IP phones for remote site 6500 to 3750 over 10mpbs EES10

Answered Question
Oct 6th, 2010
User Badges:

We have a Cisco 6500 at our main site that is running CatOS and has a MSFC2 L3 module.  The 6500 is the VTP server for all local 3750 switches which are vtp clients.   On the local 3750 switches the iphones use vlan 20 and data is vlan 10.  This all works fine for our main campus where all switches are connected back to the 6500 via 1gbps fiber.


We are now adding a remote site which will be connected via a 10mbps fiber circuit (provided by a telco).  We only have a 3750 at the new site, the current configuration (implemented last week) is the L3 routing is carried out on the 6500, i.e the WAN link is currently part of the remote sites subnet and broadcast domain - which is less than ideal!


What is the recommended way to properly configure both switches to enable us to vlan the data and voice for remote sites.  At present the new site has both voice and data on the same vlan (40) the gateway address for this vlan is the interface on the 6500 (which is conneted to the NTE of the telco), the interface on the 6500 is also in vlan 40 making this port part of the remote sites broadcast domain. 


So what is the best way to configure the remote site to allow vlans, or should we not really be doing this configuration.


Any thoughts would be apprecaited.


Correct Answer by Jon Marshall about 6 years 10 months ago

jeff_turl wrote:


Jon, thanks for the info


1 and 2 fine no probs follow that!


3 what is an SVI how is it different?


4 and 5 fine



no probs with the commands, this is what i thought it would be, this assigns vlan 20 to this port on the 6500 and on the 3750 i also assign vlan 20 to the gigabit int connected to the fibre NTE?


So it doesnt matter that the 3750 is not getting the vlan info from VTP server then?  i tried assigning a port to vlan 20, but not assigning the remote site 3750 gigabit interface to vlan 20, this appeared to generate a native vlan mismatch error?


So as for the 3750 at the remote site, i can understand that the int connected to the NTE needs to be on the same subnet and also vlan, do i then just create vlans for voice and data standalone on that switch and then the default-gateway for clients then becomes the LAN interface on that switch.  the switch in turn will have a default gateway passing traffic over the 192.168.5.2 network.


Is this how it would work? is the 3750 switch effectivly becoming a router now?




Thanks

Jeff


Jeff


3 - SVI = Switched Virtual Interface ie.


int vlan

ip address x.x.x.x



So when i say create a vlan in point 2) i mean create a vlan in the vlan database ie. a vlan at L2. You then need to configure a L3 interface for that vlan ie. an SVI.


No it doesn't matter that the 3750 is not getting vlan info with VTP because the vlan info on the 6500 is irrelevant to the 3750. As you correctly say the 3750 would now be acting as a L3 device so the vlans in the branch site would be created on the 3750 and routed on the 3750. The only common vlan to both sites would be vlan 20 from my example.


And yes again you are correct when you say the clients in the local vlans on the 3750 will have their default-gateways set to their respective L3 vlan interface IP addresses on the 3750.


As for the native vlan mismatch easiest thing to do is configure the 3750 as the 2nd option i suggested. Just to be clear though the link between the 6500 and the 3750 should not be a trunk link, it should be an access link with both ports at either end allocated to vlan 20. So on 3750 -


1) create vlan 20

2) create an SVI for vlan 20

3) allocate the port on the 3750 to be in vlan 20.


Again, the only port on the 3750 in vlan 20 should be the port connecting to the 6500.


And don't forget to enable ip routing on the 3750 ie.


3750(config)# ip routing


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Wed, 10/06/2010 - 05:22
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jeff_turl wrote:


We have a Cisco 6500 at our main site that is running CatOS and has a MSFC2 L3 module.  The 6500 is the VTP server for all local 3750 switches which are vtp clients.   On the local 3750 switches the iphones use vlan 20 and data is vlan 10.  This all works fine for our main campus where all switches are connected back to the 6500 via 1gbps fiber.


