Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Segment a public IP block into multiple smaller blocks

I have a requirement to emulate our customer's network in our lab. The customer has three separate WAN coming in and they are used to communicate with the internal servers with different purposes. Now I only have a single WAN handoff from our ISP with enough IPs to cover the requirements. How do I segregate it on a switch to satisfy the emulation?

Hardware: Cisco 6500

Public IP: 64-IP block

Want to:

Segment in to 32, 16, and 16 IP blocks;

Each block should has its own gateway and its clients can access the Internet.

I believe this is what ISP do to provide their customers with different block size of IPs. I am knowledgeable on how VLSM works. I am seeking for the information how the switch needs to be configured. A sample configuration or a online doc would be greatly appreciated. Please kindly advise.

3 REPLIES
Hall of Fame Super Gold

Re: Segment a public IP block into multiple smaller blocks

Hi,

just configure three VLAN interfaces with mask /27 and /28 carving off the public prefix. If your link to the internet router is not on the 6500, use another subnet / vlan (private address) to connect to it. That's it.

Hope this helps, please rate post if it does!

New Member

Re: Segment a public IP block into multiple smaller blocks

Thanks for your prompt response. Here is what I've done--

ISP provided:

64-IP block: 5.5.5.0/26

ISP side gateway: 5.5.5.1

On my Switch:

interface Vlan2

ip address 5.5.5.33 255.255.255.240

!

interface Vlan3

ip address 5.5.5.49 255.255.255.240

!

interface Vlan4

ip address 5.5.5.2 255.255.255.224

!

ip classless

ip route 0.0.0.0 0.0.0.0 5.5.5.1

!

I have the client gateways set to the IP address of each VLAN (5.5.5.2, 5.5.5.33 and 5.5.5.49). Only the clients on VLAN4 can access the Internet. Others show "Destination unreachable" when ping public IPs. Ports to clients on different VLANs are correctly configured and clients can ping their gateways.

Hall of Fame Super Gold

Re: Segment a public IP block into multiple smaller blocks

Yes. The thing is that the ISP gateway at 5.5.5.1 believes that the whole /26 subnet is directly connected to his interface, thing that of course is not true. To work around that, make sure that you have "ip proxy-arp" enabled at least on vlan4 interface. Also, do a tracert on the PC's and let's see where it ends.

198
Views
0
Helpful
3
Replies
CreatePlease to create content