Redirecting traffic from VLAN

Unanswered Question
Apr 27th, 2007

Hi,

We have two VLAN's

VLAN 1-192.168.18.0/24 (with secondary addressing)

VLAN 2-192.168.130.0/27

In order to migrate services to new hardware in VLAN 2, we need to divert traffic or at least determine what devices within VLAN 1 are still trying to talk to legacy VLAN 1 device?

Host routes won't work (directly connected interfaces), nor NAT (no interface to apply it to).

Is the only way to determine this via a VACL in VLAN1 with logging keywords?

Thanks,

Mark

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
wochanda Fri, 04/27/2007 - 16:16

Can you SPAN the port connecting to the legacy device and see which hosts are talking to it?

UTVi-NetAdmin Mon, 04/30/2007 - 00:59

William,

Thanks for your reply.

I tried the VACL logging feature and it works ok, as long as you deny the packets/flows that you want to log!

I had forgot about SPAN alright.

I was wondering have you any thought on NAT and VLANS?

As in my original post, say we have a legacy vlan and hope to segment that vlan into multiple vlans/subnets as hosts get re-addressed.

Where are 'ip nat outside' and 'ip nat inside' statements required when doing this.

Example:

!

interface GigabitEthernet5/1

description Incoming Interface

ip address 172.16.1.106 255.255.255.252

ip nat outside

end

!

!

interface Vlan888

description Legacy Test VLAN

ip address 172.16.8.19 255.255.255.0

end

!

!

interface Vlan889

description DESTINATION-TEST-SVI

ip address 172.16.30.3 255.255.255.224

ip nat inside

end

!

!

ip nat inside source static 172.16.8.108 172.16.30.21

!

Is this wrong?

Thanks,

Mark

Actions

This Discussion