Solved

Help with Vlan creation and assignment

Posted on 2008-10-15
13
966 Views
Last Modified: 2012-05-05
Let me start by saying I am a beginner with cisco routers, I am studying for my CCNA, and just got ahold of a Cisco 2811 router. It has a 4 port HWIC card in it. Like I said I am studying for the CCNA exam, so I am trying to try all possible configurations.

What I wanted to do was subnet a class A network ( 10.0.0.0 ) into 4 subnets using 255.192.0.0, easy enough. Then I wanted to assign the four subnets each to it's own port on the HWIC card, so 10.0.0.0 to fa 0/0/0 and 10.64.0.0 to fa 0/0/1 and so on. Then I wanted to cable each port to different floors in my house and use the fourth subnet to connect to a WAP so wireless had its own subnet.  As I said there is no real need for this at my house, but I want to know how to do.  So I began, and discovered that L2 Links can not have ip addresses assigned to them.  Someone said that in order to use these ports you need to assign them to a vlan, but I can't figure out how to create multiple vlans in the router, assign each port to its own vlan, and then assign each vlan to pull from a specific dhcp pool so it stays in it own subnet. Lastly, I guess since I am using multiple vlans, i will need to trunk them all together so I can transfer info between them all??

Thanks for the help.
0
Comment
Question by:pcradduck
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22720917
int vlan 1
 ip address 10.0.0.1 255.192.0.0
int vlan 2
 ip address <whatever>
int vlan 3
 ip address <whatever>
int vlan 4
 ip address <whatever>

int FastEthernet0/0/0
 switchport mode access
 switchport access vlan 1
 no shut
int FastEthernet0/0/1
 switchport mode access
 switchport access vlan 2
 no shut
int FastEthernet0/0/2
 switchport mode access
 switchport access vlan 3
 no shut
int FastEthernet0/0/3
 switchport mode access
 switchport access vlan 4
 no shut

Trunking is used to pass tagged vlan traffic for multiple vlans.  Based upon your description, I don't see that as necessary.
0
 

Author Comment

by:pcradduck
ID: 22720970
1. So if I dont truck will all the vlans be able to pass information to each other?
2. How to I make sure each VLan or Phycial port assigned to the vlan only assigns addresses in the subnet to which the Vlan belongs?

0
 

Author Comment

by:pcradduck
ID: 22721063
One more question, When I went to assign FastEthernet0/0/1 to VLAN 2 it said please add it to Vlan database. I guess when I ran int vlan 2 ip address 10.64.0.1 255.192.0.0 this did not add the VLan to the database?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721234
1) unless you block traffic between VLANs, the router should take the packet coming into the interface, read the destination IP address, understand that it is local and deliver it.
2) are you planning on using the router as a DHCP server?
3) this is typical of some Cisco switches, try:
    # vlan database
       vlan 2 name This_is_vlan_2 state active
       vlan 3 name This_is_vlan_3 state active
       vlan 4 name This_is_vlan_4 state active
       apply

Change "This_is_vlan_x" to whatever string (no spaces) that you want to use to describe the network on that vlan.

Vlan 1, by default, is the management vlan.  You can change the management vlan or you can choose to not use the management vlan 1 for your interfaces but instead use vlans 2 through 5.
     
0
 

Author Comment

by:pcradduck
ID: 22721265
I was hoping to use the router as the DHCP server in this case,
does it have the ability to assign different pools, I have 4 set, to different vlans?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721424
I believe so.

Can you configure:

ip dhcp pool VLAN-1
 network 10.0.0.0 255.192.0.0
 default router 10.0.0.1
 dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool VLAN-2
 network 10.64.0.0 255.192.0.0
 default router 10.64.0.1
 dns-server <ipaddress_1> <ip address_2>

etc.

Insert the dns-server IP addresses, no symbols (< >).

You'll also need to perform NAT for Internet access.
0
 

Author Comment

by:pcradduck
ID: 22721486
Yeah,
I ran
ip dhcp pool 10.0.0.0/10
network 10.0.0.0 255.192.0.0
default router 10.0.0.1
dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool 10.64.0.0/10
network 10.64.0.0 255.192.0.0
default router 10.64.0.1
dns-server <ipaddress_1> <ipaddress_2>

and so on, so I have four pools, but whats the command to assign each pool to each vlan?  would I do that under the vlan config?

I will google NAT setup, but if I have any questions you know where I will post.

thanks for all this help by the way.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721678
The pool used to assign an IP address to the client is determined by the interface IP address (vlan interface) that the packet arrived in.

NAT:

config t:
 int vlan 1
  ip nat inside
 int vlan 2
  ip nat inside
 int vlan 3
  ip nat inside
 int vlan 4
  ip nat inside
 
int F0/0                  ! or whatever the public interface is called
 ip nat outside

access-list 1 permit 10.0.0.0 255.0.0.0
ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>
ip nat inside source list  1 pool My-Public-Interface overload

My-Public-Interface is a string that can be more descriptive.

<my.ip.address.start> defines the first public IP to use

<my.ip.address.stop> defines the last public IP to use

Both "start" and "stop" may be the same IP if there is but one public IP address.

<my.prefix.length> is the netmask of your public IP address(es) in prefix form, for example:
  /24 = 255.255.255.0
0
 

Author Comment

by:pcradduck
ID: 22721955
I will try getting natting setup here in a little bit, one last question

The DNS servers are my ISP's, none inside my house (big suprise), I enabled RIP route for 10.0.0.0, will rip learn and forward the DNS requests to my ISP's DNS servers, or do I need to setup some kind of route?

Did i need to enable RIP?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22722103
If you have but one layer 3 device, you don't need RIP (sorry, yuck).  RIP/OSPF/IS-IS is used for exchanging route information between devices to build the routing table.  They have nothing to do with forwarding the packets.

So, get rid of RIP and if you have a default route to your upstream gateway, then all packets not in the routing table will, by default, get routed to your gateway for handling:

  ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>
0
 

Author Comment

by:pcradduck
ID: 22722297
so i need one static route to point to my ISP Modem that will be plugged into fa 0/0?
if that is true then would it be

ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>

<ip.address.of.gateway> = the ip address my ISP gives fa 0/0 when I plug in my modem?

do I need to run
int fa 0/0
ip address DHCP

in order to allow fa 0/0 to get the ip address from my modem?
0
 

Author Comment

by:pcradduck
ID: 22722719
Sorry I ment
<ip.address.of.gateway> = default gateway of my ISP
0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 22722893
Yes, you need the IP address that your ISP gave you as a gateway -- at their end -- not yours.

If you don't know your ISP's gateway, then:
  ip route 0.0.0.0 0.0.0.0 f0/0

Delete this line:
  ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>

Change the nat inside source line to:
  ip nat inside source list  1 int f0/0 overload
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IPv6 and IPv4 Subnetting scheme 4 103
BGP Local Preference 5 80
IS-IS question 1 26
Nexus Switch Firmware Upgraded 5 4
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question