We are now adding a remote site which will be connected via a 10mbps fiber circuit (provided by a telco).  We only have a 3750 at the new site, the current configuration (implemented last week) is the L3 routing is carried out on the 6500, i.e the WAN link is currently part of the remote sites subnet and broadcast domain - which is less than ideal!


What is the recommended way to properly configure both switches to enable us to vlan the data and voice for remote sites.  At present the new site has both voice and data on the same vlan (40) the gateway address for this vlan is the interface on the 6500 (which is conneted to the NTE of the telco), the interface on the 6500 is also in vlan 40 making this port part of the remote sites broadcast domain. 


So what is the best way to configure the remote site to allow vlans, or should we not really be doing this configuration.


Any thoughts would be apprecaited.



Jeff


I'm a bit confused because if your connection is a L2 connection and you are doing routing on the 6500 why have you used a separate vlan in the remote site for data + voice. You can simply extend vlan 10 and vlan 20 to the remote site making the interconnect between sites a L2 trunk.


Having said that i'm not in favour of doing this unless you need the same L2 vlan across both sites. If you don't and it doesn't sound like you do then i would simply use L3 routed ports to connect your sites, and have the 3750 in the remote site route the data and voice vlans, having a separate vlan for each.


Edit - with the L3 routed connection you would then obviously need to either -


1) use static routes between sites


or


2) run a dynamic routing protocol - EIGRP/OSPF to exchange routes between sites.


Jon

jeff_turl Wed, 10/06/2010 - 06:31
User Badges:

Jon, thanks for the reply, i think the setup stems from lack of understanding of the CatOS, we are happy configuring

IOS.  I see your point about why are we using layer 2 and dont just extend the vlan.  I guess i am after some advice on what is best practice?


I personally would prefer to have a use layer 3 and properly route between the main and remote site as opposed to using the current config.


As far as i can see on the CatOS we can only assign a port to a vlan or make a port a trunk port in CatOS.  I couldnt see how to assign a L3 address to a port, i had in mind i would be able to have the following config:


Remote site uses IP subnet 2

Main site uses IP subnet 1

WAN interface of local site subnet 3

WAN interface of remtoe site subnet 3


Then configure routing on the 6500 accordingly and vice versa on the 3750, The cisco 3750 switches are base image and so dont include the routing, but we can set at the minimum a default route, and a static route on teh 6500.


Problem is i cant see how to configure the 6500 to do this!


Also, typically would you have a differnt vlan for the remote site to the main site for both voice and data? i assume that if you go for a routed setup as opposed to a layer 2 setup the VTP server would no longer be the 6500 as i assume this is not routed?

Jon Marshall Wed, 10/06/2010 - 07:13
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jeff


Ah sorry i missed the bit about the 6500 being CatOS. You are right you can't have a L3 routed port with CatOS. So you do this instead -


1) choose a subnet for the point to point link between the sites eg. 192.168.5.0  255.255.255.252


2) on the 6500 create a new vlan purely for this link ie. the only port in this vlan on the 6500 is the one that connects to the 3750


3) on the 6500 create a L3 SVI for that vlan


4) allocate the port on the 6500 that connects to the 3750 into that vlan


5) on the 3750 you can either do the same as above or just create a L3 routed port so -


(apologies if CatOS command not entirely accurate, i'm a little rusty on CatOS now !)


on the switch -


6500# set vlan 20


6500# set vlan 20 2/1  <---- where port 2/1 is the one connected to the 3750


on the MSFC -


int vlan 20

ip address 192.168.5.1 255.255.255.252

no shut



then on the 3750 -


int gi0/1

no switchport

ip address 192.168.5.2 255.255.255.252


or as i say create a vlan 20  + L3 SVI and allocate port into vlan 20, either will work.


then as you only have IP Base on 3750 you will need statics. As you say a default-route on the 3750 pointing to 192.168.5.1 would work fine. On the 6500 you would need to have a route for each subnet so i suggest you allocate a block to the new site that can be summarised with one route statement.


