Question

Configure VLAN to route 2 subnets. Need to combine 2 class C subnets

Asked by: ecszone

I have these 3 switches.  I use a class C 192.168.10.0 subnet.
I ran out of available hosts (almost)  I have two options.
supernet my existing subnet or route two subnets.

Im told routing is the best practice?
soo...
I have no idea how to do this.  I just have the default vlan. I dont really know what all the vlan terms are.
trunking? tagged, untaged etc...??? But I could figure it out with a little guidence

I simply want all 3 switches to be able to route 192.168.10.0 and 192.168.11.0 as if they were the same subnet.

I prefer the GUI as I dont know much about the CLI, but whatver it takes I guess.  Points split largly for soluiton and some for any dumbed down explaination of what all the terms mean as I prefer to undersand what im doing.

thanks!

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2008-12-15 at 12:48:44ID23986612
Tags

Hewlett-Packard

,

Procurve switch

,

2848

Topics

Network Design & Methodology

,

Network Switches & Hubs

,

Windows Networking

Participating Experts
2
Points
500
Comments
32

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. routing vlans and trunking
    Hi, I am a bit of a beginner on Cisco programming and need some help with syntax. I have a moderate knowledge of networking concepts and understand the principles of dot1q and trunking; however here is my situation. I have a Cisco 3550 (L3) switch and two separate 2950 switch...
  2. 3Com VLAN/Subnetting
    Hello, We currently run a Windows 2000 mixed domain using a class C subnet (192.168.100.0/24). We're expanding to another floor and we're running out of IP addreses. Our switches are 3Com 4400's and are considering buying a 4924 as a layer 3 device. I'm thinking of adding an...
  3. VLAN Trunking and Routing
    Here is my situation, I have 1 Dell Powerconnect 6224 Layer 3 switch and 4 3448 Dell Power Connect Switches. I am trying to create multiple VLANS that are routable. In testing I have set up VLANs 10 and 20. I have set up trunk ports, one on the 6224 (g24) and one on the 3448 ...
  4. Subnet supernetting
    Dear all expert My organization is using class C network, we are facing lack of IP, so i am going to reconstruct subnet to maximum IP size, this best method is using supernetting change 255.255.255.0 to 255.255.252.0, have 1022 IP use, but will it make network slower after ...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: mikebernhardtPosted on 2008-12-15 at 15:43:13ID: 23179304

The easiest thing, I think, would be to supernet the subnet. I don't know if you are using DHCP but if you are, just change the subnet mask in your scope to 255.255.254.0. Arrange to reboot all the machines and then you can start handing out addresses in 192.168.11.0 without any problems.

If you have layer 3 switches, then you can route between 2 vlans. But I'm only cisco-knowledgeable so for configuration I'm not sure I can help you.

 

by: QuoriPosted on 2008-12-24 at 13:48:50ID: 23242063

HP ProCurve VLAN jargon:

Tagged ports = trunks between switches that carry vlan routing information
Untagged = ports connected to end devices (PC's, computers) and are essentially 'member' ports
Trunks = switch inter-connects that allow a vlan on one switch to communicate with an identical vlan on another, or other vlans on another, etc.

You're in luck - the 2848 is a layer 3 switch, so the choice is now yours to walk down one path or the other. For long term scalability and general network performance improvement, VLAN'ing would best suite, however as Mike has said supernetting your current range would be a little bit easier.

If you choose the VLAN method, let me know and I'll write you up a step-by-step for what you need to do (providing you can give me a better idea of your topology).

 

by: ecszonePosted on 2008-12-30 at 09:39:17ID: 23264285

Changing the subnet would be hard due to the fact we have a mesh network and our gateways are mangaged by our ISP.  Plus we have alot of static IP's

I have a 2650 , 2824, and 2848;

I link both the 2650 and 2824 to the 2848 which is where i keep all my bandwidth intense servers etc.  

