cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1328
Views
10
Helpful
12
Replies

simple configuration template required

asus zowey
Level 1
Level 1

Hello,

i have the following setup at a remote site

Router-Distribution switch- several access switches

The router will act as a default gateway and dhcp helper for every vlan.

what are the things that need to be configured on the router and the interfaces between the router and the distribution switch ?

12 Replies 12

Reza Sharifi
Hall of Fame
Hall of Fame

Here is a sample config guide.  If you have multiple vlans on your switches, than you need to trunk the interface from the distribution switch to the router and also create a sub-interface for each vlan on the router. You also need to trunk the interfaces from the access switches to distribution switch if you have multiple vlans on each access switch.

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli_rel_4_0_1a/AccessTrunk.html

HTH

what about the default gateway configuration ? is it by simply assigning an ip address to the subinterface and match the vlan id using the dot1q command ?

Also, to make the router a dhcp helper for each vlan, do i configure ip helper address command under the subinterface ?

----

what about the default gateway configuration ? is it by simply  assigning an ip address to the subinterface and match the vlan id using  the dot1q command ?

----

Yes just configure the encapsulation and IP address on the sub-interface. Give this IP to the hosts as a DG.

Regards,
Chandu

Regards, Chandu

ok what several access switches are directly connected to the rotuer ? under which physical interface do i configure the subinterface ?

No, If the access switches directly connect to the router and each access switch carries only one vlan, you don't need any sub-interfaces.  You need sub-interfaces if you are connecting a link to the router that is carrying more than 1 vlan.

HTH

in my case, each switch carries more than one vlan so i need subinterfaces.

on the trunk link between the switch and the router all vlans will be allowed,

i have another question, how do i know which vlans should be allowed on the trunk facing ( for example the access point )

Hi Asus,

To know which VLAN are allowed on the trunk interfaces, just give "show interfaces trunk" . It will show all the ports and their encapsulation too.

Eg:

ROOT/VTP-SERVER/LAYER3#show interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan

Fa0/5       auto         n-802.1q       trunking      1

Fa0/6       auto         n-802.1q       trunking      1

Fa0/7       auto         n-802.1q       trunking      1

Fa0/8       auto         n-802.1q       trunking      1

Po3         auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk

Fa0/5       1-1005

Fa0/6       1-1005

Fa0/7       1-1005

Fa0/8       1-1005

Po3         1-1005

Port        Vlans allowed and active in management domain

Fa0/5       1,10,20,30

Fa0/6       1,10,20,30

Fa0/7       1,10,20,30

Fa0/8       1,10,20,30

Po3         1,10,20,30

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/5       1,10,20,30

Fa0/6       1,10,20,30

Fa0/7       1,10,20,30

Fa0/8       1,10,20,30

Po3         1,10,20,30

ROOT/VTP-SERVER/LAYER3#

ROOT/VTP-SERVER/LAYER3#

ROOT/VTP-SERVER/LAYER3#show interfaces

ROOT/VTP-SERVER/LAYER3#show interfaces f

ROOT/VTP-SERVER/LAYER3#show interfaces fastEthernet t

ROOT/VTP-SERVER/LAYER3#show interfaces fastEthernet tr

ROOT/VTP-SERVER/LAYER3#show interfaces fastEthernet ?

  <0-9>  FastEthernet interface number

ROOT/VTP-SERVER/LAYER3#show inter

ROOT/VTP-SERVER/LAYER3#show interfaces t

ROOT/VTP-SERVER/LAYER3#show interfaces tru

ROOT/VTP-SERVER/LAYER3#show interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan

Fa0/5       auto         n-802.1q       trunking      1

Fa0/6       auto         n-802.1q       trunking      1

Fa0/7       auto         n-802.1q       trunking      1

Fa0/8       auto         n-802.1q       trunking      1

Po3         auto         n-802.1q       trunking      1

Port        Vlans allowed on trunk

Fa0/5       1-1005

Fa0/6       1-1005

Fa0/7       1-1005

Fa0/8       1-1005

Po3         1-1005

Port        Vlans allowed and active in management domain

Fa0/5       1,10,20,30

Fa0/6       1,10,20,30

Fa0/7       1,10,20,30

Fa0/8       1,10,20,30

Po3         1,10,20,30

Port        Vlans in spanning tree forwarding state and not pruned

Fa0/5       1,10,20,30

Fa0/6       1,10,20,30

Fa0/7       1,10,20,30

Fa0/8       1,10,20,30

Po3         1,10,20,30

Regards,
Chandu

Regards, Chandu

what i meant... on the interface between the switch and the access point, is it ok if allow all the vlans ?

What do you mean by 'access point' here?

Regards,
Chandu

Regards, Chandu

a wireless access point

i mean i have several vlans (mgt, voice, data, wireless , wlan mgt,) what are the essential vlans that need to be allowed on th trunk between the access switch and the wireless AP? or it depends on the customer needs ?

Hi,

For Cisco and other Wireless vendors when using a Controller, you set the Access Switch Ports to Access.  Never trunks.  The Access Points setup a CAPWAP tunnel through the switchport mode access  to the Wireless Controller (provided that you have defined the appropriate config on your network to allow the APs to locate a Wireless Controller).

Please note, that if you are dealing with Autonomous Access Points ( APs that do not require a Controller), then and only then you setup the Access Switch ports to trunk mode.  As far as which VLANs are need on this trunk, all the VLANs that are defined on the AP configuration including Management are required to be allowed.

Yes it depends upon the requirements. If you don't want devices from a VLANX to communicate through a trunk then you don't allow that vlan traffic through that trunk.

Regards,
Chandu

Regards, Chandu
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco