04-26-2006 08:06 PM - edited 03-03-2019 02:58 AM
Hi,
We have two subnets 10.1.1.0 and 10.1.2.0 and these subnets are phisically separated. we also have two VLANS, VLAN 2 and 3, please think of the VLAN 2 as the default VLAN 1. strenge, it has been like this when I took over. there is no trunking between these two VLANS. 10.1.1.0 is the main network and all the servers and users arfe on it and 10.1.2.0 is a Dev environment and some development severs are on it.
I have given an IP address from the maon subnet i.e. 10.1.1.0 to a switch which is used for Dev environment on its SC0 and have assigned it to VLAN 2 but the rest of the 10.1.2.0, i.e. the Dev environment is on VLAN 3. from the main network I cannot ping that IP address (naturally) and I don't know how to build on what we currently have without making major changes and build over time as transparant as possible.
I am sorry for this very long expalanation.
I guess I need to know if I can make trunking between these two VLANs, i.e. VLAN 2 (main 10.1.1.0) and VLAN 3 (Dev environment 10.1.2.0) with out needing a router? of if I need a router, how? so that I can build upon it over time.
well, I have given an IP address from main subnet from VLAN 2 to a swotch which is for VLAN 3 or Dev environment!!! I really didn't know how to do this in order to make it as trasnparant possible to others since I am not in charge of the AD and the servers.
Please forgive me for my somehow vague explanation and I hope I could have made a question.
Thanks,
Masood
05-04-2006 08:07 PM
05-04-2006 08:12 PM
05-04-2006 08:50 PM
Hello Masood,
could you please repost the topology diagram as a JPG.
My visio is quite old.
Vlad
05-05-2006 06:45 AM
05-04-2006 09:13 PM
HI,
one more file for my second core switch supporting servers and users on a separate floor. this is a CAT 4006, 5 blades on VLAN 2. this swicth is connected via GBIC - fiber to the one in teh floor above it i.e. to CAT 4510R Cisco IOS core swicth. the second CAT 4006, 3 blades is also connected via GBIC interface and fiber to the CAT 4510R Cisco IOS on the VLAN 2.
the only switches on VLAN 3 for DEV environment are:
a CAT 3512 and a CAT 2948 fixed CATOS connected via gigi Interfaces using fiber. one at each floor.
the two CAT 4006 are also at two different floors but one with 3 blades is connected to the CAT 4510R using GBIC and fiber at the same floor and rack. all my main servers are on VLAN 2 connected to CAT 4510R plus users between the cat 4006 and the CAt 4510R.
on VLAN 3 are mostly servers connected to those two switches explained above.
Thx,
Masood
05-10-2006 03:00 AM
Hello Masood,
sorry for the delay I had lots of work in the office this week.
I'll be sending you the response shortly.
Vlad
05-10-2006 04:02 AM
Hello Massod,
I'm sending you a diagram with some switches and routers, which I think will clarify things for you.
You'll see routers, switches (layer2) and multi-layer switches.
You'll see different vlans distributed on the devices and routing between these vlans (done by both routers and multi-layer switches (mls)).
trunks will be used to carry more than 1 vlan between the switches
and "no switchport" will be used on the multi-layer switches to be used as routers ports.
I hope that with these configs, you'll be able to check different possibilities for the design you need.
Let me know.
Vlad
05-10-2006 06:14 AM
Hi Vlad,
Thanks for the files and I am sorry for not being able to check. I didn't get an email notification when you posted the stuff.
I will look at them and will let you know what I think.
Thanks man.
Masood
05-10-2006 08:21 AM
Hi Vlad,
I am looking at your diagram and see no connections between the CAT 3550s you have listed in the center of the dig connected to other, i beleive CAT 3550s or 3560s and the connection is shown in Green.
no connection between these switches and the rst of the network. Also, how VLAN 4 is connected to VLAN 2 and I don't see where VLAN 3 fits?
Also, I don't see any routers? are U using the L3 capabiities of the switches for routing between VLANs?
where is the edge of the network comparing your diag with that of mine?
Thanks,
Masood
05-12-2006 06:34 AM
Hello Masood,
I didnt check the jpg file create by visio, its really ugly , I'll send you a visio diag as soon as I get my machine back.
Let me try to respond your questions:
connection between the 2 catalyst is a trunk (in this case I used 2 links- etherchannel), this link will carry all vlans , 2,3,4,5.
the connection to the rest of the network from the cat3550 is done either by trunk (carrying more than 1 vlan), switchport (single vlan), or a router port( no switchport - configured with an IP)
vlan 2, 3, 4, 5 are "connected" through routing, the 3550 is doing the routing fuctions (commands: no ip routing , router eigrp,etc).
you can spread the vlans all around, 1 or more vlans going down any link, also you can connect routers directly to the 3550 as if it was another router.
I gave you a crazy sample of different possibilities to show you the use of the MLS 3550, so there's no hierarchy.
You can connect your edge router in any place in any vlan and still route using the 3550 or other router that connects to the 3550.
check the configurations I've sent, you'll see that the l3 switches will do the routing you need.
if you still need help, please send me a note directly. vladrac@mail2007.com
Vlad
05-17-2006 06:34 AM
Hi, This is Masood, did you get the Viso Diag completed?
Please send me that diag if you have it as I am sure it will help me understand what is going on so that I can make a test model before immplemeting on my network.
Thx,
Nasood
05-17-2006 09:35 AM
I think the solution for your problems will be better understood with the following link.
the best resource is always www.cisco.com
Configuring Layer 3 Interfaces:
Let me know,
btw, if these post were in any help, I'd appreciate if you rated it.
Vlad
05-10-2006 10:20 AM
Hi Masood,
Trunking is the process of carrying multiple VLANS on a switch to switch link. My interpretation of your query is you need to 'route' traffic between to separate VLANS. In order to do this you need either a router or a layer 3 switch (essentially a router) and you need to declare this device probably as a default router in your environment. Some Catalyst switches can act as layer 3 switches. To determine if your switch is capable of acting as a layer 3 device try entering the global config command 'ip routing'.
05-20-2006 08:09 PM
Hi and thanks for responding. Almost all my switches are L2/L3 Cisco CAT switches with two 3560 at the edge with knowledge of public network located between my two border routers and my Firewalls. My main switch is a Cisco CAT 4510 R with is a layer 2 and 3 switch with Cisco IOS and a few 3550s and 3512s around. I also have two CAT 4006s with CAT OS but these aren't my current concern as I know that I need to either use one of these swithes or a router to route between my VLANs. I do have a Cisco Router, a 2621 as my main router with its fa 0/1 is used for my two mian subnets (servers, devices, and users are on these two subnets 10.1.1.0 and 10.1.4.0) and the DHCP server is givng out IPs out of these two private subnets. the other interface on this router fa0/0 is used for 10.1.2.0 which is totally isolated subnets with a bounch of servers on it called Dev Environment. The AD guys want it this way.
Ok, now, when I take over this network I realized that those people who were looking after this network had created two VLANs, VLAN 2 (acting as the default VLAN 1 actually and used for managemnt of devices too) and VLAN 3 (VLAN 3 is for 10.1.2.0, i.e. the DEv Evironment, so bacically all of my devices, servers and users are on VLAN 2!!! and no trunking.....
I have provided a Diag of my network topology.
what I need to do is to find the best way to create a few more VLANs on my main network (10.1.1.0 and 10.1.4.0) and put all the servers on one VLAN; say VLAN 2 and few other segments and ten start to route between them by trunking. My problem is that the AD guys do not want to get involve and do not want (one of them my boss) to do IP renumbering so i need to do this at the L2 (by MAC addrss may be) and then use the router or (I can upgrade my main router to provide more interfaces with more mem and processing power) and use t to route between VLANs. this router is also used to connect us to a remote office where we have our Web Servers hosted via a T1 point-to-point as we are an online business so I need to be very carefull with this mission and have all the server and web Servers at this locations and my remote locations (10.5.1.0) on a same VLAN and then user on different VLANs by segmenting departments.
Now, you see my delema and the challange that I am facing. how this can be done slowly and gradually. first adding one more VLAN put all the servers on it (also, back interfaces and clustering of servers in mind) and users on another, then, start trunking and see how it works. if all goes well then I can start creating more VLANs and that would be the easy part and point them to the trunk Interface / Link.
Your thoughts will be greataly apreciated.
Thx,
Masood
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide