Layer 2 & 3 switch 3550

Unanswered Question
Nov 26th, 2007

I'm configuring VLAN's on a Cisco 3550 & 2960. The 3550 is a layer 2 & 3 switch. I've configured the "router on a stick" config before but this is the first time on a layer 2 & 3 switch. Then trunking to 2960 thru gi ports.

How would I connect the VLAN's together to be routed? Do I put the IP on the VLAN or do I configure subinterfaces on the router port? And if I put the IP on the VLAN can I apply acl to it like an interface?

I'm thinking that you wouldn't create sub-int, you would need to connect a cable and trunk it.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Collin Clark Mon, 11/26/2007 - 11:23

The 3550 will have SVI's- Switched Virtual Interfaces. What that means is each VLAN can have a layer 3 address.

switch(config)# interface vlan 5

switch(config-int)# ip add 10.10.5.254 255.255.255.0

switch(config)# interface vlan 6

switch(config-int)# ip add 10.10.6.254 255.255.255.0

You'll need to enable ip routing-

switch(config)# ip routing

Now hosts between the VLANs can communicate. Finally to add the 2960 into the mix, you will want to create a trunk between the switches. No sub-interfaces needed and you can apply ACLs inbound and outbound.

HTH and please rate.

vanguardro Mon, 11/26/2007 - 11:30

hello,

one method to configure your network, is to have all switches in same vtp domain,

for example:

sw 3560 can be your server for vtp domain

!

vtp mode server

vtp domain MyNetwork

!

and on all of your 2960 switches can be clients on this VTP domain

!

vtp mode client

vtp domain MyNetwork

!

interconnection between switches can be done with trunk command:

!

in gi 0/1

sw tr en dot

sw mo tr

!

and now we can create some vlan in vlan databases on our server

3560#conf t

!

vlan 10

name users10

!

vlan 11

name user11

!

vlan 30

name servers

!

if all interconnection is done proprely, vlan information will be propagated to all your clients (aka access-switches in your vtp domain)

now we will work on our vlan routing problem

on our L3 switch 3560 we will assign ip address to interface vlan:

!

interface vlan 10

description Interface Vlan10

ip address 172.16.10.0 255.255.255.0

no shut

!

int vlan 11

desc Interface Vlan11

ip address 172.16.11.0 255.255.255.0

no shut

!

int vlan 30

desc interface servers

ip address 172.16.30.0 255.255.255.0

no shut

!

ip routing

!

doing this, routing will be done in 3560 and 2960 will be used as access-switches

also you can create some acl and apply this acl to int vlan

!

int vlan 10

ip access-gr 10 in

!

best regards,

vanguardro

Actions

This Discussion