The 2824 has a vlan and trunk for our phone system.  They guy dint know HP and set it up on the cisco gateway to send between subnets as a router vs using the switch.  ( i dont really care bc the only time we go between subnets is to manage the phone system)

I think the trunk was done via CLI.  I can try and get that info from telnet.  here is a screenshot of the currrent vlan (which im not sure has anything to do with what I need to accomplish.)

At this time I dont really even care if the two subnets broadcast all traffic as if it was superneted  I am going to move my VPN appliance and all new servers to the new subnet.

We outgrew how I was doing it. we do not have a tun of users just alot of nodes and reservations. (ie i reserve 20 ips for coorporate visitors so they can get pop/smtp)

If i can get you more info just say so.


Thanks

 

by: ecszonePosted on 2009-01-06 at 09:16:11ID: 23306621

Quori

you there?  not a huge rush just making sure you know im waiting for your step by step.

let me know if you need more info

thanks

 

by: QuoriPosted on 2009-01-06 at 13:05:34ID: 23309241

Hi,

My apologies, I've not been well.

I shall do up a step by step today.

 

by: ecszonePosted on 2009-01-06 at 13:08:04ID: 23309272

take your time.  hope your feeling better.

 

by: QuoriPosted on 2009-01-06 at 13:11:29ID: 23309315

You said you have a VLAN for your phone system? Is this a VoIP system which you'll want to be plugging your handsets into the two access switches? Or...?

 

by: QuoriPosted on 2009-01-06 at 13:16:28ID: 23309379

Are devices from both subnets going to be co-existing on each switch?

 

by: ecszonePosted on 2009-01-12 at 15:03:39ID: 23358489

It is irrelivent I think.  the screenshot shows everying about it I think minus the trucking.

its just to keep broadcast traffic seperate. WE only do VOIP from office to office on a fully meshed MPLS network.  the only thing that plugs into that network is the avaya phone system.

 

by: QuoriPosted on 2009-01-12 at 15:46:41ID: 23358723

Well, it isn't irrelivant as we need to know if the different VLAN's will exist on the other switches - so are trunks needed or can we just take the uplink port as a normal member, etc.

 

by: ecszonePosted on 2009-01-13 at 05:40:36ID: 23362380

the voice vlan is onlly on one switch.

Voice Vlan:

Ports 1-2 are untagged / Ports 3-22, 24 are "no" / port 23 is "tagged"

Default Vlan:

Ports 1-2 are "no" / ports 3-24 are untagged

=======================

I dont know if that helps.  I dont fully get this stuff so it could be significant.  he explained it to me that to go from my main network and telnet to the phone system I hit my default gateway (main firewall cisco router that does our firewall/QOS and MPLS VPN).  the cisco router knows about the voice vlan and sends it back the same physical wire on the voice vlan and i connect. So the switch is not doing anything as far as routing.

I dont know the CLI well, but ill try and get some info out for you:

================================


switch0# show vlans
 Status and Counters - VLAN Information
  Maximum VLANs to support : 8
 Primary VLAN : DEFAULT_VLAN
 Management VLAN :
  802.1Q VLAN ID Name         Status     Voice Jumbo
 -------------- ------------ ---------- ----- -----
 1              DEFAULT_VLAN            No    No
 3              Voice                   No    No

-----------------------------------------

switch0# show config (pasting information that may help only)

ip default-gateway 192.168.10.254


snmp-server community "public" Unrestricted
vlan 1
  name "DEFAULT_VLAN"
  untagged 3-24
  ip address dhcp-bootp
  no untagged 1-2
  exit
vlan 3
  name "Voice"
  untagged 1-2
  tagged 23
  exit

show trunk does not seem to produce anything... could have sworn he did something with trunking, but maybe not.

anything you want me to do from CLI just let me know

 

by: QuoriPosted on 2009-01-13 at 12:54:25ID: 23367181

To explain this a bit to you - trunking (making a trk port) is only used if you want to send data from multiple VLANs down a single cable to another switch. Once you make the trunk port you then 'tag' it to the VLANs you want to be supported over that trunk and between the two switches.

