i have a SN2410 and i’m new to mellanox switches.

I have implemented two vlan (vlan 130 and vlan 10) on that switch. Termnals in each vlan can ping others. I wish to perform inter-vlan routing and I’ve made the following configuration.

Vlan 130 - IP address 192.168.9.201/24
Vlan 10 - IP adddress 192.168.10.100/24

L3 routing enabled

under vrf default (no RD) i’ve create two ip routes

Destination 192.168.9.0 Mask 255.255.255.0 Gateway 0.0.0.0 Interface vlan130 Source direct AD/M 0/0

Destination 192.168.10.0 Mask 255.255.255.0 Gateway 0.0.0.0 Interface vlan10 Source direct AD/M 0/0

with the above configuration, the inter-vlan routing is not working. Please advise what I’m missing in the configuration

There is no need to create any routes manually.
if you have the L3 vlans configured and ip routing is enabled then it should work.
did you configure the correct routes on the hosts/ devices in each vlan?

please share output of :

show running-config
show ip route

Thanks for the reply. Please find below the outputs.

MGSW01 [standalone: master] # show running-config

Running database “initial”

Generated at 2023/10/03 13:37:10 +0400

Hostname: MGSW01

Product release: 3.9.3220

Running-config temporary prefix mode setting

no cli default prefix-modes enable

Interface Ethernet configuration

interface ethernet 1/1-1/4 speed 1G 10G 25G force
interface ethernet 1/5 speed auto force
interface ethernet 1/6-1/19 speed 1G 10G 25G force
interface ethernet 1/20 speed 1G 25G force
interface ethernet 1/21-1/30 speed 1G 10G 25G force
interface ethernet 1/37-1/41 speed 1G 10G 25G force
interface ethernet 1/25 switchport mode hybrid
interface ethernet 1/26-1/30 switchport mode trunk
interface ethernet 1/49 switchport mode trunk
interface ethernet 1/1 description “CLD1 - ETH 1 / 1G”
interface ethernet 1/2 description “CLD2 - ETH 1 / 1G”
interface ethernet 1/3 description “CLD1 - ETH 3 / 1G”
interface ethernet 1/4 description “CLD2 - ETH 3 / 1G”
interface ethernet 1/5 description “CSS 4000 - ETH 1 / 1G”
interface ethernet 1/6 description “Content Director1 ILO”
interface ethernet 1/7 description “System Management PC”
interface ethernet 1/25 description “Connected to MBC Switch 1 Avid / 10G”
interface ethernet 1/26 description “Connected to MBC Switch 1 PLAYOUT / 10G”
interface ethernet 1/37 description “CSS 4000 - SFP1 / 10G”
interface ethernet 1/38 description “CSS 4000 - SFP3 / 10G”
interface ethernet 1/39 description “CSS 4000 - SFP5”
interface ethernet 1/40 description “CSS 4000 - SFP7 / 10G”
interface ethernet 1/49 description “UplinkToSw02”

VLAN configuration

vlan 10
vlan 110
vlan 120
vlan 130
interface ethernet 1/26-1/30 switchport trunk allowed-vlan none
interface ethernet 1/1-1/2 switchport access vlan 130
interface ethernet 1/3-1/4 switchport access vlan 110
interface ethernet 1/5-1/24 switchport access vlan 130
interface ethernet 1/25 switchport access vlan 10
interface ethernet 1/37-1/40 switchport access vlan 130
vlan 10 name “AvidClient”
vlan 110 name “Private1”
vlan 120 name “Private2”
vlan 130 name “Public”
interface ethernet 1/26 switchport trunk allowed-vlan 130
interface ethernet 1/27 switchport trunk allowed-vlan 130
interface ethernet 1/28 switchport trunk allowed-vlan 130
interface ethernet 1/29 switchport trunk allowed-vlan 130
interface ethernet 1/30 switchport trunk allowed-vlan 130

L3 configuration

vrf definition mgmt
ip routing vrf default
interface vlan 10
interface vlan 130
interface vlan 10 ip address 192.168.10.100/24 primary
interface vlan 130 ip address 192.168.9.201/24 primary
interface vlan 10 ip arp timeout 1500
ip route vrf default 192.168.9.0/24 192.168.10.252

Network interface configuration

no interface mgmt0 dhcp
interface mgmt0 ip address 192.168.9.15 /24

Other IP configuration

hostname MGSW01
ip name-server vrf mgmt 192.168.10.161

Other IPv6 configuration

no ipv6 enable

Local user account configuration

username admin password 7 $6$4Eee1DhD$gtoEwoEdUakmYytrFrFgdZ/LSQDwy7NoO5hI9A…uCEjhl7hRxV/kbX6RdmxMVfZ27EXT/fcV7hHrWTVYqHO7/
username monitor password 7 $6$qFwdQOCI$WY6atNDzNTBSqCCkHnGErEywGlijbFTjNxvbIjFSN206InPe9bv5ebFGzOviRf.co.osRyJc8HTgGav/jcRZC0

AAA remote server configuration

ldap bind-password ********

ldap vrf mgmt enable
radius-server vrf mgmt enable

radius-server key ********

tacacs-server vrf mgmt enable

tacacs-server key ********

SNMP configuration

snmp-server vrf mgmt enable

Network management configuration

web proxy auth basic password ********

clock timezone UTC-offset UTC+4
ntp vrf mgmt disable
web vrf mgmt enable

X.509 certificates configuration

Certificate name system-self-signed, ID 802c04332b1466b628e3d57e25ea85648cd16970

(public-cert config omitted since private-key config is hidden)

Persistent prefix mode setting

cli default prefix-modes enable

MGSW01 [standalone: master] # show ip route

Flags:
F: Failed to install in H/W
B: BFD protected (static route)
i: BFD session initializing (static route)
x: protecting BFD session failed (static route)
c: consistent hashing
p: partial programming in H/W

VRF Name default:

Destination Mask Flag Gateway Interface Source AD/M

192.168.9.0 255.255.255.0 0.0.0.0 vlan130 direct 0/0
192.168.10.0 255.255.255.0 0.0.0.0 vlan10 direct 0/0

The hosts on the vlan are pcs and servers. I didn’t configure any routes on the pcs as I expected the switch to take care of the routing protocols. The only configuration on the pc are the ip address, mask and gateway. For the gateway I’ve used the vlan L3 ip-address.

can the PCs ping their GW? can they ping the 2nd vlan IP address?

The pc (192.168.9.2) on vlan 130 can ping its gateway (192.168.9.201) but not the second vlan ip address (192.168.10.100)

The pc (192.168.10.20) on vlan 10 can ping its gateway (192.168.10.100) and can also ping the second vlan ip address (192.168.9.201). But it cannot ping another server (192.168.9.8) on vlan 130.

ok - seems that you will need to debug this with our support team - can you open a case at:

enterprisesupport@nvidia.com

or

https://enterprise-support.nvidia.com/s/create-bot-case