cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
452
Views
5
Helpful
11
Replies

VLAN routing

WILLIAM STEGMAN
Level 4
Level 4

I'm not sure if this is possible, but I have a development group that has asked that their dev machines be assigned addresses from a certain subnet, a subnet that is different than the one assigned to the router's fa 0/0 int. Normally I would say that would prohibit this from working, but I have a mulitlayer switch, 3560, that uplinks to that WAN router's ethernet interface. So I'm trying to create a VLAN, 192.168.110.0, on a switch that uplinks to the multilayer switch. I can see the new VLAN on the other uplinked switches, but have no connectivity. With a machine plugged into the test vlan I can't ping beyond my gateway. I've assigned the VLAN the IP address 192.168.110.1, which is my client's gateway. I know it goes against layer 2 logic, but was hoping that traffic would get pushed to a layer 3 device and get routed. Is this possible? I guess my other option is to use the last ethernet interface on my router and NAT, but all their traffic would have to be first sent to the WAN router.

thank you,

Bill

11 Replies 11

farkascsgy
Level 4
Level 4

Bill,

So you would like to create VLANs on your multilayer switch (3560) and this device will do the routing between them instead of yor WAN router.

An Cisco 3560 you should enable interVlan routing with "ip routing" command, but usually Cisco 3560 is bought IOS what doesn't support routing so please check your IOS version a capabilities on the Feature navigator site of Cisco.

If I misunderastand your problem please create a simple drawing about your layout.

Bye

FCS

Please rate me if I helped.

The hosts are not directly plugged into the 3560, but are plugged into a switch that is uplinked to the 3560. The ip routing is enabled on the 3560, I currently have about 10 vlans running, but they all fall within the same class B subnet, 10.4.0.0. They all work fine, but it's the 192.168.110.0 subnet I can't seem to get working.

Does your WAN router know how to get to 192.168.110.0/24 subnet? If it doesn't then can you add a static route to point to the 3560's next hop IP address.

my bad, i forgot to add the vlan ip address on my multilayer switch. I'm still kind of suprised this works, I was under the mistaken impression that the vlans had to be within the class B range assigned to me. Thank you.

Hi,

If you can ping your gateway but nothing beyond it then the possible problems are:

1. Other routers in your network doesn't know how to route to the newly created VLAN.

2. IP routing mayn't be enabled on the layer 3 switch.

3. IP/subnet mask on the host may be misconfigured.

Hope this helps!

Sundar

on my 3560 switch, when doing a sh ip route, my other vlans show up as directly connected, but this new one does not show up at all. However, from the 3560 a sh vlan does reveal the new vlan

3560 vlan 1 IP 10.4.0.84

|

2950 default gateway 10.4.0.84

show vlan only shows you the layer 2 vlans that are created and active. You need to configure an SVI i.e, vlan interface, on the 3560 and assign it an IP address to act as the gateway to route inter-vlan traffic. You should be configuring this on the 3560 and not on the 2950 as it doesn't support routing.

On 3560:

int vlan (#)

ip add 192.168.10.1 255.255.255.0

my bad, i forgot to add the vlan ip address on my multilayer switch. I'm still kind of suprised this works, I was under the mistaken impression that the vlans had to be within the class B range assigned to me. Thank you.

Glad to hear the issue is resolved :-)

Not sure, what do you mean by address assigned to you. These are private addresses that you choose to use in your network, correct? You can use any subnet mask, as you desire, for your internal networks.

HTH

Ted Haubein
Level 1
Level 1

When you define a VLAN ( int vlan x ) you need to be sure and define it in the VLAN DATABASE. 3550 and 3560 are Layer 3 capable switches

plus a whole lot more. Be sure to check and see if the VLAN is Up or Down. If the VLAN is down you haven't defined it in the VLAN DATABASE( VLAN.DAT ).

Be sure you have enabled ip routing on the switch. Without this statement you won't be able to route between VLANS.

Be sure you no the location of your VTP Server. I would recommend setting all your other Switches to VTP Client mode. This will help you control where and when VLANS are defined.

Be sure that all your VTP Client switches have Layer 3 routing enabled on them as well. Just because you can see the VLAN on your other Switches only means that you have a Trunk between your switches and that they have updated their VTP

configuration number.

You don't want your traffic being forwarded to the Layer 3 routing engine on the Switch if at all possible. When this happens it called punting. Once the adjacency table is built

( CEF ) will handle the routing. CEF needs two pieces information Layer 3 and Layer 2

address. If possible let the router handle all the Packet Switched Traffic only.

I hope this helps...

We have 3560 with ip routing enable, and route traffic between two vlan interfaces sucessfully. But how can we monitor traffic volume that is routed by 3560? snmp-counters on those two vlan interfaces show only packets that destined to ip address of those vlan interfaces, not traffic that routed through it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: