Policy Based L2 Switching

I am trying to work out if it is possible for a number of vlans can be merged into a single vlan, or better still a mechanism exists where i can forward traffic from one vlan to another but NOT going via L3. Network is approximately like this (attached)

Essentially i would like to put vl10 traffic through Box1 and Vl20 traffic through Box2. Box1 and Box2 dont do trunking.

A second point on this topic, could i direct traffic from any vlan to another vlan or maybe an interface but on same vlan based on layer3 criteria?

PS Please note that from 3560 to RTR2 is also trunk with vl10 and vl20




Re: Policy Based L2 Switching

Please give me configuration of all devices and

Foloowing commands Out put.

1) Sh vlan brief

2) Sh vtp

3) Sh vtp status (Check VTP version and cient/server)

4) Sh vtp password (Don't give but check on all device password should be same. case sensitive)

It should work.


Re: Policy Based L2 Switching

Hi Dharmesh,

I have not set it up.

I would expect to setup trunks/vlans as normal. The problem I then face is how what commands I need to use in order to fwd traffic from one vlan to another without going via L3.


Re: Policy Based L2 Switching


Would you describe more detailed, what are you trying to achieve? What devices exist on VL10, and what on VL20? Are they connected to first, second 3560, or to both? What are Box1 & Box 2? Linux? Windows? Network devices? What is the function of these boxes? What your routers do? Where and how traffic goes?

Theoretically you may create a "multi-vlan" port, which will be able to hear two VLANs. But without knowing the general purpose of your setup there is no way to tell if this will satisfy you.

Re: Policy Based L2 Switching

Hi Mike,

Devices on VL10 and 20 are mobiles sitting behind a GGSN. So infact GGSN are routers on Vl10and Vl20 sending traffic to the gateways on each vlan. The Def gateways are behind everything. Box1 and box2 are just ethernet devices nothing more basic l2 device.

What is required is that some traffic (based on IP source range) from vl10 goes to box1 and some traffic to box 2. Same for Vlan20.

So range 1 on vl10 goes to box1

range 2 on vl10 goes to box2

range3 on vl20 goes to box1

range4 on vl20 to box2

Does this help?

