Adding New Vlan in a Flat Network LAN

emmanuel_s · ‎08-13-2008

Hi Cisco Gurus,

I have a LAN running in a flat network. The devices are 1 L3 switch and 3 L2 switch and 1 router. Currently no VLAN is configured, and all are running in VLAN 1.

We are planning on LAN expansion and we will be using another subnet. My problem is, what's the best configuration for this requirement? My concerns are as follows:

1. Can I retain the existing configuration, meaning the existing subnet will be in VLAN 1 and the new VLAN on VLAN 2?

2. For interVLAN routing, I plan to do the following configs in my L3 switch:

-ip routing (to enable L3 functionality)

-interface vlan2, with IP address (for SVI on new VLAN)

-configure encapsulation trunk on switch-to-swtich ports

=are these configurations enough?

Thanks in advance for those who will reply!

Emman

smothuku · ‎08-14-2008

Hi ,

Yes , you can do same thing..

L3 : 1. create Vlan 2 and assign IP to that Vlan.

Ip routing i.e inter vlan routing should be done on L3 itself.

Configure three ports as trunk ports to connect L2 switches.

If you want to have control over L2 switches , create Vlan 2 on all L2 switches.

assign IP address to all three and configure ip default-gateway as Vlan 2 Ip address of L3 Switch.

Configure one port of L2 as trunk to connect it to L3 switch.

The purpose is you can place servers or PC either in Vlan 2 or in Vlan 1 according to requirement .

Thanks,

Satish

emmanuel_s · ‎08-14-2008

hi Satish,

Thanks for your helpful advice! I will try to implement this in our production tonight and keep you updated of the outcome...thanks again!

Brgds,

Emman

Marwan ALshawi · ‎08-14-2008

hi Emman

just for ur information

the config i have posted

fuuly oerational

and if u find if configurable then it will be very useful for u

and good luck

Marwan ALshawi · ‎08-14-2008

hi Emmanuel

just follow the folowing instructions and evry thing will be ok

first i will use an example for u to make easy and u can use in ur network aswel

vlan 2 192.168.2.0 / 24

vlan 3 172.16.1.0 /24

first configure the L2 switches as following

vlan 2

name vlan_2

vlan 3

name vlan_3

the folowing config on the switch i asume u have 2950 which use only encapsulation dot1q

lets say this is the port connect the two swtches L2 and L3

interface fa 0/24

switchport mod trunk

no shut

and the folowing example for two access port connected to the client invlan2 and 3

interface fa 0/1

switchport mode access

switchport access vlan 2

spanning-tree portfast

no shut

interface fa 0/2

switchport mode access

switchport access vlan 3

spanning-tree portfast

no shut

now let move to L3 switch

in this switch i will configure DHCP for u for each vlAN IN ths case u dont need to add ip address to each client connect to the access ports

first lets configure the interface connect to the L2 switch trunk

int fa 0/24

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

creat vlan 2 and 3

vlan 2

name vlan_2

vlan 3

name vlan_3

now lets crea layer three vlan interfaces SVI

interface vlan 2

ip address 192.168.2.1 255.255.255.0

no shut

interface vlan 3

ip address 172.16.1.1 255.255.255.0

no shut

now let enable L3 routing between vlans enter this command

IP routing

now lets configure the DHCP and notice that each vlan will use the corsponding SVI as a default gate way

ip dhcp pool vlan2

network 192.168.2.0 /24

default-router 192.168.2.1

ip dhcp pool vlan3

network 172.16.1.0 /24

default-router 172.16.1.1

ip dhcp excluded-address 192.168.2.1 172.16.1.1

now lets go to the last stage which is th connectivity wiith router

i will use here static route and default route

and the connection between the L3 switch and the router interface will be over layer three witchport

lets say in L3 u gonna use port fastethernet 0/1 to connect to the router do:

int fa0/1

no switchport

ip address 10.1.1.1 255.255.255.0

no shut

now lets make a default route on the L3 switch point to thr router for internet or any thing els

ip route 0.0.0.0 0.0.0.0 10.1.1.2

where 10.1.1.2 is the router ip address directly connect to the L3 port we just configured

no lets move to the router

lets say the router fa0/1 connected to the L3

interface fa0/1

ip address 10.1.1.2 255.255.255.0

no shut

now lets configure a route for our vlans in the router

ip route 192.168.2.0 255.255.255.0 10.1.1.1

ip route 172.16.1.0 255.255.255.0 10.1.1.1

then configure ur router for any thing else

now the network

fully operational and has vlans and VLAN routing and DHCP

important: if u miss any of the above config command u may loss the connectivity

good luck

please, if helpful rate

emmanuel_s · ‎08-14-2008

Hi Marwanshawi,

thanks a lot for this configuration, I will compare this to my configuration.

sure no problem, will rate your post afterwards...thanks again!

emmanuel_s · ‎08-18-2008

Hi All,

the VLANS are working now.

The existing VLAN before--VLAN 1 can connect now to VLAN 2. After doing all your suggestions, I still cannot ping from VLAN 1 to VLAN 2 because the default-gateways of switches in and hosts in VLAN 1 is pointed to the router's FastEth interface. Since this vLAN is already existing, and it would be impractical to change all hosts' default-gateway setting, I added a default route in the router for the new VLAN:

ip route (VLAN2 subnet) (subnetmask) (L3 switch's FastEth interface)

is this just OK? since after doing this set-up, both VLANS can now communicate bidirectionally.

Thanks for the answers and enlightenment!

Brgds,

Emman

Marwan ALshawi · ‎08-18-2008

although it is not best practice but its good work around and iam happy its work now

good luck