01-10-2008 01:03 PM - edited 03-05-2019 08:24 PM
Hi Guys,
I have a environment with only 1 1841 router that has 6 interfaces (2 came with the router and 4 from an HWIC 4-port card we added to the Router)
We also have a 24-port 2950 switch
Currently we have 5 VLANS and for every VLAN we connect one of the Router's interfaces to that VLAN so it can serve as the default gateway. As you know, this is not very scalable because we lose ports on the switch and interfaces on the router. We don't want to create virtual interfaces on this router.
What we want to do i if we can use a 2811 instead of the 1841 and buy a Network Module with 24 or perhaps 36 ports in it and use this setup as layer 3 switch.
Any ideas if this will be the route to go?
01-10-2008 01:10 PM
Hi
Haven't costed up a 2800 recently but i would have thought replacing your 2950 with a 3560 switch and doing all the inter-vlan routing on there would be more cost effective than a 2811 + a network module to go in it.
Jon
01-10-2008 01:13 PM
Why not just setup 1 switch port as a 802.1q trunk and connect that to 1 port on the 1841. Then just build vlan sub interfaces for each vlan and your done. The only thing you may have to do is upgrade IOS to IP plus or equivalent if you don't already have it.
sample 1841 config.
int fa 0/0
no shut
dup full
speed 100
!
int fa 0/0.100
encap dot1q 100
ip add 10.1.100.1 255.255.255.0
!
int fa 0/0.200
encap dot1q 200
ip add 10.1.200.1 255.255.255.0
!
int fa 0/0.300
encap dot1q 300
ip add 10.1.300.1 255.255.255.0
!
sample 2950 config
int fa 0/1
switch mode trunk
switch trunk encap dot1q
switch trunk allowed vlan 1,100,200,300,1002-1005 <---optional if you want more security.
!
01-10-2008 01:18 PM
Robert
Yes you could do this as well but Angel did say he did not want to use virtual interfaces which i took to be subinterfaces as well.
Come to think of it maybe he didn't mean that :)
Jon
01-10-2008 01:41 PM
yes, and one of the reasons I said that is because I've heard that performance decreases because all of your VLAN's traffic is going thru that 10/100 single interface.
So I read and read and found out that a layer 3 switch is a much better solution.
But again, there is a reason why I am asking here... because I am not an expert :(
We have outgrown our 1841 setup and we have a 2811 sitting not doing anything so we are thinking what is the best thing to do..
01-10-2008 01:45 PM
Ah okay, you didn't mention that you had a 2811 router lying around.
So yes you could purchase a network module which is based on the 3750 switch anyway and do what you want. I don't know the difference in price between a 3560/3750 standalone switch and the 2811 network module.
A layer 3 switch is definitely the way to go and personally i would go with a standalone switch but being honest that's because i haven't really used the 2800 network module that much.
Perhaps someone else could comment.
Jon
01-10-2008 02:00 PM
Jon thanks for the responses... and yes, those layer 3 switches I've heard they can do some damage, but are a bit too pricey for us.
So given the fact that we have a 2811 laying around collecting dust, I am thinking on using it because it is a lot better and more robust than the 1841 (based on a quick research I did, please confirm if I am correct)
Also, I have never touched a Network Module, so I don't even know if you could set them up in such a way that they can perhaps simulate layer 3 functions.
angel
01-10-2008 02:08 PM
Angel
The network modules actually run the 3750 software so yes you can create vlans, L3 vlan interfaces, trunks etc. as you would on a 3750.
Have just checked the data sheet though. Looks like the 2811 only supports the 16 port etherswitch module. The 24 and 36 port modules are not supported on the 2811. See attached link.
http://www.cisco.com/en/US/products/ps5855/products_data_sheet0900aecd8028d15f.html
Jon
01-10-2008 02:15 PM
Angel
Sorry i forgot to mention. You may only be able to use a 16 port module but that is fine for you. You can keep your 2950 switch for port capacity and link it to the network module with a L2 trunk and then you just create the L3 vlan interfaces on the 2811 network module.
Jon
01-10-2008 02:28 PM
yes, I was just looking at the same link. It is sad that it can't take the 36's but at least it takes the 16.
Oh and great stuff about the module, now I know that it can do layer 3 functions inside and that I can setup my VLANs in this module, without the need to waste a port for every VLAN. :)
So, given a 2811, a 16-port module, and a 2950 switch, how would you go about setting up the best solution for what I need to get done? basically I will be growing to 15 Vlans soon and I only have about 4 to 8 hosts on each
01-10-2008 02:31 PM
oh, what is the difference between a
One 16-port 10/100 EtherSwitch service module, 1 10/100/1000 port, and IP Base
and a
One 16-port 10/100 Cisco EtherSwitch service module with802.3af, 1 10/100/1000 port, and IP Base
?
Is it the power over ethernet thing?
Im not too sure :(
01-10-2008 02:37 PM
Fairly straightforward.
Obviously insert the network module into your 2811.
Then connect the 2950 to one of the 16 ports. Configure this as a trunk on both ends. NOTE: check your VTP setup as you do not want the network module overwriting your vlans on the 2950. Just to be sure make your 2811 VTP transparent to start off with, then configure it as a VTP client.
Ensure the trunk is working. Configure the 2950 as a VTP server with a domain name and then make sure you add the same domain name to the 2811 net module.
The vlans that are on the 2950 should then show up on the 2811 net module. Up to you but i would probably then make the 2811 net module a VTP server and the 2950 a VTP client.
Assuiming you do this you can add a vlan to the 2811 and it will get propogated to the 2950.
On the 2811 net module create L3 vlan interfaces for each of the vlans you want to route.
Then you can either connect the 2811 to the 1841 or just remove the 1841 and replace completely with 2811.
802.3af means it supplies PoE - Power over ethernet, useful for running VOIP phones or wireless access points.
Jon
01-10-2008 02:46 PM
jon greatt. I will definitely use this recommendation.
Also, I will then assume that all this inter-vlan routing stuff will happen within the module and then when each of those VLANs want to communicate with another host in the other end of the VPN tunnel (for every VLAN, I have 2 or 3 different subnets they communicate with via a l2l tunnel), these packets will properly get routed from within the module, to the outside interface of the 2811 which will then send them to their destination???
excuse the simple questions, but I am still learning
01-10-2008 03:11 PM
No need to apologise for the questions, that's what NetPro is for after all.
Think of the network module as a L3 switch that you just happened to have slotted into your 2811 router.
So to answer your question yes you can route between the network module and the 2811 router so you should be able to do what you need to.
Jon
01-10-2008 03:12 PM
Forgot to say thanks for the ratings and feel free to ask as much as you need to.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide