cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1860
Views
9
Helpful
15
Replies

Routing a vlan

gurkamal01
Level 1
Level 1

Hi,

I am confused in routing

I have 5 6500 switches (4 are core devices and 5th is used for WAN).It is collapsed core design.

Each core switch has a common 2 common vlans which are access ports (vlan31 and 25). ospf is used as RP with area 0 only

I  have a 3750 (layer 2) switch hanging off core swich 4. A trunk connection is running between the two.


core switch 4 does not have vlan 20. it only  has a route 192.168.20.1 (vlan20 ) thru switch 5 as vlan 20 sits on switch 5.

My question is if i create vlan 20 on 3750 switch and include in the trunk to core 4  (no vlan 20 on core 4)  , will vlan 20 be routable thru switch core 4. core 4 only has a route to vlan 20 thru connected switch 5.

How can this be achieved.

Please Advice

3 Accepted Solutions

Accepted Solutions

gurkamal01 wrote:

Thanks for the reply

4 core switches are connected thru 2 access ports on each switch  ( vlan 31 and vlan 25)

SWI4 ------>  SWI3 ------> SWI2 ------->SWI1

Basically the answer in my last post still stands ie. you will need vlan 20 on core 4 and in addition you either need to route vlan 20 core 4 or have a trunk link to switch 5.

Jon

View solution in original post

gurkamal01 wrote:

HI all

Why would i need an SVI on Core 4 or trunk to SWI 5 in order to perform intervlan routing as Core 4 already has a route to 192.162.20.0 network in its routing table

Please advice

Okay, let me try and explain it a bit differently. I'm making the following assumptions -

1) that the 3750 that your host is connected to does not have an SVI for vlan 20 ?

2) that the 3750 is connected to core 4 via a trunk but is not connected to SW5

3) that you have created vlan 20 on core 4 (not an SVI) just the vlan

If that is correct the key to understanding this is that core 4 has a route to 192.168.20.0. So for core 4 to send any packets to that subnet it must route them ie. it cannot switch them at L2 it has to route them at L3.

So a host in vlan 20 sends a packet from the 3750. It is sent across the trunk to core 4. Now core 4 receives a packet in vlan 20. If the packet is already in vlan 20 then it can route the packet because by definition routing is moving packets between networks. So the fact that core 4 has a route to vlan 20 pointing to sw5 is useless in this case ie. you can't route within the same subnet.

So you can do one of the 3 things -

1) create an SVI for vlan 20 on core 4. Note that you then wouldn't need the route pointing to sw5 but you would need either

    i) a connection between core 4 and SW5 that is in vlan 20

     or

   ii) a trunk link between core 4 and SW5 that allows vlan 20

2) create a trunk link from core 4 to SW5 which is the simplest way to get it to work.You also wouldn't need the route on core 4

3) create a new vlan eg. vlan 21, put the host on the 3750 into that, create the SVI for that new vlan on core 4 and leave the route in.

If you do 2 then the packet arrives at core 4 in vlan 20, is then forwarded onto the trunk link to SW5 still in vlan 20 and arrives at SW5.

If you do 3 then the packet arrives at core 4 in vlan 21 and can then be routed to SW5 using the route you have on core 4.

Jon

View solution in original post

Thanks

I am sorry i couldnt understand the last sentence of your reply

It's just a simple routing concept as whenever a traffic comes for vlan 10 subnet to core 4 switch it needs to point towards the devices which has vlan 10 ip subnet that will SVI vlan 10 ip address of switch 3750.

Appreciate your help

What i means is switch 3750 having vlan 10 subnet connected hosts, so whenever a traffic hits in core 4 for vlan 10 subnet it needs to route the traffic to wards 3750 vlan 10 SVI ip address to have a complete routing connectivity for vlan 10 to others.

Hope to help !!

Ganesh.H

View solution in original post

15 Replies 15

Jon Marshall
Hall of Fame
Hall of Fame

gurkamal01 wrote:

Hi,

I am confused in routing

I have 5 6500 switches (4 are core devices and 5th is used for WAN).It is collapsed core design.

Each core switch has a common 2 common vlans which are access ports (vlan31 and 25). ospf is used as RP with area 0 only

I  have a 3750 (layer 2) switch hanging off core swich 4. A trunk connection is running between the two.


core switch 4 does not have vlan 20. it only  has a route 192.168.20.1 (vlan20 ) thru switch 5 as vlan 20 sits on switch 5.

My question is if i create vlan 20 on 3750 switch and include in the trunk to core 4  (no vlan 20 on core 4)  , will vlan 20 be routable thru switch core 4. core 4 only has a route to vlan 20 thru connected switch 5.

How can this be achieved.

Please Advice

It's not clear how your switches are interconnected. 4 switches as core devices, how are these switches connected to each other ie. are they all interconnected, what type of links are in use ie. L2 or L3.

