Using Routers And VLANS Over AT&T's Opt-E-Man

I have 2 sites on AT&T's Opt-E-Man.  Presently, they are connected via a Cisco 6509 at the main data center to AT&T's Cisco 3560 then to the cloud.  At the remote sites, AT&T's Cisco 3650 hands it off to a Cisco 3570 and on to the users.  The problem with this setup is that AT&T has a 50 MAC address per site limit so we have to pay extra every month for any number over that.  A router will show up as just one MAC address to AT&T.  Also, I have Packeteer PacketShapers that I can't use without a router.
What I want to do is connect them all with a Cisco 3640 at each site and a Cisco 7204 at the main site using FastEthernet ports.
This is all I can get from AT&T on the subject:

Cisco routers that support 802.1q:
The following configuration is required by any Cisco Systems, Inc. router running IOS software and attempting to use a routed interface to connect to a Layer2 vlan interface.

Interface Fastethernet 1/0.100
Encapsulation dot1q 2 (vlan 2 is configured for this sub interface)
Ip address 10.1.1.1 255.255.255.252

Interface Fastethernet 1/0.200
Encapsulation dot1q 5 (vlan 5 is configured for this sub interface)
Ip address 10.1.1.2 255.255.255.252

I've also heard that VLANs over IP unnumbered subinterfaces is a possibility, but I can't quite grasp the concept.

Thanks in advance for your time.
dbarr57Asked:
Who is Participating?
 
lrmooreCommented:
Don is correct. You can create the same L3 routed interfaces on both the 6509 and the 3750. The issue is that you will have to have separate IP subnets on both sides since you will be routing between them. Not sure why there are two vlans, but I assume for redundancy or voip.

Example on the 3750
vlan 2
vlan 5
 interface Gigabit 0/0/24
  switchport mode trunk
interface vlan 1
 ip address 10.100.222.1 255.255.255.0  <== all local users are in this subnet
 interface vlan 2
  ip address 10.1.1.2 255.255.255.252
 interface vlan 5
  ip address 10.1.2.2 255.255.255.252
ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip route 0.0.0.0 0.0.0.0 10.1.2.1

Use same basic config on the 6509. Make sure no other interfaces are assigned to vlan2 or 5.
0
 
Don JohnstonInstructorCommented:
Your 6509 and 3570 are both multilayer switches. Why introduce another router when you've already got that capability with your existing equipment?

Just create a VLAN 2 and 5 interface and trunk to AT&T.
0
 
dbarr57Author Commented:
Because AT&T has a 50 MAC address per site limit so we have to pay extra every month for any number over that.  A router will show up as just one MAC address to AT&T.  Also, I have Packeteer PacketShapers that I can't use without a router.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Don JohnstonInstructorCommented:
I know. What I'm saying is that the 6509 and 3570 are multilayer switches... They ARE routers.
0
 
dbarr57Author Commented:
Thanks everyone.  I understand, but let's pretend my life is at stake and I have to use the 7204 and 3640s.

The 7204 is at one site on VLAN 1, a 3640 is at another site on VLAN 2 and a 3640 is at a 3rd site on VLAN 5.  Each has a link into the Metro Ethernet cloud.

For starters, do I make sub-interfaces on each router and give it an IP address like so:
Router>en
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int f1/0
Router(config-if)# int f1/0.2
Router(config-subif)#encapsulation dot1Q 2
Router(config-subif)#ip add 10.1.1.2 255.255.255.252
Router(config-if)# int f1/0.5
Router(config-subif)#encapsulation dot1Q 5
Router(config-subif)#ip add 10.1.2.2 255.255.255.252
Router(config-subif)#

Am I on the right track?
0
 
Don JohnstonInstructorCommented:
Are you required to have a trunk to AT&T? If so, what are the requirements of the trunk? (protocol, vlans, etc.)
0
 
dbarr57Author Commented:
According to AT&T, they are trunking dot1q and otherwise passing any and all traffic and VLANs.
0
 
Don JohnstonInstructorCommented:
The only reason to have a trunk is if you want to carry traffic from multiple VLANs over a single ethernet link.

As you are wanting to have a router between your network and the AT&T link, there's no need for a trunk. Just configure the interface that connects to the AT&T link as a layer 3 interface and assign an IP address to it. Then do the same at the other location.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.