices menu and, under Overview, scroll to the ports overview. There, select a port to which the VLAN IDs are to be assigned.

5.2) For Port mode set the option Configured and for Networks, set the VLAN IDs of the networks created in steps 2.2 and 2.3. Then click Save.

Optionally, you can select the Management network in the field Untagged network to operate it untagged.

5.3) Repeat steps 5.1 and 5.2 for all other switch ports that the VLANs are to be assigned to.



6) Rollout the device configuration:

6.1) Go to the menu Devices.

6.2) Select the switch and click the “dots” icon to open the advanced settings.

6.3) Click on Configuration roll out.

6.4) Confirm the prompt by clicking on Roll out.

All LANCOM products and software versions are subject to LANCOM Software Lifecycle Management.
You can find information on our website at https://www.lancom-systems.com/products/firmware/software-lifecycle-management

© 2019-2024 LANCOM Systems GmbH