In answer to your specific query if the 3750 has vlan 20 and has a trunk link to core 4 then core 4 will need vlan 20 as well. However it still won't work because core 4 has a route to vlan 20 but the packets arriving from the 3750 are being switched ie. L2, not routed.

So you would need a L3 SVI for vlan 20 on core 4 or you would need a trunk link from core 4 to switch 5 where vlan 20 is routed.

Jon

Thanks for the reply

4 core switches are connected thru 2 access ports on each switch  ( vlan 31 and vlan 25)

SWI4 ------>  SWI3 ------> SWI2 ------->SWI1

gurkamal01 wrote:

Thanks for the reply

4 core switches are connected thru 2 access ports on each switch  ( vlan 31 and vlan 25)

SWI4 ------>  SWI3 ------> SWI2 ------->SWI1

Basically the answer in my last post still stands ie. you will need vlan 20 on core 4 and in addition you either need to route vlan 20 core 4 or have a trunk link to switch 5.

Jon

how do i route vlan 20 on core 4 switch any examples

i will appreciate any response

Thanks

HI all

Why would i need an SVI on Core 4 or trunk to SWI 5 in order to perform intervlan routing as Core 4 already has a route to 192.162.20.0 network in its routing table

Please advice

gurkamal01 wrote:

HI all

Why would i need an SVI on Core 4 or trunk to SWI 5 in order to perform intervlan routing as Core 4 already has a route to 192.162.20.0 network in its routing table

Please advice

Okay, let me try and explain it a bit differently. I'm making the following assumptions -

1) that the 3750 that your host is connected to does not have an SVI for vlan 20 ?

2) that the 3750 is connected to core 4 via a trunk but is not connected to SW5

3) that you have created vlan 20 on core 4 (not an SVI) just the vlan

If that is correct the key to understanding this is that core 4 has a route to 192.168.20.0. So for core 4 to send any packets to that subnet it must route them ie. it cannot switch them at L2 it has to route them at L3.

So a host in vlan 20 sends a packet from the 3750. It is sent across the trunk to core 4. Now core 4 receives a packet in vlan 20. If the packet is already in vlan 20 then it can route the packet because by definition routing is moving packets between networks. So the fact that core 4 has a route to vlan 20 pointing to sw5 is useless in this case ie. you can't route within the same subnet.

So you can do one of the 3 things -

1) create an SVI for vlan 20 on core 4. Note that you then wouldn't need the route pointing to sw5 but you would need either

    i) a connection between core 4 and SW5 that is in vlan 20

     or

   ii) a trunk link between core 4 and SW5 that allows vlan 20

2) create a trunk link from core 4 to SW5 which is the simplest way to get it to work.You also wouldn't need the route on core 4

3) create a new vlan eg. vlan 21, put the host on the 3750 into that, create the SVI for that new vlan on core 4 and leave the route in.

If you do 2 then the packet arrives at core 4 in vlan 20, is then forwarded onto the trunk link to SW5 still in vlan 20 and arrives at SW5.

If you do 3 then the packet arrives at core 4 in vlan 21 and can then be routed to SW5 using the route you have on core 4.

Jon

Thank you for such a great explanaton. Jon you are just outstanding

Q1Just to make it clear, routing happens between different subnets and when vlan 20 arrives at core 4 from 3750 it can only route to a different subnet (if avialiable) because it a layer 2 frame right and routing is not supported between same subnets.let me know this is correct

In the previous thread you mentioned  3750 is L2

Q2 My question is how will it work if 3750 works as L3 and has trunk connecton to the core 4 .....where should the SVI and route for vlan 20 sit 3750 or core4

Q3 is this a good design

gurkamal01 wrote:

Thank you for such a great explanaton. Jon you are just outstanding

Q1Just to make it clear, routing happens between different subnets and when vlan 20 arrives at core 4 from 3750 it can only route to a different subnet (if avialiable) because it a layer 2 frame right and routing is not supported between same subnets.let me know this is correct

In the previous thread you mentioned  3750 is L2

Q2 My question is how will it work if 3750 works as L3 and has trunk connecton to the core 4 .....where should the SVI and route for vlan 20 sit 3750 or core4

Q3 is this a good design

This answer also applies to your other ongoing post about having 2 SVIs for the same vlan, one on the closet switch and one on the core switch.

Q1 - correct. On core 4 the packet could be forwared in vlan 20 at L2 and that's why i said you could have a trunk between core 4 and sw5, but it can't be routed.

Q2 - this and Q3 are rather large questions. And we need to cover a little bit of terminology. In the Cisco hierarchical design model there are 3 layers -

access-layer - pretty much where end user devices connect to.

distribution layer - where access-layer switches are aggregated to and in the traditional design where the inter-vlan routing for the access-layer vlans takes place.

core layer - basically an interconnect between distribution switches. Recommendation for a while now has been to route between the core and the distribution layer although with the advent of VSS on the 6500 and VPCs on the Nexus switches having L2 back to the core is now a perfectly reasonable design approach.

Often in smaller deployments such as single buildings etc. you can have a collapsed distribution/core ie. they are the same pair of switches.

As i said above the traditional design was L2 from the access-layer to the distribution switches and then route between vlans on the distribution switches. So the uplinks would be L2 either a trunk or in a single vlan and the SVIs for the access-layer vlans would be on the distribution switches. A more recent development is to use L3 routed links to connect from the access-layer to the distribution switches so the SVIs would be on the access-layer switches for the access-layer switch vlans.

The reason i'm explaining all this is to try and put Q2 into some context for you and as i say this also applies to your other thread -                           

routing a vlan

So if the 3750 is a L2 device and has a vlan eg. vlan 10 and it connects to core 4 via a trunk connection then the SVI IP address that the devices in vlan 10 use as their default-gateway should be the SVI IP on core 4. If the 3750 has an SVI in vlan 10 it should only be used to access the 3750 remotely to manage the switch.

If the 3750 is a L3 device then it becomes more complicated.

If you connect the 3750 to core 4 with a L3 routed link ie. not a trunk, and you want to route vlan 10 off the 3750 then the SVI IP for vlan 10 on the 3750 is used as the default-gateway for end user devices. But more importantly you then wouldn't have an SVI on core 4 for vlan 10 because vlan 10 cannot exist on the 3750 and then on core4 separated by a L3 routed link.

I'm not sure exactly what design your network topology is following. There is no heirarchy among the "core" switches and although it looks like an attempt is made to isolate access-layer vlans to each core switch there are then 2 site wide vlans, vlan 13 & 253, that interconnect all your switches. As i said before one of the main problems you are facing is your network does not readily lend itself to spanning vlans across multiple core switches which in itself is no bad thing but it is when you need to span a vlan across multiple switches if you see what i mean.

Jon

Just a simple question,

Q1.How do i make 3750 a layer 3 switch?

Q2. how do i connect 3750 to Core 4 through a routed link ie do  i need to run a routing protocol on 3750 ??

gurkamal01 wrote:

Just a simple question,

Q1.How do i make 3750 a layer 3 switch?

Q2. how do i connect 3750 to Core 4 through a routed link ie do  i need to run a routing protocol on 3750 ??

Q1 - enable ip routing ie.

3750(config)# ip routing

Q2 - No you don't need to run a routing protocol but if you don't then you will need static routes at either end of the link.

3750(config)# int gi0/1

3750(config-if)# no switchport

3750(config-if)# ip address 192.168.5.1 255.255.255.252

core4(config)# int gi0/1

core4(config)# no switchport

core4(config)# ip address 192.168.5.2 255.255.255.252

Edit - i would caution against making changes before you fully understand why the network was setup as it was. If you do make the changes make sure you can revert back to the original setup as there may be unintended consequences.

Jon

Hello,

Thanks for the explanation

As mentioned above in the thread
" SVI for vlan 10 cannot exist on both 3750 and Core 4 if 3750 acts as L3 switch which is seperated by a routed link  to core 4"

Why is this not possible?

Please advice

Hello,

Thanks for the explanation

As mentioned above in the thread
" SVI for vlan 10 cannot exist on both 3750 and Core 4 if 3750 acts as L3 switch which is seperated by a routed link  to core 4"

Why is this not possible?

Please advice

Hi,

If you see Jon's Statement about your query

 If you connect the 3750 to core 4 with a L3 routed link ie. not a trunk, and you want to route vlan 10 off the 3750 then the SVI IP for vlan 10 on the 3750 is used as the default-gateway for end user devices. But more importantly you then wouldn't have an SVI on core 4 for vlan 10 because vlan 10 cannot exist on the 3750 and then on core4 separated by a L3 routed link.

It's just a simple routing concept as whenever a traffic comes for vlan 10 subnet to core 4 switch it needs to point towards the devices which has vlan 10 ip subnet that will SVI vlan 10 ip address of switch 3750.

Hope to help !!

Ganesh.H

Thanks

I am sorry i couldnt understand the last sentence of your reply

It's just a simple routing concept as whenever a traffic comes for vlan 10 subnet to core 4 switch it needs to point towards the devices which has vlan 10 ip subnet that will SVI vlan 10 ip address of switch 3750.

Appreciate your help

Thanks

I am sorry i couldnt understand the last sentence of your reply

It's just a simple routing concept as whenever a traffic comes for vlan 10 subnet to core 4 switch it needs to point towards the devices which has vlan 10 ip subnet that will SVI vlan 10 ip address of switch 3750.

Appreciate your help

What i means is switch 3750 having vlan 10 subnet connected hosts, so whenever a traffic hits in core 4 for vlan 10 subnet it needs to route the traffic to wards 3750 vlan 10 SVI ip address to have a complete routing connectivity for vlan 10 to others.

Hope to help !!

Ganesh.H

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: