Intervlan routing problem

Unanswered Question
Apr 19th, 2007

My objetive is to have 2 vlans working, one for the users and the other for remote administration.

I have one router and one switch layer 2

I tried to configure the router and the switch in this way but I could not have the 2 vlans up at the sime time in the switch

This are my configs

Router

interface FastEthernet0/0

no ip address

duplex auto

speed auto

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.10.10.15 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.16

encapsulation dot1Q 16

ip address 172.16.16.1 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.99

encapsulation dot1Q 99

ip address 192.168.180.50 255.255.255.0

no snmp trap link-status

Switch

interface FastEthernet0/23

switchport mode trunk

no ip address

interface Vlan1

ip address 10.10.10.12 255.255.255.0

no ip route-cache

shutdown

!

interface Vlan16

ip address 172.16.16.5 255.255.255.0

no ip route-cache

shutdown

interface Vlan99

ip address 192.168.180.49 255.255.255.240

no ip route-cache

CAn you help me, please

!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Thu, 04/19/2007 - 07:40

Since your switch is layer 2, it can only have 1 ip address (for management). You switch does not need multiple IP's because your router is the default gateway for each VLAN.

HTH and please rate.

Richard Burts Thu, 04/19/2007 - 08:02

Hernan

To supplement the answer by Collin, I believe that it is helpful to understand on layer 2 switches the difference between having VLANs and having VLAN interfaces. You can have multiple VLANs on a layer 2 switch (you assign various switch ports as access ports on particular VLANs). When you define a VLAN interface it is different from definging a VLAN. A VLAN interface is a virtual interface or a layer 3 interface on the switch. You can configure an IP address on the VLAN interface for management purposes. You can have onle 1 active VLAN interface on the switch while you may have multiple active VLANs. While layer 3 switches may have multiple VLAN interfaces a layer 2 switch can have only 1 VLAN interface.

HTH

Rick

hernanseijas Thu, 04/19/2007 - 08:19

ok, I need a vlan interface for management but this IP must be different from the users vlan ip address...

for example users ip's 10.10.10.0/24

vlan int for management 172.16.1.1/32

how can I configure this?

thanks for your help

ankbhasi Thu, 04/19/2007 - 08:31

Hi Friend,

AFAIK you will not be able to assign /32 mask on layer 2 switch for any vlan.

IF you issue /32 subnet mask it will prompt you a message as "Bad mask /32 for address 172.16.1.1"

What you can do is configure

interface vlan

ip address x.x.x.x x.x.x.x

You can use any vlan number which does not belong to user vlan and you will be able to manager your switch but because intervlan routing is configured on your router user from there vlan also will be able to access your layer 2 switch after gettting routed from router till the time you configure some ACLs on router subinterface.

HTH

Ankur

Richard Burts Thu, 04/19/2007 - 08:38

I would ask Hernan if the user addresses are in 10.10.10 then why does the management address need to be in 172.16? Why not just pick some address in 10.10.10 that does not duplicate a user address and use that for management? That would simplify having to configure another interface on the switch and another interface on the router.

HTH

Rick

hernanseijas Thu, 04/19/2007 - 08:54

This is what you are propossing?

Router

interface FastEthernet0/0

no ip address

duplex auto

speed auto

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.10.10.15 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.99

encapsulation dot1Q 99

ip address 192.168.180.49 255.255.255.240

no snmp trap link-status

Switch

interface FastEthernet0/23

switchport mode trunk

no ip address

interface Vlan1

ip address 10.10.10.12 255.255.255.0

no ip route-cache

shutdown

!

interface Vlan99

ip address 192.168.180.50 255.255.255.240

no ip route-cache

ankbhasi Thu, 04/19/2007 - 08:57

Hi Friend,

Sweet, simple configuration always look good.

This will work fine.

Regards,

Ankur

3iadministrator Tue, 05/08/2007 - 18:20

Hi Rick,

you are right on Layer 2 switch can only have 1 VLAN interface. but i understood from friend of mine that you can configuring spanning tree protocol to go about it. is that true?

thanks

J

Richard Burts Tue, 05/08/2007 - 19:02

J

I am not sure that I understand what you are saying. It is true that a layer 2 switch can have only 1 active layer 3 interface (VLAN interface) with an IP address assigned. And it is true that you can configure spanning tree to operate on multiple layer 2 VLANs on the layer 2 switch.

If your comment is about something else then perhaps you can clarify.

HTH

Rick

Actions

This Discussion