Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Help with Vlan creation and assignment

Posted on 2008-10-15
13
Medium Priority
?
970 Views
Last Modified: 2012-05-05
Let me start by saying I am a beginner with cisco routers, I am studying for my CCNA, and just got ahold of a Cisco 2811 router. It has a 4 port HWIC card in it. Like I said I am studying for the CCNA exam, so I am trying to try all possible configurations.

What I wanted to do was subnet a class A network ( 10.0.0.0 ) into 4 subnets using 255.192.0.0, easy enough. Then I wanted to assign the four subnets each to it's own port on the HWIC card, so 10.0.0.0 to fa 0/0/0 and 10.64.0.0 to fa 0/0/1 and so on. Then I wanted to cable each port to different floors in my house and use the fourth subnet to connect to a WAP so wireless had its own subnet.  As I said there is no real need for this at my house, but I want to know how to do.  So I began, and discovered that L2 Links can not have ip addresses assigned to them.  Someone said that in order to use these ports you need to assign them to a vlan, but I can't figure out how to create multiple vlans in the router, assign each port to its own vlan, and then assign each vlan to pull from a specific dhcp pool so it stays in it own subnet. Lastly, I guess since I am using multiple vlans, i will need to trunk them all together so I can transfer info between them all??

Thanks for the help.
0
Comment
Question by:pcradduck
  • 7
  • 6
13 Comments
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22720917
int vlan 1
 ip address 10.0.0.1 255.192.0.0
int vlan 2
 ip address <whatever>
int vlan 3
 ip address <whatever>
int vlan 4
 ip address <whatever>

int FastEthernet0/0/0
 switchport mode access
 switchport access vlan 1
 no shut
int FastEthernet0/0/1
 switchport mode access
 switchport access vlan 2
 no shut
int FastEthernet0/0/2
 switchport mode access
 switchport access vlan 3
 no shut
int FastEthernet0/0/3
 switchport mode access
 switchport access vlan 4
 no shut

Trunking is used to pass tagged vlan traffic for multiple vlans.  Based upon your description, I don't see that as necessary.
0
 

Author Comment

by:pcradduck
ID: 22720970
1. So if I dont truck will all the vlans be able to pass information to each other?
2. How to I make sure each VLan or Phycial port assigned to the vlan only assigns addresses in the subnet to which the Vlan belongs?

0
 

Author Comment

by:pcradduck
ID: 22721063
One more question, When I went to assign FastEthernet0/0/1 to VLAN 2 it said please add it to Vlan database. I guess when I ran int vlan 2 ip address 10.64.0.1 255.192.0.0 this did not add the VLan to the database?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721234
1) unless you block traffic between VLANs, the router should take the packet coming into the interface, read the destination IP address, understand that it is local and deliver it.
2) are you planning on using the router as a DHCP server?
3) this is typical of some Cisco switches, try:
    # vlan database
       vlan 2 name This_is_vlan_2 state active
       vlan 3 name This_is_vlan_3 state active
       vlan 4 name This_is_vlan_4 state active
       apply

Change "This_is_vlan_x" to whatever string (no spaces) that you want to use to describe the network on that vlan.

Vlan 1, by default, is the management vlan.  You can change the management vlan or you can choose to not use the management vlan 1 for your interfaces but instead use vlans 2 through 5.
     
0
 

Author Comment

by:pcradduck
ID: 22721265
I was hoping to use the router as the DHCP server in this case,
does it have the ability to assign different pools, I have 4 set, to different vlans?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721424
I believe so.

Can you configure:

ip dhcp pool VLAN-1
 network 10.0.0.0 255.192.0.0
 default router 10.0.0.1
 dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool VLAN-2
 network 10.64.0.0 255.192.0.0
 default router 10.64.0.1
 dns-server <ipaddress_1> <ip address_2>

etc.

Insert the dns-server IP addresses, no symbols (< >).

You'll also need to perform NAT for Internet access.
0
 

Author Comment

by:pcradduck
ID: 22721486
Yeah,
I ran
ip dhcp pool 10.0.0.0/10
network 10.0.0.0 255.192.0.0
default router 10.0.0.1
dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool 10.64.0.0/10
network 10.64.0.0 255.192.0.0
default router 10.64.0.1
dns-server <ipaddress_1> <ipaddress_2>

and so on, so I have four pools, but whats the command to assign each pool to each vlan?  would I do that under the vlan config?

I will google NAT setup, but if I have any questions you know where I will post.

thanks for all this help by the way.
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22721678
The pool used to assign an IP address to the client is determined by the interface IP address (vlan interface) that the packet arrived in.

NAT:

config t:
 int vlan 1
  ip nat inside
 int vlan 2
  ip nat inside
 int vlan 3
  ip nat inside
 int vlan 4
  ip nat inside
 
int F0/0                  ! or whatever the public interface is called
 ip nat outside

access-list 1 permit 10.0.0.0 255.0.0.0
ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>
ip nat inside source list  1 pool My-Public-Interface overload

My-Public-Interface is a string that can be more descriptive.

<my.ip.address.start> defines the first public IP to use

<my.ip.address.stop> defines the last public IP to use

Both "start" and "stop" may be the same IP if there is but one public IP address.

<my.prefix.length> is the netmask of your public IP address(es) in prefix form, for example:
  /24 = 255.255.255.0
0
 

Author Comment

by:pcradduck
ID: 22721955
I will try getting natting setup here in a little bit, one last question

The DNS servers are my ISP's, none inside my house (big suprise), I enabled RIP route for 10.0.0.0, will rip learn and forward the DNS requests to my ISP's DNS servers, or do I need to setup some kind of route?

Did i need to enable RIP?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 22722103
If you have but one layer 3 device, you don't need RIP (sorry, yuck).  RIP/OSPF/IS-IS is used for exchanging route information between devices to build the routing table.  They have nothing to do with forwarding the packets.

So, get rid of RIP and if you have a default route to your upstream gateway, then all packets not in the routing table will, by default, get routed to your gateway for handling:

  ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>
0
 

Author Comment

by:pcradduck
ID: 22722297
so i need one static route to point to my ISP Modem that will be plugged into fa 0/0?
if that is true then would it be

ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>

<ip.address.of.gateway> = the ip address my ISP gives fa 0/0 when I plug in my modem?

do I need to run
int fa 0/0
ip address DHCP

in order to allow fa 0/0 to get the ip address from my modem?
0
 

Author Comment

by:pcradduck
ID: 22722719
Sorry I ment
<ip.address.of.gateway> = default gateway of my ISP
0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 2000 total points
ID: 22722893
Yes, you need the IP address that your ISP gave you as a gateway -- at their end -- not yours.

If you don't know your ISP's gateway, then:
  ip route 0.0.0.0 0.0.0.0 f0/0

Delete this line:
  ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>

Change the nat inside source line to:
  ip nat inside source list  1 int f0/0 overload
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Load balancing is the method of dividing the total amount of work performed by one computer between two or more computers. Its aim is to get more work done in the same amount of time, ensuring that all the users get served faster.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question