Solved

Resubnet in a 6504?

Posted on 2009-04-10
7
197 Views
Last Modified: 2012-05-06
I have an interface in a Cisco 6504 that has been assigned an entire class C address space (255.255.255.0). We have only used about 20 of these addresses in the low end of the range.  I would like to use one of the unused address I have and assign it to another interface on the 6504 (have a blade with 24 SFP) so I can connect a new switch many miles away on a fiber optic cable.  The second switch would be also be assigned an address from the same class c range sort of like when you do a serial t-1 connection with a 252 subnet.  

Will I have to re-subnet the original interface that has the class c in order to make available more separate networks from which I can use the ip's on different interfaces on the 6504?  If I do, is the re-subnet procedure disruptive to the clients connected to that interface?

What I am ultimately trying to accomplish is connect a 3560E to the 6504 via fiber optic connection straight bewteen the devices.  The 3560 will be located at a facility owned by another local goverment and they will be connecting devices from their network to the 3560 for connection to systems in our neetwork.   The potential also exists though for that other agency to use the link between the two switches as an alternate Internet connection for them, as our 6504 is also our border gateway device.

I am sure I have confused the lot of you, so I apologize profusely for doing so,  Thanks.
Mike
0
Comment
Question by:mwaters31
  • 4
  • 3
7 Comments
 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
>Will I have to re-subnet the original interface that has the class c in order to make available more separate networks from which I can use the ip's on different interfaces on the 6504?

Yes.

>If I do, is the re-subnet procedure disruptive to the clients connected to that interface?

No necessarily. As long as none of the addresses have to be changed, then it's just a matter of changing the masks on the existing devices.

0
 

Author Comment

by:mwaters31
Comment Utility
The only device connected would be the external interface of my firewall. But it does have about a dozen additional ip  address assigned to that nic.  They would all have to have their subnet masks changed as well then.  Firewall is natting everything inside so that should be good.

Would it be better to use a separate vlan between the two switches?  Then at the 6504, route traffic from new vlan into interface of our firewall?
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
Comment Utility
>Would it be better to use a separate vlan between the two switches?

Six of one, half dozen of the other.

Personally, I'd make the interfaces connecting the two switches layer three interfaces and assign the IP address there.


0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:mwaters31
Comment Utility
That may make sense. Later, the possibility exists for that same agency to want to use that link for Internet traffic.  I would have to figure out how to separate the traffic destined for our internal network from the traffic destined for the Internet.  The traffic headed for our network will be mainly voice and video feed from a jail in another jurisdiction for video arraignment.  The other agency may want to use us as an Internet feed for them (since we have 1Gb fiber to a large NOC in Seattle) down the road.
0
 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
An ACL will do that.
0
 

Author Comment

by:mwaters31
Comment Utility
Yeah, I think I will make it layer three with IPs.  We just got our official IP block from ARIN and I will use a .252 subnet from within that to connect the two switches.  
0
 

Author Closing Comment

by:mwaters31
Comment Utility
We went ahead and used separate IP's for the interfaces. Seems to work fine.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now