so If I want I could specify 10 more different networks for VLAN 1

interface Vlan1
ip address 192.168.1.14 255.255.255.240 secondary
ip address 10.1.1.254 255.255.255.0

xxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxx

and it would work with only 1 dhcp range active but I can connect to any port right ?

But the ideal is to create VLAN2, 3, 4 etc but to add another vlan is it correct like this...

config    vlan 2

            name Guests

How do I specify the 192. range for vlan 2 and is it correct to not specify an ip address for each port or is it better to assign each port with an ip address and vlan

Actually I do not need to 2 vlans to see eachother, I only need them to both access the gateway ( Internet )

aconticisco wrote:
so If I want I could specify 10 more different networks for VLAN 1
interface Vlan1
ip address 192.168.1.14 255.255.255.240 secondary
ip address 10.1.1.254 255.255.255.0
xxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxx
and it would work with only 1 dhcp range active but I can connect to any port right ?
But the ideal is to create VLAN2, 3, 4 etc but to add another vlan is it correct like this...

config    vlan 2
            name Guests
How do I specify the 192. range for vlan 2 and is it correct to not specify an ip address for each port or is it better to assign each port with an ip address and vlan
Actually I do not need to 2 vlans to see eachother, I only need them to both access the gateway ( Internet )

After a quick look at the datasheet it seems that the 857 only supports one vlan so that is why you have 2 ip subnets assigned to the same vlan interface. For more than 1 vlan you would need a different router eg. the 870 series router with the right IOS.

Yes you could add more and subnets as secondary addresses but bear in mind the 857 is only really meant to be for 10 users so ahvign multiple networks routing off it would not make much sense.

You cannot assign the IP to the fast ethernet interfaces because they are only L2 ports ie. you cannot make them L3 ports and thet would need to be L3 ports to assign an IP address to.

Jon

Ok Jon so all the ports are like a switch, therefore thay cannot be assigned an IP address. As you are saying since it supports only 1 vlan it does not make sense to connect to multiple networks as all of them will be in 1 broadcast domain.

So Ideally when purchasing a cisco router it needs to have more than 1 port as layer 3 device so that an address is specifically assigned to it with its particular vlan set otherwise it needs to support more that 1 vlan. Are both situations identical as regards to performance ?

Thanks

aconticisco wrote:
Ok Jon so all the ports are like a switch, therefore thay cannot be assigned an IP address. As you are saying since it supports only 1 vlan it does not make sense to connect to multiple networks as all of them will be in 1 broadcast domain.
So Ideally when purchasing a cisco router it needs to have more than 1 port as layer 3 device so that an address is specifically assigned to it with its particular vlan set otherwise it needs to support more that 1 vlan. Are both situations identical as regards to performance ?
Thanks

Yes, even though you use multiple subnets they are still in one broadcast domain and for this router which is designed for approx 10 users it doesn't really make sense to have multiple subnets.

As for which router to purchase it really depends on what you are trying to do. If you are really concerned with routing between vlans then a L3 switch is a better choice than a router. Switches however have limitations ie. most only take ethernet and your WAN connection may not be ethernet. Most don't support NAT and if you are connecting to the internet you will probably need that etc...

So you could look at some of the other 800 series routers which do support 802.1q. This would allow you to have multiple vlans although note you still can't apply an IP to the fast ethernet directly but you can assign them to different vlans.

Or you could look at some of the ISRG2 routers eg. 1900/2900/3900 which will accept switch modules that can be L3 ports.

It really depends on your requirements ie. number of users/throughput/features etc.

Jon

aconticisco wrote:
Ok Jon so all the ports are like a switch, therefore thay cannot be assigned an IP address. As you are saying since it supports only 1 vlan it does not make sense to connect to multiple networks as all of them will be in 1 broadcast domain.
So Ideally when purchasing a cisco router it needs to have more than 1 port as layer 3 device so that an address is specifically assigned to it with its particular vlan set otherwise it needs to support more that 1 vlan. Are both situations identical as regards to performance ?
Thanks

Yes, even though you use multiple subnets they are still in one broadcast domain and for this router which is designed for approx 10 users it doesn't really make sense to have multiple subnets.

