Inter-Vlan Routing

Unanswered Question
Apr 25th, 2007
User Badges:

I have 2 schools using 3750 switches one at each school they are connected by gig fiber?

High school is Vlan 100

Middle school is Vlan 200

Novell Servers are in Vlan 300

One DHCP server sitting in Vlan 300

Juniper gateway to the internet sitting in Vlan 300

I need to have the schools be able to login to the Novell Servers [ip/ipx] and get out on the internet, the computers also need to be handed a DHCP address?How would I go about setting up inter-Vlan Routing for this scenario?

Thank you

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)

First, you would have to create routable layer 3 interfaces, or Switched Virtual Interfaces (SVIs) for the vlans on one of the switches. You will also need to create ip helper-addresses on vlan 100 and vlan 200 pointing at the DHCP server in vlan 300 so that clients will be able to obtain ip addresses (example below). I have to ask a question, it sounds like you are trunking across the gig link(s)? If your high school is one vlan, and your middle school is another vlan, why not just route between the buildings instead of trunking?

int vlan 100

ip add

ip helper-address x.x.x.x (dhcp server)

int vlan 200

ip add

ip helper-address x.x.x.x (dhcp server)

int vlan 300

ip add 10.1.300.1

albolabris Wed, 04/25/2007 - 16:55
User Badges:

It?s actually quite a bit larger network I?m just trying to get an idea for the initial set up. In reality we have 7 more sites across the city all are connected by gig fiber?The Central Office is where all servers and the gateway sit [Vlan 300]

albolabris Wed, 04/25/2007 - 17:35
User Badges:

The true topology of the network is a ring but all the servers and the gateway out to the internet is here at the CO. Yes from what I understand so far trunking would be used across the gig links?But it sounds like your proposing something else I?m not sure if I understand.

Even though you seem to have ample bandwidth, my philosophy is why trunk (Layer 2) when you can route (Layer 3). That is especially true between geographic locations. It seems that I hear more and more about people trunking across WAN links because they have private fiber or MetroEthernet services, but I don?t see the logic to doing that. I?d rather create routed links between each site as opposed to trunks. With a layer 2 trunk you have the potential for broadcast traffic getting onto the ring (even though it sounds like are limiting one vlan to a particular site), you have Spanning-Tree instances crossing those links including Bridge Protocol Data Units (BPDUs), and Spanning-Tree Topology Change Notifications (TCNs) crossing those trunks. You create a layer 2 topology that is, in my opinion, much more difficult to troubleshoot than a layer 3 routed topology.

albolabris Thu, 04/26/2007 - 04:53
User Badges:

I?m not sure if that would work for us, I know eventually the district would like to incorporate both wireless networks throughout the district one of the wireless networks would need access to vlan300 the other is its own for just internet access?

How do I go about creating Switched Virtual Interfaces (SVIs) for the vlans?

I don't see why the wireless would limit your options. I like to keep as much layer 3 in the design as possible. It keeps the network much simpler, in my humble opinion. Look at it like this, you sound like you are going to segment your sites by vlan, so have one building is in vlan 200, another is in 300, etc.; with trunk links between the sites. Why a different vlan at each site? Maybe because you want to use different subnets at each site, restrict broadcast traffic along those boundaries, control access based on the vlan? That's all done much easier by creating a layer boundary between the buildings as opposed to a trunk. This way don't have to troubleshoot spanning-tree, broadcast storms, etc. The access control is easier with ACL's along those boundaries, I could go on. The smartest person I ever met with respect told me something I never forgot, never trunk when you can route. I had a hard time understanding that at the time, but as I have gained more experience I understand more and more.


This Discussion