cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
505
Views
0
Helpful
2
Replies

Bridging between VLAN interface and port-channel interface

Rik Guyler
Level 1
Level 1

Here's the overview:

We have a customer who will be accessing managed services located in our data center.  I have a 1941 router (with a 4-port ESW) at the customer site and a 3750 stack in our data center that has the managed resources attached.  The two are connected via dual wireless bridge links, which on the router are both connected to the physical interfaces.  The ESW card will connect into the customer's LAN.

My goal is simply to extend their LAN into a VLAN on the 3750 stack so we don't have to change all the client devices by being able to leave the server addresses where they are.  I've tried several methods to bridge this end-to-end but haven't been successful.  From what I can tell, the biggest issue is getting bridging established between the VLAN interface and the port-channel interface on the router (which is on the two physical interfaces).  For some reason the bridge group can be applied to both the VLAN and PO interfaces but it just doesn't work.  I can get from the PO back to the 3750 just fine but when I source it from the VLAN interface the bridge just doesn't work.

I've been looking at dot1q tunneling and L2 tunneling but I'm stumped how to make those work with just the two devices.  In other words, how to participate in the tunneled VLAN on the same device terminating the tunnel.  I tried bridging over GRE but again, the bridging issue within the router just seems to be the underlying issue.

If anybody has any suggestions, ideas or just pointers to documentation I would be totally grateful!

Thanks!

RG

2 Replies 2

Rick Arps
Level 4
Level 4

You could hook the bridge into a port on the esw module.  This would let you trunk their data vlan over the wireless link, as well as the native vlan, where you could do your routing.

Is there any reason to do a layer 3 link to the site?  It seems like you could just remove the router and put a switch in instead.

Hope this helps

Rick

Well, I don't have a compelling reason to use L3 at this point.  Originally the plan was to use VRF over L3 links for path isolation but the migration path created by changing the server addresses was ugly so I decided to go the L2 way after the router was purchased.  I still prefer the VRF method for security reasons so I'll probably keep the router in there.  I guess I could just run everything into the ESW card and put it all in the same VLAN.  Doesn't get any easier than that. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco