Solved

Help with Vlan creation and assignment

Posted on 2008-10-15
13
960 Views
Last Modified: 2012-05-05
Let me start by saying I am a beginner with cisco routers, I am studying for my CCNA, and just got ahold of a Cisco 2811 router. It has a 4 port HWIC card in it. Like I said I am studying for the CCNA exam, so I am trying to try all possible configurations.

What I wanted to do was subnet a class A network ( 10.0.0.0 ) into 4 subnets using 255.192.0.0, easy enough. Then I wanted to assign the four subnets each to it's own port on the HWIC card, so 10.0.0.0 to fa 0/0/0 and 10.64.0.0 to fa 0/0/1 and so on. Then I wanted to cable each port to different floors in my house and use the fourth subnet to connect to a WAP so wireless had its own subnet.  As I said there is no real need for this at my house, but I want to know how to do.  So I began, and discovered that L2 Links can not have ip addresses assigned to them.  Someone said that in order to use these ports you need to assign them to a vlan, but I can't figure out how to create multiple vlans in the router, assign each port to its own vlan, and then assign each vlan to pull from a specific dhcp pool so it stays in it own subnet. Lastly, I guess since I am using multiple vlans, i will need to trunk them all together so I can transfer info between them all??

Thanks for the help.
0
Comment
Question by:pcradduck
  • 7
  • 6
13 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 22720917
int vlan 1
 ip address 10.0.0.1 255.192.0.0
int vlan 2
 ip address <whatever>
int vlan 3
 ip address <whatever>
int vlan 4
 ip address <whatever>

int FastEthernet0/0/0
 switchport mode access
 switchport access vlan 1
 no shut
int FastEthernet0/0/1
 switchport mode access
 switchport access vlan 2
 no shut
int FastEthernet0/0/2
 switchport mode access
 switchport access vlan 3
 no shut
int FastEthernet0/0/3
 switchport mode access
 switchport access vlan 4
 no shut

Trunking is used to pass tagged vlan traffic for multiple vlans.  Based upon your description, I don't see that as necessary.
0
 

Author Comment

by:pcradduck
ID: 22720970
1. So if I dont truck will all the vlans be able to pass information to each other?
2. How to I make sure each VLan or Phycial port assigned to the vlan only assigns addresses in the subnet to which the Vlan belongs?

0
 

Author Comment

by:pcradduck
ID: 22721063
One more question, When I went to assign FastEthernet0/0/1 to VLAN 2 it said please add it to Vlan database. I guess when I ran int vlan 2 ip address 10.64.0.1 255.192.0.0 this did not add the VLan to the database?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 22721234
1) unless you block traffic between VLANs, the router should take the packet coming into the interface, read the destination IP address, understand that it is local and deliver it.
2) are you planning on using the router as a DHCP server?
3) this is typical of some Cisco switches, try:
    # vlan database
       vlan 2 name This_is_vlan_2 state active
       vlan 3 name This_is_vlan_3 state active
       vlan 4 name This_is_vlan_4 state active
       apply

Change "This_is_vlan_x" to whatever string (no spaces) that you want to use to describe the network on that vlan.

Vlan 1, by default, is the management vlan.  You can change the management vlan or you can choose to not use the management vlan 1 for your interfaces but instead use vlans 2 through 5.
     
0
 

Author Comment

by:pcradduck
ID: 22721265
I was hoping to use the router as the DHCP server in this case,
does it have the ability to assign different pools, I have 4 set, to different vlans?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 22721424
I believe so.

Can you configure:

ip dhcp pool VLAN-1
 network 10.0.0.0 255.192.0.0
 default router 10.0.0.1
 dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool VLAN-2
 network 10.64.0.0 255.192.0.0
 default router 10.64.0.1
 dns-server <ipaddress_1> <ip address_2>

etc.

Insert the dns-server IP addresses, no symbols (< >).

You'll also need to perform NAT for Internet access.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:pcradduck
ID: 22721486
Yeah,
I ran
ip dhcp pool 10.0.0.0/10
network 10.0.0.0 255.192.0.0
default router 10.0.0.1
dns-server <ipaddress_1> <ipaddress_2>

ip dhcp pool 10.64.0.0/10
network 10.64.0.0 255.192.0.0
default router 10.64.0.1
dns-server <ipaddress_1> <ipaddress_2>

and so on, so I have four pools, but whats the command to assign each pool to each vlan?  would I do that under the vlan config?

I will google NAT setup, but if I have any questions you know where I will post.

thanks for all this help by the way.
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 22721678
The pool used to assign an IP address to the client is determined by the interface IP address (vlan interface) that the packet arrived in.

NAT:

config t:
 int vlan 1
  ip nat inside
 int vlan 2
  ip nat inside
 int vlan 3
  ip nat inside
 int vlan 4
  ip nat inside
 
int F0/0                  ! or whatever the public interface is called
 ip nat outside

access-list 1 permit 10.0.0.0 255.0.0.0
ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>
ip nat inside source list  1 pool My-Public-Interface overload

My-Public-Interface is a string that can be more descriptive.

<my.ip.address.start> defines the first public IP to use

<my.ip.address.stop> defines the last public IP to use

Both "start" and "stop" may be the same IP if there is but one public IP address.

<my.prefix.length> is the netmask of your public IP address(es) in prefix form, for example:
  /24 = 255.255.255.0
0
 

Author Comment

by:pcradduck
ID: 22721955
I will try getting natting setup here in a little bit, one last question

The DNS servers are my ISP's, none inside my house (big suprise), I enabled RIP route for 10.0.0.0, will rip learn and forward the DNS requests to my ISP's DNS servers, or do I need to setup some kind of route?

Did i need to enable RIP?
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 22722103
If you have but one layer 3 device, you don't need RIP (sorry, yuck).  RIP/OSPF/IS-IS is used for exchanging route information between devices to build the routing table.  They have nothing to do with forwarding the packets.

So, get rid of RIP and if you have a default route to your upstream gateway, then all packets not in the routing table will, by default, get routed to your gateway for handling:

  ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>
0
 

Author Comment

by:pcradduck
ID: 22722297
so i need one static route to point to my ISP Modem that will be plugged into fa 0/0?
if that is true then would it be

ip route 0.0.0.0 0.0.0.0 <ip.address.of.gateway>

<ip.address.of.gateway> = the ip address my ISP gives fa 0/0 when I plug in my modem?

do I need to run
int fa 0/0
ip address DHCP

in order to allow fa 0/0 to get the ip address from my modem?
0
 

Author Comment

by:pcradduck
ID: 22722719
Sorry I ment
<ip.address.of.gateway> = default gateway of my ISP
0
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 22722893
Yes, you need the IP address that your ISP gave you as a gateway -- at their end -- not yours.

If you don't know your ISP's gateway, then:
  ip route 0.0.0.0 0.0.0.0 f0/0

Delete this line:
  ip nat pool My-Public-Interface <my.ip.address.start> <my.ip.address.end> prefix-length <my.prefix.length>

Change the nat inside source line to:
  ip nat inside source list  1 int f0/0 overload
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now