02-16-2008 08:04 AM - edited 03-05-2019 09:12 PM
I have 3 switches, (1)3550 and (2) 2960's, each one is 48 ports. I'm using the 3550's port F0/1 for routing, all the other ports have a VLAN tied to them.
3550 = swA
2960 = swB
2960 = swC
swA = (4) VLANs (Servers, Printers, Office, IT)
swB = (2) VLANs (Sales & Marketing)
swC = (3) VLANs (WIFI, Pub Access, Service)
Trunking ports
swA gi0/2 to swB gi0/1
swB gi0/2 to swC gi0/1
Right now I have all VLANs being trunked acrossed all trunk ports
For trunking purposes on swA, do I need to trunk its VLANs to the other switches? And the same with swB's VLANs being trunked to swC.
I'm thinking that I dont have to because if a VLAN needs access to another VLAN it is going to the routing for where to go. Like router on a stick. But if I have printers on swC I would then need a trunk for it to let the switch know where the other port is located.
This is what I'm thinking it should be.
Trunking ports
swA gi0/2 to swB gi0/1 (Sales, Marketing, WIFI, Pub Access, Service)
swB gi0/2 to swC gi0/1 (WIFI, Pub Access, Service)
02-16-2008 08:26 AM
There is something I don't understand from your setup.
The 3550 is the only Layer3 switch that you have mentioned.
The other Layer2 switches contain Vlans not contained in the 3550, those Vlans are Sales, Marketing, WIFI, Pub Access and Service.
How those Vlans communicate at Layer3? You mentioned this:
if a VLAN needs access to another VLAN it is going to the routing for where to go.
Where is the router other than the 3550?
If you have an external router for inter-vlan routing, what's the point of having the 3550 switch? The 3550 will provide a faster inter-vlan routing than any 'router-in-a-stick' configuration out there.
Also, please post configs along with a network diagram so we can get a clear picture of your network.
___
Edison.
02-16-2008 04:12 PM
hostname 3550-swA
!
ip subnet-zero
ip routing
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan WIFI,Sales,Service01,Marketing,Service02 priority 8192
spanning-tree vlan SvrGp01,Printers,Office,SvrGp02,IT priority 4096
!
interface FastEthernet0/1
no switchport
ip address 10.5.15.2 255.255.255.252
speed 100
duplex full
!
interface FastEthernet0/2 - 8
switchport access vlan SvrGp01
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9 - 20
switchport access vlan SvrGp02
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21 - 30
switchport access vlan Printers
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/31 - 42
switchport access vlan Office
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/43 - 46
switchport access vlan IT
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/47 - 48
switchport mode dynamic desirable
!
interface GigabitEthernet0/1
switchport access vlan SvrGp02
switchport mode access
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport trunk native vlan Native
switchport trunk allowed vlan 1,WIFI,SvrGp02,Printers,Office,Sales,Service01,Marketing,SvrGp01,Service02,IT,Native
switchport mode trunk
switchport nonegotiate
!
interface Vlan1
no ip address
shutdown
!
interface Vlan SvrGp02
ip address 10.12.10.14 255.255.255.240
!
interface Vlan Printers
ip address 10.12.10.30 255.255.255.240
!
interface Vlan Office
ip address 10.12.10.62 255.255.255.224
ip helper-address 10.12.10.1
!
interface Vlan Sales
ip address 10.12.10.94 255.255.255.224
ip helper-address 10.12.10.1
!
interface Vlan Service01
ip address 10.12.10.126 255.255.255.224
ip helper-address 10.12.10.1
!
interface Vlan Marketing
ip address 10.12.10.190 255.255.255.192
ip helper-address 10.12.10.1
!
interface Vlan SvrGp01
ip address 192.168.1.1 255.255.255.240
!
interface Vlan Service02
ip address 10.12.8.206 255.255.255.240
ip helper-address 10.12.10.1
!
interface Vlan Public
ip address 10.12.10.33 255.255.255.224
!
interface Vlan WIFI
ip address 10.10.10.33 255.255.255.224
!
interface Vlan IT
ip address 10.11.201.14 255.255.255.240
!
ip classless
ip http server
I have the VLANs on the 3550, which is the L3 SW. I probly should have stated that at the beginning. I tried to clean up the config, so I hope I didnt mess it up to much.
02-16-2008 04:13 PM
swB
hostname 2960-swB
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan Sales,Marketing priority 4096
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1 - 30
switchport access vlan Marketing
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/31 - 48
switchport access vlan Sales
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport trunk native vlan Native
switchport trunk allowed vlan 1,WIFI,SvrGp02,Printers,Office,Sales,Service01,Marketing,SvrGp01,Service02,IT,Native
switchport mode trunk
switchport nonegotiate
speed 1000
duplex full
!
interface GigabitEthernet0/2
switchport trunk native vlan 301
switchport trunk allowed vlan 1,WIFI,SvrGp02,Printers,Office,Sales,Service01,Marketing,SvrGp01,Service02,IT,Native
switchport mode trunk
switchport nonegotiate
speed 1000
duplex full
!
interface Vlan1
no ip address
no ip route-cache
shutdown
swC
hostname 2960-swC
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan WIFI,Service01,Service02 priority 4096
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1 - 16
switchport access vlan Service01
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17 - 24
switchport access vlan Service02
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/25 - 34
switchport access vlan WIFI
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/35 - 48
!
interface GigabitEthernet0/1
switchport trunk native vlan Native
switchport trunk allowed vlan 1,WIFI,SvrGp02,Printers,Office,Sales,Service01,Marketing,SvrGp01,Service02,IT,Native
switchport mode trunk
switchport nonegotiate
speed 1000
duplex full
!
interface GigabitEthernet0/2
shutdown
speed 1000
duplex full
!
interface Vlan1
no ip address
no ip route-cache
shutdown
02-16-2008 04:22 PM
I checked your config I wouldn't be too concerned about your trunking configuration (not sure why you are). If you want to limit the Vlans allowed in the trunk, just enable VTP Pruning in the domain - is that simple.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_4_2/config/vlans.htm#xtocid79807
As for changing inter-switch links from trunk mode to access mode, what benefit are you getting from it?
HTH,
__
Edison.
02-17-2008 09:44 AM
I don't have it installed yet. This is my first Cisco network that I'm making from scratch and want the implementation to go smooth, plus getting servers in to. When I first started we had only 9 computer with 13 terminals and now we have over 70 computers and I'm trying to manage the network with servers instead of individual attention. Being the only IT personel there, it will be a long weekend for the conversion.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide