cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1094
Views
10
Helpful
17
Replies

Inter-VLAN Routing and existing network

danielsormsby
Level 1
Level 1

Good afternoon!

Maybe you fine folks can help me - Trying to add another subnet to internal network (to eventually transition to this new subnet). Going to use VLAN's for this, but don't know how to create a VLAN and have it route to the existing network for web access, etc. Any suggestions?

(I've got a Catalyst 3560E That i'd like to use to create the VLAN and do the routing between the new subnet and the old)

Thanks!

1 Accepted Solution

Accepted Solutions

Daniel

First thing that stands out -

"on the 206.97.124.0 side, a machine with the ip 206.97.124.4 w/ a gateway of 206.97.124.1"

I thought you wanted to do inter-vlan routing on the switch ? but you are using a different device 206.97.124.1 as the default-gateway.

If you want to use 206.97.124.1 as the default-gateway for vlan 1 machines then you need to add a route to that device to tell it how to get to the new vlan 2 network ie.

ip route 10.5.0.0 255.255.255.0 206.97.124.28

OR

change the default-gateway on the vlan 1 machine to 206.97.124.28

I'll have a look at files and get back to you if there are other issues.

Jon

View solution in original post

17 Replies 17

Jon Marshall
Hall of Fame
Hall of Fame

Daniel

Lets assume you have vlan 1 already on the 3560 with a L3 SVI ie. in the config

interface vlan 1

ip address x.x.x.x

Basic steps to add a new vlan. Assume new vlan is vlan 2 and uses IP subnet of 192.168.5.0/24

1) Create vlan at layer 2

3560(config)# vlan 2

3560(config-vlan)# name v2

2) Create L3 interface for vlan 2

int vlan 2

ip address 192.168.5.1 255.255.255.0

3) enable IP routing on your switch

3560(config)# ip routing

4) vlan 2 L3 interface will not come up until you add at least one port into it or if you have a trunk link on the 3560.

int gi0/10

switchport access vlan 2

the above would add int gi0/10 into vlan 2

5) Any machines you put into vlan 2 must use an address from the 192.168.5.x range and have their default-gateway set to 192.168.5.1

Jon

Jon,

I still can't seem to get it to work. Config is below:

Switch#show run

Building configuration...

Current configuration : 2370 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

!

no aaa new-model

system mtu routing 1500

ip subnet-zero

ip routing

!

!

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

interface FastEthernet0

no ip address

shutdown

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

!

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

switchport access vlan 2

!

interface GigabitEthernet0/11

!

interface GigabitEthernet0/12

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface GigabitEthernet0/29

!

interface GigabitEthernet0/30

!

interface GigabitEthernet0/31

!

interface GigabitEthernet0/32

!

interface GigabitEthernet0/33

!

interface GigabitEthernet0/34

!

interface GigabitEthernet0/35

!

interface GigabitEthernet0/36

!

interface GigabitEthernet0/37

!

interface GigabitEthernet0/38

!

interface GigabitEthernet0/39

!

interface GigabitEthernet0/40

!

interface GigabitEthernet0/41

!

interface GigabitEthernet0/42

!

interface GigabitEthernet0/43

!

interface GigabitEthernet0/44

!

interface GigabitEthernet0/45

!

interface GigabitEthernet0/46

!

interface GigabitEthernet0/47

!

interface GigabitEthernet0/48

!

interface GigabitEthernet0/49

!

interface GigabitEthernet0/50

!

interface GigabitEthernet0/51

!

interface GigabitEthernet0/52

!

interface TenGigabitEthernet0/1

!

interface TenGigabitEthernet0/2

!

interface Vlan1

ip address 206.97.124.28 255.255.255.0

shutdown

!

interface Vlan2

ip address 10.5.0.2 255.255.252.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 206.97.124.1

ip http server

!

!

control-plane

!

!

line con 0

line vty 5 15

!

end

Current subnet is 206.97.124.0 255.255.255.0 (I know, don't tell me)

New Subnet is 10.5.0.0 255.255.252.0

I have a connection to the existing network in int0/5 and my desktop in int0/10.

Any suggestions?

Thanks!

Daniel

interface Vlan1

ip address 206.97.124.28 255.255.255.0

shutdown

your vlan 1 interface is shutdown - any reason ?

int vlan 1

no shut

Jon

I just fixed that :) Still no-go

Daniel

Can you post output of

1) sh ip route

2) sh vlan

3) sh ip int br

which machines/IP addresses are you using to test the connectivity and do these machines have their respective default-gateways set ie.

machine in vlan 1 - 206.97.124.28

machine in vlan 2 - 10.5.0.2

Jon

Jon,

Thanks for all the help!

Various outputs exceeded the limit, they are in a .txt attached.

I'm using the following to test connectivity:

on the 10.5.0.0 Side, a machine with the ip of 10.5.0.3 w/ a gateway of 10.5.0.2

on the 206.97.124.0 side, a machine with the ip 206.97.124.4 w/ a gateway of 206.97.124.1

Again, thanks for all the help!

Daniel

First thing that stands out -

"on the 206.97.124.0 side, a machine with the ip 206.97.124.4 w/ a gateway of 206.97.124.1"

I thought you wanted to do inter-vlan routing on the switch ? but you are using a different device 206.97.124.1 as the default-gateway.

If you want to use 206.97.124.1 as the default-gateway for vlan 1 machines then you need to add a route to that device to tell it how to get to the new vlan 2 network ie.

ip route 10.5.0.0 255.255.255.0 206.97.124.28

OR

change the default-gateway on the vlan 1 machine to 206.97.124.28

I'll have a look at files and get back to you if there are other issues.

Jon

in 10.5.0.0 daniel is using 255.255.252.0 as mask

Daniel

Just checked the file and everything looks okay so i suspect it is the default-gateway issue on vlan 1.

Jon

Jon,

You are the man.

Once I did a ip route from the gateway on the 206.97.124.X subnet, everything worked marvelously.

Thanks again!

"on the 10.5.0.0 Side, a machine with the ip of 10.5.0.3 w/ a gateway of 10.5.0.2 "

hope u r using 255.255.252.0

"on the 206.97.124.0 side, a machine with the ip 206.97.124.4 w/ a gateway of 206.97.124.1 "

Gateway for this should be 206.97.124.28 it is the ip address of ur vlan 1.

Edit:

redundant info deleted - sorrrry

:-/

Hi Jon, your explanations are really useful!

I have a tech. problem with 3750. I have configured vlan1 10.20.20.1 (10.20.20.0/24 net) with fa2/0/2-12, ip routing up. I'm going to have vlan2 10.20.25.1 (net 10.20.25.0/24) with fa2/0/14-20. I'm trying to get them visible with each other (unsuccessfully yet), it means interVLANs routing on the same switch. If I assign IP to the vlan, then they have L3 interfaces and they have fastE. interface assigned and up. I cannot understand where routing interface should be. Can I use gigEthernet for it? Should I assign GE to vlan and what vlan? Switch is VTP server. Apart of that I'm going to use ge2/0/2 as connection to 7200. Can I use one interface for routing purposes? Didn't manage to dig up answers on site yet.

Thanks a lot,

Vlad

Vlad

Do you want the 3750 to route between your vlans or do you want the 7200 to do it. Ideally i suspect you want the 3750. If so can you post config of both 3750 and 7200 and we can go from there.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco