Having Two Defualt gateways ???
Ok please bear with me here.
At the moment I have a single flat network as in the digram. What I would like to do is split it in to three seperate subnets. however my problem is that the Default gate way for the network currently is the router sitting off to the left of the digram.
Splitting up the networks is stright forward enough, and I now have three seperate networks as shown by the circles.
Red - 192.168.1.0 255.255.255.0
Green - 192.168.2.0 255.255.255.0
Blue - 192.168.3.0 255.255.255.0
However the router must stay on the same network (for the time being as the red network) so must have an address of 192.168.1.3 for instance
All devices on the network currently use the switch in buildign 63, 142 or 153 as there default gateway. and can all happly talk to each other.
what I want to know is what settigns do i need to set on these switchs, so that they route any non site data to the WAN router on 192.168.1.3
Is this possible and if so how, I am just looking for a generic way to do this, If a core switch can't find a route to an IP address to forward it to the router.
We only need to do this as an intermediate step during the upgrade as we can't change the routers IP address, and some devices on the 192.168.1.0 range need to keep there static IP address.
The idea is to segment the network, then sort out the servers and the last step will be sorting out the WAn routers.
I hope I have made it all clear but please ask if you need any more info.
Thank you Aaron
route.jpg
At the moment I have a single flat network as in the digram. What I would like to do is split it in to three seperate subnets. however my problem is that the Default gate way for the network currently is the router sitting off to the left of the digram.
Splitting up the networks is stright forward enough, and I now have three seperate networks as shown by the circles.
Red - 192.168.1.0 255.255.255.0
Green - 192.168.2.0 255.255.255.0
Blue - 192.168.3.0 255.255.255.0
However the router must stay on the same network (for the time being as the red network) so must have an address of 192.168.1.3 for instance
All devices on the network currently use the switch in buildign 63, 142 or 153 as there default gateway. and can all happly talk to each other.
what I want to know is what settigns do i need to set on these switchs, so that they route any non site data to the WAN router on 192.168.1.3
Is this possible and if so how, I am just looking for a generic way to do this, If a core switch can't find a route to an IP address to forward it to the router.
We only need to do this as an intermediate step during the upgrade as we can't change the routers IP address, and some devices on the 192.168.1.0 range need to keep there static IP address.
The idea is to segment the network, then sort out the servers and the last step will be sorting out the WAn routers.
I hope I have made it all clear but please ask if you need any more info.
Thank you Aaron
route.jpg
fyi when i said "set each core switch" i was meaning each of the switches in the triangle is a core switch...
i guess the main thing we need to know is how are you segregating the 3 ip ranges? are you actually using vlans?
i guess the main thing we need to know is how are you segregating the 3 ip ranges? are you actually using vlans?
ASKER
No I am not usign VLan's
the links between buildings 63, 142 and 153 are seperate ip ranges 10.0.1.0, 10.0.2.0, 10.0.3.0. and each Core switch is the default gate way for its own segment.
I have set it up so that vlan 1 interface in the switch holds the Default gateway ip addess for that segment. then each have two ports that have an IP address assigened from the 10.0.0.0 ranges, and each switch is running Eigrp for routing purposes.
The digram I have show is only a small part of the network. in reality we will end up with about 15 - 20 segments and possible a lot more. So I want to keep routing local at the core switchs, rather than have one central router handeling it all.
Also I can't make any changes to the router (we are a agency company and the router is managed externaly, it also has to meet very tight security and control, so making changes to it can take a long time and lots of paper work)
the idea is to subnet up the network with out touching the router settings.
basical if i gave the Router a new ipaddress say 192.168.4.1 (out side of any current ranges) then this would be easy to set up, as I can set it on the routers as a gateway of last resort.
however this does not seem to want to work if it is in the same range as the current switches..
the links between buildings 63, 142 and 153 are seperate ip ranges 10.0.1.0, 10.0.2.0, 10.0.3.0. and each Core switch is the default gate way for its own segment.
I have set it up so that vlan 1 interface in the switch holds the Default gateway ip addess for that segment. then each have two ports that have an IP address assigened from the 10.0.0.0 ranges, and each switch is running Eigrp for routing purposes.
The digram I have show is only a small part of the network. in reality we will end up with about 15 - 20 segments and possible a lot more. So I want to keep routing local at the core switchs, rather than have one central router handeling it all.
Also I can't make any changes to the router (we are a agency company and the router is managed externaly, it also has to meet very tight security and control, so making changes to it can take a long time and lots of paper work)
the idea is to subnet up the network with out touching the router settings.
basical if i gave the Router a new ipaddress say 192.168.4.1 (out side of any current ranges) then this would be easy to set up, as I can set it on the routers as a gateway of last resort.
however this does not seem to want to work if it is in the same range as the current switches..
if the switches are layer 3 switches or support vlan routing you could:
set each core switch to have an ip on say vlan 1 (as you have done) lets say 192.168.x.10 / 24
then add a vlan on each switch (lets say vlan 10) and give it ip range same as router 192.168.1.12, 192.168.1.13 and 192.168.1.14 (for each switch).
if not i cant think of anything else... because each network segment, MUST have a default gateway residing on its subnet to get outside its own subnet and it must live on the same vlan too, as switches cant perfrom vlan routing between the .1.0 network and say the .3.0 network (unless theyre pretty decent switches)....
i would strongly reccommend using vlans as this woudl give you more security and better segmentation and decrease network broadcasts...
ASKER
All network segment do have a Default gate way on its own subnet?
And I dont want to do vlan here becasue of the number of them I would need to set up. We are looking at 100+ Cisco 3750 switchs and I will be using VLANS lower down to further devide the segments. But for the core links accross site I want to use pure ip routes.
But you can set up routers with a gateway of last resort.
I have done this before so that if the switch for building 63 for example does not have a route for a packet, rather than dropping it, it forwards it to the core switch in 142.
now if I change the routers IP to an address that is not on the network I can set this as the gate way of last resort for the 142 switch all devices on the networrk can talk off site.
however as soon as i try to do it with the router having the same IP range as the core switch in 142 it stops working.
I fail to see how using vlans and a single router will reduce site traffic. By only using one router all traffic has to trave to the router and back to be routed. In my set up, traffic is routed at each of the core switchs and only travels the links it needs to. Broadcast traffic is also limited to the indvual segments, and security is by far tight enough.
The whole idea behind this is to get all client machines to have a local Default gateway (that of the core switch of there segment), and those core switchs need to be able to contact the router only if needed.
I can't make a overnight change. so the ideas is to set this up on the core switchs and slowly move each building/segment over.
The rest of the site works ok. all i need is how to make the core switch in the red segment (142) see the router as the destination for all packets that it dose not have a valid next hop address in its routing table?
And I dont want to do vlan here becasue of the number of them I would need to set up. We are looking at 100+ Cisco 3750 switchs and I will be using VLANS lower down to further devide the segments. But for the core links accross site I want to use pure ip routes.
But you can set up routers with a gateway of last resort.
I have done this before so that if the switch for building 63 for example does not have a route for a packet, rather than dropping it, it forwards it to the core switch in 142.
now if I change the routers IP to an address that is not on the network I can set this as the gate way of last resort for the 142 switch all devices on the networrk can talk off site.
however as soon as i try to do it with the router having the same IP range as the core switch in 142 it stops working.
I fail to see how using vlans and a single router will reduce site traffic. By only using one router all traffic has to trave to the router and back to be routed. In my set up, traffic is routed at each of the core switchs and only travels the links it needs to. Broadcast traffic is also limited to the indvual segments, and security is by far tight enough.
The whole idea behind this is to get all client machines to have a local Default gateway (that of the core switch of there segment), and those core switchs need to be able to contact the router only if needed.
I can't make a overnight change. so the ideas is to set this up on the core switchs and slowly move each building/segment over.
The rest of the site works ok. all i need is how to make the core switch in the red segment (142) see the router as the destination for all packets that it dose not have a valid next hop address in its routing table?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ah so my static route above was incorrect then?
or if you would really like to do routing functions on the switches, set each core switch to have an ip and set the hosts default gateway to be the switches (depending on which circle the host is in)- and then put static routes on the switches to go to the router for any and all traffic..
this way all routing between networks is controlled via the router and all inter vlan communication get controlled by the router.
is this sort of what your asking? im not totally sure thats what you meant!
let me know..