Solved: Re: Routing between subnets with 3750-X solution needed

jeff6strings · ‎11-14-2011

We have a remote office with a Cisco 3750-X switch with the IP-Services feature set connected via dark-fiber to a 6509-E at the corporate office. We plan on migrating the remote office to a new network (new acquisition) to subnet 10.10.10.0 on VLAN 20 which has an existing subnet of 192.168.100.0 and we would like to run both in parallel using their existing switches (Dell) and the new 3750-X.

I’m curious as to the best way to keep the traffic local between the two subnets using the 3750-X and if necessary put the 192.168.100.0 network on a VLAN. I thought about routing between the two networks via IP routing on the 3750-X but the new workstations default gateway is the 6509-E and existing workstations is a SonicWALL within the remote office. The default gateway for the new workstations can be moved from the 6509-E as a last resort.

Thanks for any help.

Jeff

Jon Marshall · ‎11-14-2011

Jeff

No problem, glad to have helped.

One additional point i should have mentioned for completeness. If you do move the DG for the clients on both vlans to the 3750 then don't foget to account for routing to other subnets ie.

1) you will need to run a dynamic routing protocol between the 6500 and the 3750 or add statics for subnets at both end of the link so that each switch knows how to get to the others subnets

2) the Sonicwall. If the remote site clients use this for internet access and you want the new vlan to also use it for internet access then you need to add a default route to the 3750 pointing to the Sonicwall internal interface. If you need a different default route for the new vlan then you may need to use PBR on your 3750.

Jon

View solution in original post

Jon Marshall · ‎11-14-2011

Jeff

Put simply, if you want route the 2 vlans on the 3750 then you would need to change the default-gateway of the new workstations and the default-gateway of the existing workstations.

If you don't then the 3750 won't really be routing just L2 switching. There are a couple of further points -

1) i would recommend at least the new clients routing off the 3750 as this means you could then use a L3 link from the 3750 to the 6500. This would mean STP would not need to go across the link and so if you somehow got a broadcast storm in the remote office this couldn't affect the 6500 switch.

2) as for the existing clients. You could still route these off the Sonicwall but then you are losing some of the advantages of routing off the L3 switch ie. traffic must go to the Sonicwall only to come back to the 3750 to get to the other vlan (and other subnets off the 6500). This is assuming the 2 vlans in the remote site need to talk to each other. If they don't then it would not matter so much if you left the existing vlan DG as the Sonicwall.

Personally, if you didn't need to actually firewall between the 2 vlans in the remote office i would change the DGs to be the L3 SVI IP addresses on the new 3750.

Jon

jeff6strings · ‎11-14-2011

Jon,

Thank you for the information and yes the 2 networks or VLANs will need to talk to each other.

Greatly appreciate the help.

Jeff

Jon Marshall · ‎11-14-2011

Jeff

No problem, glad to have helped.

One additional point i should have mentioned for completeness. If you do move the DG for the clients on both vlans to the 3750 then don't foget to account for routing to other subnets ie.

1) you will need to run a dynamic routing protocol between the 6500 and the 3750 or add statics for subnets at both end of the link so that each switch knows how to get to the others subnets

2) the Sonicwall. If the remote site clients use this for internet access and you want the new vlan to also use it for internet access then you need to add a default route to the 3750 pointing to the Sonicwall internal interface. If you need a different default route for the new vlan then you may need to use PBR on your 3750.

Jon

jeff6strings · ‎11-15-2011

I was also thinking of adding a route on the Windows workstations which points to the other network. The existing servers in the remote office will need to be accessed by both networks (existing and new workstations) and Internet and other resources, such as the servers, will be migrated to the corporate office over time but for now we would prefer to have the parallel networks.

Jon, thanks again for the advice.

Jeff

jeff6strings · ‎12-16-2011

As a follow-up we used a Cisco 2811 router with the two Ethernet interfaces and nat'd the corporate side to the remote office network. Doing it this way anyone initiating requests from the corporate side the traffic will return from the remote network devices without having to add a route on each server. On the SonicWALL at the remote office we added a route to the corporate network via the 2811 interface. After posting this discussion I found out most of the initiating traffic will come from the corporate side. This arrangement will also help with the assimilation.

Thanks Jon for your replies.

Jeff

moid fahad · ‎06-24-2013

Hi jon,

Can you please tell me that how to configure Cisco Catalyst switch 6509-E as core and catalyst 3750 as edge i cant be ping between two switchs and in core switch 6509-E is getting an error to enable "ip-routing" .

switch(config)#ip routing

^

% Invalid input detected at '^' marker

i have created valn with same subnet mask on both the switchs please tell me how to get communication between two switchs

Thanking You