Inter vlan routing

Unanswered Question
Apr 16th, 2007


I'm using 6509 switch and created nearly 20 vlan's but all the vlan's are able to access each other. How do i block this without using access-list ?

Please help me is there any other option.Please find the show version of my switch.

Cisco Internetwork Operating System Software

IOS (tm) s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(18)SXF3, RELEASE SOFTWARE (fc1)

Technical Support:

Copyright (c) 1986-2006 by cisco Systems, Inc.

Compiled Tue 14-Feb-06 18:08 by kehsiao

Image text-base: 0x40101040, data-base: 0x42DA0000

ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)

BOOTLDR: s72033_rp Software (s72033_rp-IPSERVICESK9_WAN-M), Version 12.2(18)SXF3, RELEASE SOFTWARE (fc1)

Campus-core-sw1 uptime is 40 weeks, 1 day, 1 hour, 5 minutes

Time since Campus-core-sw1 switched to active is 40 weeks, 1 day, 1 hour, 4 minutes

System returned to ROM by power cycle (SP by power on)

System restarted at 18:01:00 IST Sun Jul 9 2006

System image file is "disk0:s72033-ipservicesk9_wan-mz.122-18.SXF3.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

If you require further assistance please contact us by sending email to

[email protected].

cisco WS-C6509-E (R7000) processor (revision 1.2) with 458720K/65536K bytes of memory.

Processor board ID SMC1008007R

SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache

Last reset from power-on

SuperLAT software (copyright 1990 by Meridian Technology Corp).

X.25 software, Version 3.0.0.

Bridging software.

TN3270 Emulation software.

49 Virtual Ethernet/IEEE 802.3 interfaces

96 FastEthernet/IEEE 802.3 interfaces

36 Gigabit Ethernet/IEEE 802.3 interfaces

1917K bytes of non-volatile configuration memory.

8192K bytes of packet buffer memory.

65536K bytes of Flash internal SIMM (Sector size 512K).

Configuration register is 0x2102

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
minumathur Mon, 04/16/2007 - 06:04


disable ip routing on switch and disable rip/ospf etc on switch, configure switch as L2 Vlan

I hope this will help you out, please rate this post.


udayashankarsg Mon, 04/16/2007 - 07:20


These vlan's are advertised in WAN. Will there be any effect in WAN advertisement.Please find the vlan configuration and help me how can i disable ip routing.

description " vlan37 @ Campus "

ip address

no ip redirects

ip route-cache flow

Francis Garcia Wed, 04/13/2011 - 17:09


You can implement vrf-lite, in such way that no vlan can comunicate with each other, this is a great method and the traffic is totally isolated without needing vlan acl's or IP acls.

The configuration looks like this,

ip vrf vlan3

rd 1:3

ip vrf vlan4

rd 1:4

interface vlan 3

ip vrf forwarding vlan3

ip address x.x.x.x

interface vlan 4

ip vrf forwading vlan4

ip address x.x.x.x

This is the method that I use for isolating the voice vlan traffic from other vlans and It really looks more elegant.



Christian Capitan Wed, 04/13/2011 - 17:54

If you want a base config let me know. I will say looking at the config will not make much sense unless you read the Cisco doc, so I recommend reading it.


This Discussion