VLAN / Subnets

Unanswered Question
Jun 9th, 2008

I currently have an 837 with two subnets off it, one attached to the eth0 interface and one attached to the eth2 interface, each one has a small switch and a bunch of pcs behind.

The subnet attached to the eth0 is 192.168.10.0/24 and 192.168.64.0/24 on eth2 and there is some static nat setup for servers behind each. This works fine with no problems, both subnets can get out onto the internet and pcs on each can route to the other. I have been asked to do a similar setup for a customer but using an 878 router.

The problem i have with my limited knowledge is that the 878 doesn't have any ethernet interfaces so i would like to know if the same or similar is possible using VLANs, i have made the assumption that VLAN1 interface which currently has an IP address can be configure to be used by only one of the fast ethernet ports and that i can create another VLAN interface and configure another fast ethernet port to only use that one and attached to each one of these have a switch.

I'm hoping that this sort of setup will alow me to have the two subnets with server(s) in each that can have static nat. I appreciate any help in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (4 ratings)
Loading.
spremkumar Mon, 06/09/2008 - 22:12

Hi

As per the data sheet it does support 2 VLANs with base image.

i think it suits your requirement of having 2 vlans to have subnets configured under each vlans.

with advanced ip services feature set you can look out for 4 vlans which may solve your purpose in the future if you require more vlans to be configured.

http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6200/product_data_sheet0900aecd8028a976.html

regds

I looked up some info on the 870 series and the 878 should support 4 802.1q VLANs on Advanced IP Services IOS image.

Product data info indicates the unit has 4 port integrated switch and this should serve your requirements for the 2 vlans.

You will configure your lan interfaces as subinterfaces and tag them as required for your vlans.

IainTrade Tue, 06/10/2008 - 08:19

Guys

Thanks for the confirmation, do you know of any samples i can check out?

with regards being able to do it on the base image, it doesn't appear to let you add to the vlan database.

You do not access the vlan database on router. I'm not too familiar with small router like 870 series, but here is a snip from an 1841.

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 192.168.1.1 255.255.255.0

!

interface FastEthernet0/0.5

encapsulation dot1Q 5

ip address 192.168.2.1 255.255.255.0

!

Note do no shut on int fas 0/0 "in this case" and no shut on sub interfaces as they are configured. Set encaps with vlan tag before IP address on sub int. the ports on the device may be configured as

switchport mode access

!

switchport access vlan X

!

Hope this helps..

IainTrade Sat, 06/14/2008 - 14:46

Thanks for the help guys, it turned out the following did the trick:

interface FastEthernet2

switchport access vlan 2

!

interface FastEthernet3

switchport access vlan 3

!

interface Vlan1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan2

ip address 10.0.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan3

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

Can you tell me what the following means though, and is it something i need to be worried about:

*Mar 3 12:13:49.809: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet2 (2), with Router FastEthernet3 (3).

Cheers again,

Iain

rp_harris Sun, 06/15/2008 - 03:24

A port can be set to diiferent modes most commonly basic modes of either "access or trunk" a trunking port forwards all vlans by default an access port normally identifies itself with native vlan "1" unless instructed to do otherwise. If the ports that are connected are different native vlans then this will give you a message like the one you are seeing.

IainTrade Sun, 06/15/2008 - 03:38

Thanks for that, according to my above config then, does this mean that some other device on the network is passing traffice between the two lans or is it because they are both on this router? And also will it cause any problems?

Thanks a lot for all your help,

Iain

IainTrade Sun, 06/15/2008 - 03:38

Thanks for that, according to my above config then, does this mean that some other device on the network is passing traffice between the two lans or is it because they are both on this router? And also will it cause any problems?

Thanks a lot for all your help,

Iain

cisco steps Sun, 06/15/2008 - 04:53

Man , I love reading this topic, for me as a beginner. I can totaly picture what you trying to do. keep it up . good questions and good answers .. \

good luck

rp_harris Tue, 06/17/2008 - 06:01

It is because they are on the same router.

It will cause your log to fill with native vlan mismatch statements, but it may work for you unless you try to configure additional functions i.e. vlan pruning, voice vlan,ect. would the router let you set up subinterfaces? I'm away on vacation now, but may try to look nto the 837 and see what config options are offered seems to me that if vlans are supported then trunking must be supported well see.

IainTrade Tue, 06/17/2008 - 06:50

Thanks for you help once more, can you tell me what i need to do to correct this, as i'm assuming it is an incorrect config? Also the router i am setting this up for is an 877, the 837 i have doesn't use VLANs i just have two routed subnets using the ethernet0 and ethernet2 interfaces.

Cheers

Iain

bret Tue, 06/17/2008 - 08:05

The switch port you are connecting to the router needs to be set up in the same native vlan as your router interface. Once you make this change your error message should go away.

Actions

This Discussion