As for VTP, well -


1) it won't be a trunk and you don't need a trunk


2) you will have different vlans at the other site anyway.


Jon

jeff_turl Wed, 10/06/2010 - 08:55
User Badges:

Jon, thanks for the info


1 and 2 fine no probs follow that!


3 what is an SVI how is it different?


4 and 5 fine



no probs with the commands, this is what i thought it would be, this assigns vlan 20 to this port on the 6500 and on the 3750 i also assign vlan 20 to the gigabit int connected to the fibre NTE?


So it doesnt matter that the 3750 is not getting the vlan info from VTP server then?  i tried assigning a port to vlan 20, but not assigning the remote site 3750 gigabit interface to vlan 20, this appeared to generate a native vlan mismatch error?


So as for the 3750 at the remote site, i can understand that the int connected to the NTE needs to be on the same subnet and also vlan, do i then just create vlans for voice and data standalone on that switch and then the default-gateway for clients then becomes the LAN interface on that switch.  the switch in turn will have a default gateway passing traffic over the 192.168.5.2 network.


Is this how it would work? is the 3750 switch effectivly becoming a router now?




Thanks

Jeff

Correct Answer
Jon Marshall Wed, 10/06/2010 - 09:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jeff_turl wrote:


Jon, thanks for the info


1 and 2 fine no probs follow that!


3 what is an SVI how is it different?


4 and 5 fine



no probs with the commands, this is what i thought it would be, this assigns vlan 20 to this port on the 6500 and on the 3750 i also assign vlan 20 to the gigabit int connected to the fibre NTE?


So it doesnt matter that the 3750 is not getting the vlan info from VTP server then?  i tried assigning a port to vlan 20, but not assigning the remote site 3750 gigabit interface to vlan 20, this appeared to generate a native vlan mismatch error?


So as for the 3750 at the remote site, i can understand that the int connected to the NTE needs to be on the same subnet and also vlan, do i then just create vlans for voice and data standalone on that switch and then the default-gateway for clients then becomes the LAN interface on that switch.  the switch in turn will have a default gateway passing traffic over the 192.168.5.2 network.


Is this how it would work? is the 3750 switch effectivly becoming a router now?




Thanks

Jeff


Jeff


3 - SVI = Switched Virtual Interface ie.


int vlan

ip address x.x.x.x



So when i say create a vlan in point 2) i mean create a vlan in the vlan database ie. a vlan at L2. You then need to configure a L3 interface for that vlan ie. an SVI.


No it doesn't matter that the 3750 is not getting vlan info with VTP because the vlan info on the 6500 is irrelevant to the 3750. As you correctly say the 3750 would now be acting as a L3 device so the vlans in the branch site would be created on the 3750 and routed on the 3750. The only common vlan to both sites would be vlan 20 from my example.


And yes again you are correct when you say the clients in the local vlans on the 3750 will have their default-gateways set to their respective L3 vlan interface IP addresses on the 3750.


As for the native vlan mismatch easiest thing to do is configure the 3750 as the 2nd option i suggested. Just to be clear though the link between the 6500 and the 3750 should not be a trunk link, it should be an access link with both ports at either end allocated to vlan 20. So on 3750 -


1) create vlan 20

2) create an SVI for vlan 20

3) allocate the port on the 3750 to be in vlan 20.


Again, the only port on the 3750 in vlan 20 should be the port connecting to the 6500.


And don't forget to enable ip routing on the 3750 ie.


3750(config)# ip routing


Jon

jeff_turl Thu, 10/07/2010 - 08:26
User Badges:

Thanks Jon, i have setup a test environment today and it works really well.  I did get caught out when enabling ip routing i had to change the default route from ip default-gateway over to ip route 0.0.0.0 0.0.0.0, apart from that all is working well.


Thanks for all your assistance.


Regards
Jeff

Jon Marshall Thu, 10/07/2010 - 08:42
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jeff


No problem, glad you got it working.


And apologies, i should have mentioned having to change default-gateway to default-route.


Jon

Actions

This Discussion

Related Content