They are on the same physical interface but different logical interfaces. The simplest option is to use ACLs on the logical interfaces to prevent the two subnets from talking to one another. A better solution will be to separate them into VRFs using VRF Lite feature if available on the router, however, you need to carefully look at whether there are any shared services between the two VRFs.
My understanding is that the switches are being used purely as Layer-2 switches in your environment. If yes then VRF support is not required on the switches as VLANs maintain the required separation. VRF configuration is only required on your gateway router.
ACLs are also required at the Layer-3 interfaces on the routers.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...