I am given two desktops of IP 192.168.1.10/24 & 192.168.2/10/24 connected to a L2 switch with a single VLAN [VLAN -1]. A router is connected to this switch with the routed interface IP 192.168.1.1/24. How do I get these two systems to talk to each other ?
You need to create an additional VLAN on the switch, assign access ports to the VLANs, configure a trunk (802.1Q most likely) between the switch and the router, and configure sub-interfaces (192.168.1.1/24, and 192.168.2.1/24 perhaps) on the router's physical interface.
You'll have to determine whether your router supports VLANs. Typically, this will have to be a FastEthernet interface (min.).
The two sub-interfaces are used as default gateways for the two VLANs. Hosts use the gateway address within their Network ID, and the router facilitates inter-VLAN routing. Traffic between the two VLANs traverses the trunk twice.
The following document will help with the understanding, even if it is not the exact hardware being used:
Thanks. I'll go through the doc. sent.
The requirement is that all teh ports on the switch needs to in VLAN -1 only with two systems having IP addr 192.168.1.10/24 & 192.168.2.10/24. The router's IP [eth IP ] being 192.168.1.1/24. With these, I need to get the two PCs communicate.
Your original post did not state that all systems needed to be in the same VLAN.
With the existing network masks, each host will determine that the other is not on its network, and that the services of a router are required to communicate with the other host.
One of your hosts has a default gateway, the other does not. That is the key issue you have to overcome.
You could change the network mask to /22 to create a supernet address range (192.168.0.0 - 192.168.3.255). Then the hosts would not need to use the router to communicate with one another. This would require configuration of a new mask on all interfaces though.
FYI: A /23 mask would have only facilitated 192.168.0.0 and 192.168.1.0, which would have required re-addressing of the 192.168.2.0 devices.
A VLAN is a single broadcast domain.
Multiple subnets means multiple broadcast domains, and that a routing function would be required to facilitate communication between hosts in separate subnets.
A host with 192.168.2.x/24 will apply its network mask to its own IP address and the address of the host it is trying to reach (192.168.1.x), and compare the results.
Since "192.168.2" is not the same as "192.168.1", it will conclude that the other host is not directly reachable, and therefore the services of a router are required.
Since the host is not configured with a default gateway on network 192.168.2.0/24, it will drop the packet.
This will be my last response for the day.
I am not sure that we have a full understanding of the requirements in Deepa's situation. And while it is generally the optimum implementation to have a one to one relationship between subnet and VLAN it is possible to have 2 logical subnets within the same VLAN.
On the router you already have
ip address 192.168.1.1 255.255.255.0
you would add this to the interface configuration
ip address 192.168.2.1 255.255.255.0 secondary
the use of secondary address on the router will allow both logical subnets to function on the same router interface and in the same VLAN.
As Michael was pointing out, we tend to make some assumptions about subnets and their behavior and their advantages which are based on behaviors when each subnet is a separate broadcast domain. In this case some of these assumptions would not be true. It looks like the machine at 192.168.1.10 is separated from the machine at 192.168.2.10 but in reality they are not.
Deepa was very specific that each host should have a /24 mask. I wonder why this is? It introduces a mismatch between the appearance of the subnet and the reality of the VLAN. What would be the problem is they were both configured with a /22 mask?
I stand corrected.
As stated, the use of the "secondary" interface command would apparently resolve his need.
The /22 mask was a side experiment that showed that the hosts would be able to communicate directly (without router assistance) when the mask placed them on the same Network ID.
I wasn't suggesting he should do it, just that if it were done, he would bypass the issue that hosts on 192.168.2.0/24 did not have a gateway to facilitate communication with 192.168.1.0/24.
Thanks to both of you!
I tried changing the ubnet mask & it did work earlier but since I was asked to retain the masks as /24 I across the network & make it work.
I did configure the secondary IP address & could enable the communication between the two subnets.
Thanks once again.
I've one last question. When do we come across situations when we require to configure the secondary IP address in real-time environment ?