• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3526
  • Last Modified:

Using Routers And VLANS Over AT&T's Opt-E-Man

I have 2 sites on AT&T's Opt-E-Man.  Presently, they are connected via a Cisco 6509 at the main data center to AT&T's Cisco 3560 then to the cloud.  At the remote sites, AT&T's Cisco 3650 hands it off to a Cisco 3570 and on to the users.  The problem with this setup is that AT&T has a 50 MAC address per site limit so we have to pay extra every month for any number over that.  A router will show up as just one MAC address to AT&T.  Also, I have Packeteer PacketShapers that I can't use without a router.
What I want to do is connect them all with a Cisco 3640 at each site and a Cisco 7204 at the main site using FastEthernet ports.
This is all I can get from AT&T on the subject:

Cisco routers that support 802.1q:
The following configuration is required by any Cisco Systems, Inc. router running IOS software and attempting to use a routed interface to connect to a Layer2 vlan interface.

Interface Fastethernet 1/0.100
Encapsulation dot1q 2 (vlan 2 is configured for this sub interface)
Ip address 10.1.1.1 255.255.255.252

Interface Fastethernet 1/0.200
Encapsulation dot1q 5 (vlan 5 is configured for this sub interface)
Ip address 10.1.1.2 255.255.255.252

I've also heard that VLANs over IP unnumbered subinterfaces is a possibility, but I can't quite grasp the concept.

Thanks in advance for your time.
0
dbarr57
Asked:
dbarr57
  • 4
  • 3
5 Solutions
 
Don JohnstonInstructorCommented:
Your 6509 and 3570 are both multilayer switches. Why introduce another router when you've already got that capability with your existing equipment?

Just create a VLAN 2 and 5 interface and trunk to AT&T.
0
 
dbarr57Author Commented:
Because AT&T has a 50 MAC address per site limit so we have to pay extra every month for any number over that.  A router will show up as just one MAC address to AT&T.  Also, I have Packeteer PacketShapers that I can't use without a router.
0
 
Don JohnstonInstructorCommented:
I know. What I'm saying is that the 6509 and 3570 are multilayer switches... They ARE routers.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
lrmooreCommented:
Don is correct. You can create the same L3 routed interfaces on both the 6509 and the 3750. The issue is that you will have to have separate IP subnets on both sides since you will be routing between them. Not sure why there are two vlans, but I assume for redundancy or voip.

Example on the 3750
vlan 2
vlan 5
 interface Gigabit 0/0/24
  switchport mode trunk
interface vlan 1
 ip address 10.100.222.1 255.255.255.0  <== all local users are in this subnet
 interface vlan 2
  ip address 10.1.1.2 255.255.255.252
 interface vlan 5
  ip address 10.1.2.2 255.255.255.252
ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip route 0.0.0.0 0.0.0.0 10.1.2.1

Use same basic config on the 6509. Make sure no other interfaces are assigned to vlan2 or 5.
0
 
dbarr57Author Commented:
Thanks everyone.  I understand, but let's pretend my life is at stake and I have to use the 7204 and 3640s.

The 7204 is at one site on VLAN 1, a 3640 is at another site on VLAN 2 and a 3640 is at a 3rd site on VLAN 5.  Each has a link into the Metro Ethernet cloud.

For starters, do I make sub-interfaces on each router and give it an IP address like so:
Router>en
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int f1/0
Router(config-if)# int f1/0.2
Router(config-subif)#encapsulation dot1Q 2
Router(config-subif)#ip add 10.1.1.2 255.255.255.252
Router(config-if)# int f1/0.5
Router(config-subif)#encapsulation dot1Q 5
Router(config-subif)#ip add 10.1.2.2 255.255.255.252
Router(config-subif)#

Am I on the right track?
0
 
Don JohnstonInstructorCommented:
Are you required to have a trunk to AT&T? If so, what are the requirements of the trunk? (protocol, vlans, etc.)
0
 
dbarr57Author Commented:
According to AT&T, they are trunking dot1q and otherwise passing any and all traffic and VLANs.
0
 
Don JohnstonInstructorCommented:
The only reason to have a trunk is if you want to carry traffic from multiple VLANs over a single ethernet link.

As you are wanting to have a router between your network and the AT&T link, there's no need for a trunk. Just configure the interface that connects to the AT&T link as a layer 3 interface and assign an IP address to it. Then do the same at the other location.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now