router with 802.1q strange request

Unanswered Question
Mar 20th, 2009
User Badges:

Hi,



it is a strange request but I have 2 sites with a layer2 link where 802.1q is supported.


For a while, I need to install a router on one side to separate the flow.

But

1 - vlan 1 must be share by both sites with differents networks and the router must terminate the flow and route the trafic.


2 - Others vlans are no routable but must be pass through the router.


For second request do I need to use bridge mode ?



config are like this

________________________________

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.1.1.1 255.255.2550

!

interface FastEthernet0/0.100

description VLAN

encapsulation dot1Q 100


interface FastEthernet0/1.1

encapsulation dot1Q 1 native

ip address 10.1.2.1 255.255.255.0

!

interface FastEthernet0/0.100

description VLAN

encapsulation dot1Q 100



Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Sat, 03/21/2009 - 06:43
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Eric,

the possibility to bridge over vlan subifs is IOS and platform dependent.

You can verify if you router accepts it.


You need to define a bridge-group for each pair of vlans you want to bridge or it will be a terrible mess.


bridge 1 protocol ieee


int f0/0.100

no ip addr

bridge-group 1


int f0/1.100

no ip addr

bridge-group 1


then bridge-group 2 for another pair of Vlans and so on.

Verify also the max number of bridge-groups you can create they can be less then the number of vlans that need to be bridged.


I would consider if it is a possible solution to bypass the router totally: actually almost all vlans just need to be propagated like in a l2 trunk.

you can remove vlan1 in the list of permitted vlans on both sides and you have a working solution with no bottlenecks.

Locally on each site one device will provide the default gateway for the vlan1.


Only possible problem of a partitioned vlan1 is vtp: if you use vtp you need to deploy it in two vtp domain on the two sides of the link


Hope to help

Giuseppe


Actions

This Discussion