Solved: VLAN on L3 switch

paulc · ‎03-31-2008

I know that I can configure separate VLAN's on a L2 switch and then set port to trunk so all VLAN traffic passes. But what happens if I make a port on a L3 switch a different VLAN. How would this device communicate with other VLAN's?

lamav · ‎03-31-2008

Paul:

Youre right

An ACCESS switch port is used to plug devices into them.

example for L2 switch:

vlan 10

name Acc vlan

vlan 11

name corporate vlan

interface gigabitethernet 0/1

switchport

switchport mode access

switchport access vlan 10

interface gigebitethernet 0/2

switchport

switchport mode access

switchport access vlan 11

Now you can plug a device that is supposed to be on vlan 10 or vlan 11 into the corresponding ports.

A TRUNK port is used as an AGGREGATE port to carry traffic from multiple vlans into/out of the switch. The trunk port will be the uplink from the L2 switch to the L3 switch, which will have the L3 interfaces configured on them.

Example:

interface gigebitethernet 0/4

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 10,11

This port is used to carry vlan 10 traffic and other traffic from other vlans you may have configured on the switch.

=============================================

Example for L3 switch:

interface gigabitethernet 0/4

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 10,11

To route between vlans you need to do this:

interface vlan 10

description vlan 10 routed interface

ip address 10.10.10.2 255.255.255.0

interface vlan 11

description vlan 11 routed interface

ip address 10.10.11.2 255.255.255.0

Got it now?

Victor

View solution in original post

vasiliev1984 · ‎03-31-2008

By default Cisco Catalyst not enabled routing between different SVI (Switched Virtual Interface). All PC in different domain can ping SVI interface in homed VLAN (PC placed at this VLAN), but can not ping other hosts from other VLAN's. If you need communicate different hosts with different VLAN's you should enable L3 forwarding function using command â€œip routingâ€.

lamav · ‎03-31-2008

Paul:

What do you mean "make a port on a L3 switch a different vlan"?

To be able to route between vlans, you need a router or an L3 switch. On that device, you will configure L3/routed interfaces for each vlan so that traffic can leave/enter the vlan.

The trunk is needed in the event that you have multiple vlans configured on an L2 switch and need to transport that traffic to another switch. The trunk will be configured to carry traffic from multiple vlans.

I dont know if I answered your question.

If I did, feeel free to rate my post.

Victor

paulc · ‎03-31-2008

In our I/S dept., many devices (pc's, servers, etc) are connected to the 4006.

So, for example, Acc has 6 pc's that need to be on their own VLAN but need access to "corporate" vlan.

Reading your answer, I assume, then, that the Acc devices would be plugged into a L2 and then trunking enabled on the L2 to the L3?

vasiliev1984 · ‎03-31-2008

Trunking primary it's for backbone connection between switches, router's (router on stick to route traffic between different VLAN's) and servers (server on stick to offer services with different VLAN's). If you want to forward traffic between different VLAN, you should use router or it your Switch it is supported Layer 3 functional configure routing between this VLAN's. Next, you can see just sample configuration to enable routing at Cisco Catalyst switches:

!

ip routing

!

vlan 1

name A

!

vlan 2

name B

!

interface Vlan 1

ip address 10.10.10.1 255.255.255.0

no shutdown

!

interface Vlan 2

ip address 20.20.20.1 255.255.255.0

no shutdown

!

After you enter this configuration and put the hosts in the this VLAN, you should communicate between host with VLAN A and B (but if you configure gateway at this hosts :)).

lamav · ‎03-31-2008

Paul:

Youre right

An ACCESS switch port is used to plug devices into them.

example for L2 switch:

vlan 10

name Acc vlan

vlan 11

name corporate vlan

interface gigabitethernet 0/1

switchport

switchport mode access

switchport access vlan 10

interface gigebitethernet 0/2

switchport

switchport mode access

switchport access vlan 11

Now you can plug a device that is supposed to be on vlan 10 or vlan 11 into the corresponding ports.

A TRUNK port is used as an AGGREGATE port to carry traffic from multiple vlans into/out of the switch. The trunk port will be the uplink from the L2 switch to the L3 switch, which will have the L3 interfaces configured on them.

Example:

interface gigebitethernet 0/4

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 10,11

This port is used to carry vlan 10 traffic and other traffic from other vlans you may have configured on the switch.

=============================================

Example for L3 switch:

interface gigabitethernet 0/4

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 10,11

To route between vlans you need to do this:

interface vlan 10

description vlan 10 routed interface

ip address 10.10.10.2 255.255.255.0

interface vlan 11

description vlan 11 routed interface

ip address 10.10.11.2 255.255.255.0

Got it now?

Victor

paulc · ‎03-31-2008

Crystal clear, Victor. Thanks for taking the time. When I first started out, we had a pretty small, flat network but it's grown quite a bit so now I have to start looking at separate VLAN's.

lamav · ‎03-31-2008

You got it, Paul. Good luck.

Thanks