As for which router to purchase it really depends on what you are trying to do. If you are really concerned with routing between vlans then a L3 switch is a better choice than a router. Switches however have limitations ie. most only take ethernet and your WAN connection may not be ethernet. Most don't support NAT and if you are connecting to the internet you will probably need that etc...

So you could look at some of the other 800 series routers which do support 802.1q. This would allow you to have multiple vlans although note you still can't apply an IP to the fast ethernet directly but you can assign them to different vlans.

Or you could look at some of the ISRG2 routers eg. 1900/2900/3900 which will accept switch modules that can be L3 ports.

It really depends on your requirements ie. number of users/throughput/features etc.

Jon

aconticisco wrote:
Ok Jon so all the ports are like a switch, therefore thay cannot be assigned an IP address. As you are saying since it supports only 1 vlan it does not make sense to connect to multiple networks as all of them will be in 1 broadcast domain.
So Ideally when purchasing a cisco router it needs to have more than 1 port as layer 3 device so that an address is specifically assigned to it with its particular vlan set otherwise it needs to support more that 1 vlan. Are both situations identical as regards to performance ?
Thanks

Yes, even though you use multiple subnets they are still in one broadcast domain and for this router which is designed for approx 10 users it doesn't really make sense to have multiple subnets.

As for which router to purchase it really depends on what you are trying to do. If you are really concerned with routing between vlans then a L3 switch is a better choice than a router. Switches however have limitations ie. most only take ethernet and your WAN connection may not be ethernet. Most don't support NAT and if you are connecting to the internet you will probably need that etc...

So you could look at some of the other 800 series routers which do support 802.1q. This would allow you to have multiple vlans although note you still can't apply an IP to the fast ethernet directly but you can assign them to different vlans.

Or you could look at some of the ISRG2 routers eg. 1900/2900/3900 which will accept switch modules that can be L3 ports.

It really depends on your requirements ie. number of users/throughput/features etc.

Jon

So at this point even a layer 2 switch connected to the same router is better that the current situation since at least I would segment both networks and divide the broadcast domain. in 2

aconticisco wrote:
So at this point even a layer 2 switch connected to the same router is better that the current situation since at least I would segment both networks and divide the broadcast domain. in 2

No, because you still can't segregate the vlans at L3 on the router.

Jon

Thank you for the information,

what I still cannot understand is why I would not be better when connecting a layer 2 switch then leaving things as they are.

Current situation is that I have both networks connected to 1 vlan ( vlan 1 )

If I connect a switch  (layer 2) to the router I can set 1 interface of the switch to accept layer 1 and the other to accept layer 2

There is no need for the 2 networks to speak to eachother, why is this not beter than of having a sigle broadcast domain ?

Thanks

Read the page below about Layer 2 and Layer 3 switches and I think your questions will be answered.  If not, let me know.

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-2/switch_evolution.html

aconticisco wrote:
Thank you for the information,
what I still cannot understand is why I would not be better when connecting a layer 2 switch then leaving things as they are.
Current situation is that I have both networks connected to 1 vlan ( vlan 1 )
If I connect a switch  (layer 2) to the router I can set 1 interface of the switch to accept layer 1 and the other to accept layer 2
There is no need for the 2 networks to speak to eachother, why is this not beter than of having a sigle broadcast domain ?
Thanks

The networks may not need to talk to each other but presumably they both need internet access ?? If so where are you going to route these networks because you can only have one vlan interface on your router. So only one vlan will be able to route to the internet.

You have a switch anyway on the router. You could just as easily assign some of those ports into a different vlan and then you have 2 vlans again but you still have the same problem ie. how would you route those 2 vlans anywhere ?, you can only route one of them.

Jon