Since the VLANs are already there, we only need to do a couple things from the command-line.

** TAKE CONFIG BACKUP FIRST **

#1 - Enable IP routing on the distribution layer switch
enable
conf t
ip routing

#2 - add an IP address to both the data and voice VLANs (you can change these values)
enable
conf t
int vlan 1
ip add 192.168.10.1 255.255.255.0
int vlan 3
ip add 192.168.11.1 255.255.255.0


Once you've done the above, check the routing table and do a traceroute from a computer to the telnet interface of your phone system and look at the path it takes.
If all goes pear-shapped, restore the backup config.

 

by: ecszonePosted on 2009-01-14 at 12:24:43ID: 23377049

Forgot i visio'ed this

Im about to try this... here is my visio though to confirm you understand how its setup.

if you see anyhthing setup like a networking noob let me know :D

 

by: ecszonePosted on 2009-01-14 at 12:25:39ID: 23377065

Also note I do not want to chagne the voice vlan to route on the switch. I dont want to mess with the cisco config since its hosted.

I just want to route the default vlan and a new vlan.

 

by: ecszonePosted on 2009-01-14 at 12:43:24ID: 23377256

the first command is failing me.. Epic fail :(

copy of doing a help "?"  you can see enable is an option.  below is what happens


enable                Enter the Manager Exec context.
exit                  Return to the previous context or terminate current
                      console/telnet session if you are in the Operator
                      context level.
link-test             Test the connection to a MAC address on the LAN.
logout                Terminate this console/telnet session.
menu                  Change console user interface to menu system.
ping                  Send IP Ping requests to a device on the network.
show                  Display switch operation information.
traceroute            Send traceroute to a device on the network.

switch0(config)# enable
Invalid input: enable

 

by: ecszonePosted on 2009-01-14 at 12:43:39ID: 23377259

how do you back this thing up anyway?

 

by: QuoriPosted on 2009-01-14 at 13:07:10ID: 23377511

Once you're in config mode you can skip the 'enable' and 'conf t' commands - I just give commands from the moment of login.

So, you're happy for routing to actually take place on the cisco router but want to be able to talk across VLANs without going through the router?

 

by: ecszonePosted on 2009-01-14 at 13:09:18ID: 23377534

For the voice Vlan that is fine.  once a month or so I connect to make a few second changeo n our phone system. Thats the only time the two vlans communicate.

For vlan1 and the new vlan I want it just to route directly at the switch.

 

by: QuoriPosted on 2009-01-14 at 13:12:50ID: 23377582

Ahhh, I thought the voice VLAN was the new VLAN. Whoops! :)

Takes me back to an earlier question - will the new VLAN be used on all switches? IE will hosts from one VLAN be sharing a switch with hosts from another VLAN?

 

by: ecszonePosted on 2009-01-14 at 13:15:35ID: 23377615

Yes.  Servers and VPN users will be on vlan2

there will be heavy traffic between the two.

 

by: QuoriPosted on 2009-01-14 at 13:28:16ID: 23377752

In that case, we need to consider a topology redesign (slightly!).

You currently have your switches daisy chained. You should have your main switch (called the distribution layer switch) be connected individually to each of your sister switches (access layer). For each access switch you should consider having two LACP bonded uplinks to the distribution switch.


