Creating 4 L2 VLAns on CAT Switch 4510 Cisco IOS and giving switch I addre

Answered Question
Feb 26th, 2008
User Badges:

Hi,

I am configuring a CAT 4510 Switch and I need to create 3 VLANS (excluding VLAN1)

VLAN office-Internal

VLAN External-Co

VLAN-External-ext and they must be L2 vlans.


The switch is a L3 switch with Cisco IOS but they don't want L3 VLANs and routing to be on this switch. I need help on how to set them up and Also how to give this Switch an IP adreess for managemnet and telnet?


Please see if you can help me as I was palnning on L3 but they now want those VLANs ot be L2.


Please advise on how to set these VLANs up and how to give this Switch an Ip address (private) for managemnet and telnetting to the Switch>


Regards,


Mike

Correct Answer by lamav about 9 years 5 months ago

Hi:


I didn't know the switch was out of the box....


Revised L2 Switch Config:


vtp domain

vtp mode transparent


vlan 2

name office-internal


vlan 3

name External-Co


vlan 4

name External-ext


vlan 10

name management_vlan


interface gigabitethernet 2/1

description Access Port for Office Vlan

switchport

switchport mode access

switchport access vlan 2

no shut

(Do this for any access port you want to place in the vlans you created)


interface gigabitehternet 1/1

description Trunk Uplink to Router

switchport

switchport mode trunk

switchport trunk encapsulation dot1q

no shut



interface vlan 10

description Management_vlan

ip address


ip default-gateway


=============================================


Since all you have to do is have the L2 switch configured, we can call your request completed then, right? If yo uneed help with the L3 portion of it, you can post another request later.


Here is a link that can be useful. Check it out.


http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/config.html


If I have helped you, please rate this post.


Thanks


Victor


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
lamav Tue, 02/26/2008 - 15:52
User Badges:
  • Blue, 1500 points or more

L2 switch configuration:


vlan 2

name office-internal


vlan 3

name External-Co


vlan 4

name External-ext


interface gigabitethernet 2/1

description Access Port for Office Vlan

switchport

switchport mode access

switchport access vlan 2

no shut

(Do this for any access port you want to place in the vlans you created)


interface gigabitehternet 1/1

description Trunk Uplink to Router

switchport

switchport mode trunk

switchport trunk encapsulation dot1q

no shut



interface vlan 1

description Management_vlan

ip address


ip default-gateway


=============================================


They may want this switch to only perform L2 functions, which is fine, but you have to configure the L3 SVIs for each vlan on the routed node to which your switch will be uplinked. You will also have to add them to the STP and HSRP domains.


Do you know how to do that on the L3 switch?

m-abooali Tue, 02/26/2008 - 16:08
User Badges:

Thanks for your quick response.


do i need to define the VTP domian too?


they want it to perform only L2 vlan finctionality but i am not sure about the STP and HSRP domian on the L3 switches?


I have done it in the past but I don't remember exactly what I did.

I appreciate any help that you can extend to me.


they want to have this connected to two Netscreen Firewalls, fo that they have two external VLANS (with external IP blocks) and then to two Cisco 3845 routers and out to the Internet. I will be taking cae of the router and BGP sinc ether will be two circuits going out, a ds3 and 100 MB ethernet link but must waite for AS# so for now, they will go out of the one 100 MB etherlink only. all static.


All I need to do now is to have this switch ready with the vlans listed above and give it an Ip address for managemnet/telnet.


can the IP addeess be given to any othet VLAN but not VLAn 1? my boss doesn't like to use VLAN1?


Please advise.


Regards,


Mike.


regrads,


Mike

Correct Answer
lamav Tue, 02/26/2008 - 16:36
User Badges:
  • Blue, 1500 points or more

Hi:


I didn't know the switch was out of the box....


Revised L2 Switch Config:


vtp domain

vtp mode transparent


vlan 2

name office-internal


vlan 3

name External-Co


vlan 4

name External-ext


vlan 10

name management_vlan


interface gigabitethernet 2/1

description Access Port for Office Vlan

switchport

switchport mode access

switchport access vlan 2

no shut

(Do this for any access port you want to place in the vlans you created)


interface gigabitehternet 1/1

description Trunk Uplink to Router

switchport

switchport mode trunk

switchport trunk encapsulation dot1q

no shut



interface vlan 10

description Management_vlan

ip address


ip default-gateway


=============================================


Since all you have to do is have the L2 switch configured, we can call your request completed then, right? If yo uneed help with the L3 portion of it, you can post another request later.


Here is a link that can be useful. Check it out.


http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/config.html


If I have helped you, please rate this post.


Thanks


Victor


m-abooali Tue, 02/26/2008 - 17:06
User Badges:

Victor,


Thanks and yes this will do.


One thing though, I have a SUP 6 and I would like to use the Ten Gig uplink (two of them, one link per router connection, since there are two routers) to be configured as the trunk. will this change the scenario at all?


I am going to rate this post complete and I am totally satisfied with your explanation and directions. Please respond on having the two interfaces on the SUP6E, Tengigi uplink to be configured as Trunk? can I do that ports being on the SUP? i guess, i can since this is the whole reason for the uplinks?


