Solved: VLAN's and IP addresses

David Ruess · ‎02-24-2012

Hello,

I am very new to the CISCO world and I just recently got my CCNA. I just aquired a Network Admin position and the network works fine but I want to know wha some of the commands are and why they are implemented in a switch/router. My question is I have about 30+ switches in the network with a mix of 2960/3500/3560 switches, and all with VLAN's naturally. But some VLAN's have ip addresses assigned to the and some do not. I know how this is configured but dont know why it is configured this way. All the switches connect back to the core so that is why I dont know why the mix and match IP addresses for VLANs. Keep in mind when answering I am only a CCNA working on CCNP routing/switching. So my knowledge is a little past basic but my common sense is a little higher so if you explain it well Im sure I can figure it out. Any help would be appreciated.

John Blakley · ‎02-24-2012

L3 Switched Virtual Interfaces (SVI) are attached to vlans for routing. If you have a vlan without an SVI attached, you have a L2 vlan. Those vlans still need something to route, so those vlans will need to be carried up to a router to get out. The L3 switches will route for you, so they have IP addresses assigned. The IP addresses assigned will be the gateway for your hosts, much like a router would be.

vlan 10

int vlan 10

ip address 10.10.10.1 255.255.255.0

Host configuration:

ip address 10.10.10.100 255.255.255.0

default gateway: 10.10.10.1

Notice the host will use the switches interface Vlan 10 to get out, but the host still needs to be part of that vlan:

int g1/0/20

switchport mode access

switchport access vlan 10

That would complete routing for them. The other scenario that you have is where there is no SVI created which means a L2 vlan. I have some of these that I created for an iSCI subnet. There's no default gateway on them, but they can see each other because they're on the same subnet.

Finally, you can use routed ports on a L3 interface as well where it's not associated to a vlan at all, but you'll have an address attached directly to the interface:

int g1/0/1

no switchport

ip address 10.10.20.1 255.255.255.0

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

John Blakley · ‎02-24-2012

L3 Switched Virtual Interfaces (SVI) are attached to vlans for routing. If you have a vlan without an SVI attached, you have a L2 vlan. Those vlans still need something to route, so those vlans will need to be carried up to a router to get out. The L3 switches will route for you, so they have IP addresses assigned. The IP addresses assigned will be the gateway for your hosts, much like a router would be.

vlan 10

int vlan 10

ip address 10.10.10.1 255.255.255.0

Host configuration:

ip address 10.10.10.100 255.255.255.0

default gateway: 10.10.10.1

Notice the host will use the switches interface Vlan 10 to get out, but the host still needs to be part of that vlan:

int g1/0/20

switchport mode access

switchport access vlan 10

That would complete routing for them. The other scenario that you have is where there is no SVI created which means a L2 vlan. I have some of these that I created for an iSCI subnet. There's no default gateway on them, but they can see each other because they're on the same subnet.

Finally, you can use routed ports on a L3 interface as well where it's not associated to a vlan at all, but you'll have an address attached directly to the interface:

int g1/0/1

no switchport

ip address 10.10.20.1 255.255.255.0

HTH,

John

HTH, John *** Please rate all useful posts ***

David Ruess · ‎02-26-2012

Ok, first off thank you for taking the time to help me. I really appreciate it. Secondly, I understood most of what you said but the last two paragraphs were a little confusing except the configuration part, I got that, but like I said I am new. I need to look at the network as a whole and maybe get a better picture because the last guy in charge took everything and I am just trying to document what exactly is going on. I also have another question if you don't mind. Why on some VLAN's is the command IP PIM passive configured. What does it do and why dont all of them have it. Remember I am pretty new at this.

Thanks.

swordcrowned · ‎02-26-2012

David,

With your CCNA, you understand that you do not need an IP address to communicate at Layer 2. VLAN's are just Local Area Networks. Everything on a VLAN can see each other at Layer 2. If you never supply an IP address to the int vlan#, then you just have a single LAN that can not communicate to anything else.

So lets say you have all your access layer switches (edge switches - where you custumers are connected). You will have your multiple vlans configured on these switches, depending on your network, and the needs of your network. But lets go with something general. Lets say you have an access vlan, a server vlan, a voice vlan and an admin vlan. On access switch, each vlan will be present. However, only the admin vlan will have and IP address. At the access layer, the rest of the switches can only communicate to there own vlans, via trunk links, because they are at Layer 2.

Now lets move to the Distribution/Core layers. This is most often were Layer 3 switching gets implemented. So now the interface vlans need an ip address. Ip addresses are needed for intervlan routing. So when you look at these switches, you will notice that most (if not all) of the vlans will have an IP addres assigned to theem.

Basically, thing of all your vlans separately, regardless of which switch they are one. Then at the point where your want ot bring all of those different local area networks together, you name it with an IP address, so they can have a conversation. At the access layer, they dont know about each other because they have no name(ip address). At the distribution layer they are given an ip address so they can interact.

HTH

Bryan Hefner