Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
737
Views
0
Helpful
3
Replies

Intervlan routing using a layer-3 switch

Go to solution
rangel321
Level 1
Level 1

‎11-23-2010 04:36 PM - edited ‎03-06-2019 02:11 PM

I have the following scenario:

A layer 3 switch with two connected computers, each one corresponding to a different vlan (200 and 300). The switch is connected to a router using only one fast Ethernet port. How can i configure intervlan routing, with the gateway for vlan 200 in the switch and the gateway for the vlan 300 in the router? I guess I have to enable a routing protocol for the link between the router and the switch. Can someone help me? Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mahesh Gohil
Level 7
Level 7

‎11-23-2010 07:35 PM

Hello eduardo,

I assume below topology

                      ------PC1 (vlan200)

router--->Switch

                      ------PC2 (Vlan300)

For intervaln routing one option is to create two sub-interface(of your single ethernet interface) on routers and taking switch as pure l2. Both sub-interface will be in diferent vlan

with dot1q as encapsulation.

Now If you want your switch to work as l3, ideally you don't need router. just give IP address by creating vlan interface (int vlan200, int vlan300)

But if you have terminated any serial link on router you need to have router .

Your requirement is to have one l3 interface on router and one l3 interface on switch, yes possible

> create interface vlan for vlan200 and give ip to it

> keep vlan300 as it is and terminate it on router

> configure default gateway as a router ip.

But i will prefer the second option (creating both vlan interfrace on switch and passing everything else to router)

Hope this helps

Regards

Mahesh

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mahesh Gohil
Level 7
Level 7

‎11-23-2010 07:35 PM

Hello eduardo,

I assume below topology

                      ------PC1 (vlan200)

router--->Switch

                      ------PC2 (Vlan300)

For intervaln routing one option is to create two sub-interface(of your single ethernet interface) on routers and taking switch as pure l2. Both sub-interface will be in diferent vlan

with dot1q as encapsulation.

Now If you want your switch to work as l3, ideally you don't need router. just give IP address by creating vlan interface (int vlan200, int vlan300)

But if you have terminated any serial link on router you need to have router .

Your requirement is to have one l3 interface on router and one l3 interface on switch, yes possible

> create interface vlan for vlan200 and give ip to it

> keep vlan300 as it is and terminate it on router

> configure default gateway as a router ip.

But i will prefer the second option (creating both vlan interfrace on switch and passing everything else to router)

Hope this helps

Regards

Mahesh

0 Helpful

Go to solution
rangel321
Level 1
Level 1
In response to Mahesh Gohil

‎11-23-2010 10:27 PM

Hello magesh,

Thanks for your reply. Following the policies of my problem, the fact that i need GW in different devices is to ensure high availability and security for one of my vlans.

Being more specific im using a CISCO 3560 layer-3 switch and a 2811 router. My 2 subnets are 192.168.1.0/26 (vlan 200) and 192.168.1.64/26(vlan 300).

At this point, im pretty sure im doing right, but i think im missing some commands, could you help me please?

1.Already created VLAN 200 and 300 in the switch and assigned them ports (switchport access vlan)

2.Only gave ip address to interface vlan 200 in the switch and it is the default gateway for PC belonging to vlan 200

Sorry if it seems too basic, this is part of a project im doing at university and also sorry for my ugly english,

regards from PERU!

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to rangel321

‎11-24-2010 01:29 AM

Eduardo

There is no redundancy gained by doing this. If the switch fails then you cannot get to the router anyway, so having vlan 300 default-gateway on the router is useless.

It also depends on whether the 2 vlans need to talk to each other. If they do then your config becomes very non-standard because the router has to be able to route back to vlan 200. The only way you could do this would be to have a vlan 300 L3 interface on the switch ie.

client in vlan 300 sends a packet to client in vlan 200. Packet goes from client via switch in vlan 300 to router inteface. The router then looks up the destination and needs to find a route to vlan 200. The next-hop for that route has to be in vlan 300 so you would have to create a L3 vlan interface on the switch. So the route would look something like -

ip route 192.168.1.0 255.255.255.192

As i say there is no redundancy/high availability if you are going to connect clients to the same switch. Also this is a very non-standard configuration and really makes little sense. As Mahesh says, either route the vlans off the switch or off the router but not both. Personally i would do it off the switch. If you want security for vlan 300 then use an access-list on the L3 vlan 300 interface on the switch.

If the vlans do not need to talk to each other then you wouldn't need the vlan 300 interface on the switch but you still haven't got redundancy/high availability.

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card