Please advise.


Mike

lamav Tue, 02/26/2008 - 17:38
User Badges:
  • Blue, 1500 points or more

Mike:


You are correct. There is absolutely no problem with using the Ten Gigabit Ethernet ports on the SUP module as uplinks to the 2 routers. Thats what they're there for! :-)


If you have 2 SUP modules, use one Ten Gig port from each of them for diversity in th eevent of a SUP failure. I am not 100% sure, but I believe the uplinks on the standby SUP 6 (if you have one installed) are also active, even though the SUP itself is in a standby state. I would have to look it up...


Lastly, you will have to configure STP now that you are using more than one uplink.


Do you have Spanning Tree deployed on your network? Can you go to another L2 switch and check out the configuration there?


I am asking so that I can make the correct recommendation for the "flavor" of STP to use -- rstp, MST, etc.


Most likely, you will wan to configure rapid pvst+, which converges the fastest in th eevent of an uplink failure.


Thi sis how you woul denable it on your 4510 switch:


spanning-tree mode rapid-pvst

spanning-tree portfast bpduguard


So, again the final revised switch configuration will be:


spanning-tree mode rapid-pvst

spanning-tree portfast bpduguard


vtp domain

vtp mode transparent


vlan 2

name office-internal


vlan 3

name External-Co


vlan 4

name External-ext


vlan 10

name management_vlan


interface gigabitethernet 2/1

description Access Port for Office Vlan

switchport

switchport mode access

switchport access vlan 2

spanning-tree portfast

no shut

(Do this for any access port you want to place in the vlans you created)


interface gigabitehternet 1/1

(interface TenGigabitEthernet 4/1)<---If you are going to use the Ten Gig uplinks on the SUP 6 module.

description Trunk Uplink to Router

switchport

switchport mode trunk

switchport trunk encapsulation dot1q

no shut



interface vlan 10

description Management_vlan

ip address


ip default-gateway


=============================================


Good luck!


Victor




m-abooali Tue, 02/26/2008 - 18:10
User Badges:

Thanks buddy.


I will have two SUPs as soon as I get it from Cisco. This is very hot item and I had to wait one month for this one to arrive but of course after escalating its shipment!


for now, I will have both the uplinks on the one SUP6 but what has confifused me is the port/interface numbering on the SUP:


I have:


in Slot 5, one SUP6E, ten gig


so, Int TenGig 51/1 through 5/6


but there are 4 uplink ports/interfaces within the rectangle frawing on the face of the SUP labled SPF upling, 3,4,5 and 6 so i wil assume that ports 1 and 2 are the console and the managemnet (10/100/1000) or the two USBs?


I will go ahead and assign int/ports 10 gigi uplinks 3 and 4 as uplink in trunking mode and will devide the ports on the 5 blades (RJ45) between the VLANS with teh exception of one port for managemnet or VLAn 10 as you put it.


does this sound right to you? I don't know if you have seen the SUP6 and I cannot expect that you know they way ports are set and labled on it but I tried to explian it as I was seeing them listed.


this switch will go to a remote office tomorrow to act as a core switch so it will be one office and one switch with all users and servers connecte to this same switch! having said that, i don't know if Spanning_tree come into account but i will go ahead and out the config in there as you mentioned that, it won't hurt at all.


Other offices for the same company has Core Extreme Switches and i don't know how they are configured as far as the STP is concern but I will be changing them to Cisco Switches in a few months.


Please advise if anything comes to mind based on this last peices of information that i just provided.


Once again, i thank you very much.


Regards,


Mike.


lamav Tue, 02/26/2008 - 20:16
User Badges:
  • Blue, 1500 points or more

Mike:


The Supervisor 6 ships standard with either 2x10-Gigabit ports or 4x1-Gigabit. Given your lack of experience in this regard, the best way to see which interfaces are available is for you to console into the switch and do a "sh run." A blank configuration with the available interfaces will appear. Then you will know how to name the 10-GE interfaces.


Remember, the Supervisor 6 modules should be placed in slots 4 and 5 of the 4510 chassis.


Also, as far as Spanning Tree (STP), it is used to prevent a switching loop when you have redundant data paths in your switched network. It is an absolute necessity to deploy. Just to give you an example of how STP works, if you have 2 switches, A and B with 2 trunks connected between them, one of those trunks will be blocking traffic and the other will be the only one forwarding traffic. If that forwarding trunk fails, STP will put the other one in a forwarding state. This is just a brief and simple explanation, but Im sure you get the idea now. A switching loop can wreak havoc on your network and shut down your entire environment.


On that note, I am going to drink my hot milk and crash!


Adieu and good luck!


Shukrun...


Victor

m-abooali Wed, 02/27/2008 - 09:27
User Badges:

Thanks much. all is confugred and ready to go. except that he didn't want the trumk ports so i only distributed the ports between the vlans. it seems that he want Netscreens and routers to act as an end device and participate in the sma evlans!


this doesn't make sense to be at all! why not having two trunk ports?


well, I did as they wante it to be and thanks for your help.


Regards,


Mike

Actions

This Discussion