12-04-2007 11:02 AM - edited 03-05-2019 07:49 PM
I have a CISCO 2811 router with 2 Gigabit Ethernet ports. One port is used by a firewall, and the other port is for the LAN. Currently, I have a flat network that I want to chnage by putting the servers in my data center on a different subnet. Since I don't have spare port on the router, is it possible to create subinterface (on the ethernet port connected to LAN) and how? What is the best practice?
Thank you much.
12-04-2007 11:31 AM
Zennon,
Sure you could create sub interfaces. You can connect the spare fe router interface to switch and use dot1q trunk, this is a basic script for a router and switch.
Say you need 2 d networks 192.168.2.0 and 192.168.3.0 repeat principle for other subnets if needed.
Router_2811
interface FastEthernet0/0
Description CONNECTION TO switchport
no ip address
no ip proxy-arp
duplex full
speed 100
interface FastEthernet0/0.2
Description VLAN3
encapsulation dot1Q 2 ( for vlan 2 on switch )
ip address 192.168.2.1 255.255.255.0
interface FastEthernet0/0.3
Description VLAN3
encapsulation dot1Q 3 ( for vlan 3 on switch )
ip address 192.168.3.1 255.255.255.0
on the switch config something like this:
vlan database
vtp domain test_net
vtp mode transparent
vlan 2 name vlan2
vlan 3 name vlan3
interface fastethernet0/1
Description Trunk to router_2811
switchport mode trunk
no shutdown
[edit] You said you have two Gigabit interfaces? the 2811 I believe have two built int 10/100 FE ports , are you using additional gigabit modules installed on router?
HTH
Jorge
12-04-2007 01:58 PM
I thought about VLANs just like you mentioned. Whats best practice and better design, VLANs or subnetting? I am not sure pros and cons of both ideas.
The 2 gigabit ethernet ports are built-in ports. Is it possible to add an Gigabit ethernet module to the router? There is room for one.
12-04-2007 02:59 PM
Zennon, It all depends on size , the cons in doing it this way is you will be spliting the FE ports into logical subnets by which all intervlan routing traffic be routed through that one port, depending on how many servers total hosts you have.. you could place 3750-E and create SVIs, have 3750-E act as access/distribution if you will, crete vlans as well as do intervlan routing for local subnets in 3570, link up switch to FE port using /30 subnet on 2811 and have switch default route pointing to 2811 if using static routing.
There are many ways of doing but normally you want to follow basic model .Check this link at some branch office design example models to get an idea.
http://www.cisco.com/en/US/netsol/ns656/networking_solutions_design_guidances_list.html#anchor1
Also, the 2811 only have 2 builtin 10/100 FE ports, they are not gigabit ports.
http://www.cisco.com/en/US/products/ps5881/index.html
I don't think there is gig-Ethernet modules but Im not sure.. if you have access you could check based on hardware model on this link.. do a check by hardware.
http://tools.cisco.com/Support/Fusion/FusionHome.do
Rgds
Jorge
rate any helpful post if it helps
12-04-2007 03:10 PM
Zennon
I would like to comment on one aspect of your question. You ask about VLANs and subnetting as if they were different and as if doing one prevented doing the other. In fact VLANs and subnetting go together. When you create multiple VLANs you need multiple subnets. Basically each VLAN requires a unique subnet. (it is not necessarily true that each subnet requires its own VLAN, but it is true that each VLAN requires its own subnet)
Jorge has some good comments about the differences between doing VLANs with a trunk to the router (which would have subinterfaces on the router interface) and which would do inter-vlan routing or the alternative of doing VLANs and using a layer 3 switch to do the inter-vlan routing. But these considerations come after you have made the decision to change from a flat network with only a single VLAN to a network with several VLANs and several subnets.
HTH
Rick
12-04-2007 04:00 PM
Thanks. My initial intention was to create a seperate subnet for my data center on the 2811 router (core router), but i am running short on FE ports. Here I wouldn't need to use VLANs.
12-04-2007 03:48 PM
Thanks Jorge. Good point; even though I have a small network, i don't want to clog the physical FE port with interlan traffic.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: