ISP providing L2 Link on trunk? have 3560?

Answered Question
Oct 21st, 2009

Intiallay ISP commited to provide link connectivty for over 6 sites on seperate access ports but than they are providing on a single trunk link with different vlan id for each site. I need to terminate it on 3560 (as WAN routing device)that would connect to Core switch 3750 and in turn connect to LAN access swiches.

As per my understanding i cannot make subinterfaces on 3560. I am really confused how to terminate it on 3560 ?

Any suggestion ???

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 7 years 3 months ago

As per Joseph's post, make the port a trunk port.

If you want to route the vlans off this 3560 then you don't create subinterfaces you simply create L3 SVI's on the 3560 ie.

int vlan 2

ip address x.x.x.x x.x.x.x

int vlan 3

ip address x.x.x.x x.x.x.x

etc...

If you are routing off the core 3750 switch then no need to create L3 SVIs, just trunk back to the 3750 from the 3560.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Correct Answer
Jon Marshall Wed, 10/21/2009 - 05:35

As per Joseph's post, make the port a trunk port.

If you want to route the vlans off this 3560 then you don't create subinterfaces you simply create L3 SVI's on the 3560 ie.

int vlan 2

ip address x.x.x.x x.x.x.x

int vlan 3

ip address x.x.x.x x.x.x.x

etc...

If you are routing off the core 3750 switch then no need to create L3 SVIs, just trunk back to the 3750 from the 3560.

Jon

omair.siddiqui Wed, 10/21/2009 - 09:08

Thanks a lot ....that helps a lot.

Yes i do understand that on one side of 3560 i need trunk. For SVI, can u elaborate how routing will work. on remote sites we have routers and we intend to run OSPF on it. Also the provider is throwing internet on same trunk,

Packet goes from HeadOffice to branch

1 -a user on access layer send packet to access switch.

2- Access Switch will send it to core (3750) using default route.

3- Core(3750) running ospf know next hop is 3560 WAN Aggregation Switch.

4- Now on 3560 how routing will send packet to internet and branches???

Joseph W. Doherty Wed, 10/21/2009 - 09:56

For 3560 (and 3750) SVI OSPF routing, works about the same using routed ports, i.e. you just define the SVI interface IP address to OSPF as you would a routed port IP address.

omair.siddiqui Wed, 10/21/2009 - 11:33

Thanks joseph & Jon

Its Almost clear, Last thing is that i also recall now that i do also have ASA 5510 where i will have to secure servers and prevents attacks from internet.

What if i make sub interfaces on ASA to make it work. By design and security point of view which one seems more logical.

Actions

This Discussion