** BACKUP CONFIG FIRST - copy the running-config to notepad or such **


Once we've done that, if you chose to, we enable IP routing on the distribution switch:
ip routing

Now, our VLANs. I usually like to use VLAN numbers that correspond to their subnet. So we have:
192.168.10.0/24 would be VLAN 10
192.168.11.0/24 would be VLAN 11

But you can leave .10 as VLAN 1 :)

So lets add IP's to VLAN 1
vlan 1
ip add 192.168.10.1 255.255.255.0

Let's add IP to VLAN 11
vlan 11
ip add 192.168.11.1 255.255.255.0

Lets create a trunk
trunk 24 trk1 trunk

** Note: This creates a virtual port 'trk1'. I've chosen this method over others for scalability - you will be able to support multiple uplinks to switches this way **

Now we need to add the trunk as a tagged port:
vlan 1
tagged trk1
vlan 11
tagged trk11

We also need to create the VLAN's on each of the access switches and tag the port:
trunk 26 trk1 trunk
trunk 48 trk2 trunk
vlan 1
tagged trk1,trk2
vlan 11
tagged trk1,trk2

Then simply add an 'untagged' port to the VLAN of choice to make it work in that VLAN and subnet.

 

by: QuoriPosted on 2009-01-14 at 13:29:02ID: 23377764

Double check the port numbers. :) Was hard to make out from the drawing.

 

by: QuoriPosted on 2009-01-14 at 13:36:52ID: 23377865

You may also need to add some static routes for each subnet pointing to the IP of the respective VLAN.

IE: ip route 192.168.10.0 255.255.255.0 192.168.10.1
And the same for .11

Then you'd have a default-gateway set for everything else.

 

by: ecszonePosted on 2009-01-14 at 13:37:17ID: 23377872

SO can i add these trunks to the existing uplink ports w/o effecthing current traffic?

 

by: QuoriPosted on 2009-01-14 at 13:38:24ID: 23377890

Nope. It would cycle the port.

Do it during your usual outage window.

 

by: ecszonePosted on 2009-01-14 at 13:39:06ID: 23377903

Does each vlan have an IP or does each vlan on each switch have an IP

ie:


switch0(config)# show ip
 Internet (IP) Service
  IP Routing : Enabled

  Default TTL     : 64
 Arp Age         : 20
  VLAN         | IP Config  IP Address      Subnet Mask     Proxy ARP
 ------------ + ---------- --------------- --------------- ---------
 LAN1         | DHCP/Bootp 192.168.10.201  255.255.255.0
 LAN2         | Manual     192.168.11.201  255.255.255.0   No
 Voice        | Disabled

Would the ip on the other switches also be 10.201 and 11.201?

 

by: QuoriPosted on 2009-01-14 at 13:40:07ID: 23377916

Only the VLANs on the distribution layer have an IP address. Let it handle the routing.

 

by: ecszonePosted on 2009-01-15 at 11:00:57ID: 23386497

What is the distribution layer?

Trying to figure out what your telling me vs what Im seeing ik found something in the manual about "multinetting"

says you can put multiple subnets on a single vlan.

im not worried about broadcast domains.  woudl this be easier?

whats the difference?

 

by: ecszonePosted on 2009-01-15 at 12:08:54ID: 23387206

Ill worry about bounding 2 links to dist layer later.

Maybe after I get a new switch as I dont have a tun of space. I keep my servers on the 2848.  so this will be the distribution switch with one uplink for now (for the sake of nodes and keeping this task one thing at a time.)  

ill create a second issue for the uplink later and link it here

 

by: QuoriPosted on 2009-01-15 at 13:13:19ID: 23387864

You hit the nail on the head. With that sort of traffic, you'd suffer a major performance loss due to broadcasts.

Distribution layer is the 'core' switch. So only the VLANs added to the 2848 will have IP's.

 

by: ecszonePosted on 2009-02-05 at 08:10:25ID: 23560735

SOrry I got bogged down with other things.

Im going to accept this. I spoke to hp support after locking myself out :p

I changed a few things.  I may need more help but you gave me a lot of guidence here. enough that I can figure it out i think.

If not ill post a link to a new question. I cant ask you to put more time into a single question!

So id appreciate if you monitor this for future posts with a link to a new question.

thanks for your help

 

by: QuoriPosted on 2009-02-05 at 13:31:46ID: 23564549

I have no problem putting as much time as needed into coming to a resolution.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...