Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 534
  • Last Modified:

Configure router interface for multiple vlance

in a LAN environment that has many vlans from Access switches trunked to L3 switch, then from L3 switch the uplink port is connected to the router interface in order to route vlans to a different network.

how is the IP interface of the router facing those vlans going to be configured?

I have done similar configuration in the lab using router on a stick. But I have been told in the real world router on a stick is not used because of the performance sensitivity.

Any idea ?

thanks
0
jskfan
Asked:
jskfan
  • 5
  • 5
  • 4
  • +2
13 Solutions
 
SeeMeShakinMyHeadCommented:
just like the example below, if you want to trunk VLAN's 5 and 10 from switch to router, you would use subinterfaces to route the vlans to the router.

interface GigabitEthernet0/0
 no ip address
 duplex full
 speed 1000

interface GigabitEthernet0/0.5
 encapsulation dot1Q 5
 ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.2.1 255.255.255.0


As performance is concerned, it depends on how many nodes are going to be routed, the model of the router and specs of the router.  I would use the router on the stick for a small office (<30 or so nodes).  Anything larger, I would use a cisco 3560/3750 with L3 capabilities and create a routed link between the router and the switch.  The router is designed for routing, so use it as such - IMHO.
0
 
Don JohnstonInstructorCommented:
You would route the traffic at the L3 switch. (that's what it's for).
0
 
SeeMeShakinMyHeadCommented:
Oh, I didn't catch that you have a L3 switch already in the mix.  Then, you would use it for the L3 routing.  Create interface vlans for all the vlans that you have and create a routed link to the router (I would use a /29 address).  Then, on the router, create routes back to the routed interface on the switch for all networks that are on the switch with a 0.0.0.0 route from the switch back to the router.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
lrmooreCommented:
As stated above:

On the L3 switch create 1 routed interface

interface fast 0/23
 no switch
 ip address 192.168.255.2 255.255.255.252

ip route 0.0.0.0 0.0.0.0 192.168.255.1


Router:
 interface fast 0/0
  ip add 192.168.255.1 255.255.255.252

ip route <vlan subnets> <mask> 192.168.255.2
ip route 0.0.0.0 0.0.0.0 <next hop ip>

0
 
SeeMeShakinMyHeadCommented:
On thing on the subnet mask - I would use a /29 instead of a /30 (255.255.255.248) just in case you need to put something inline on that routed link.  A /30 limits you to only 2 IP's where a /29 give you 6 useable IP's.
0
 
jskfanAuthor Commented:
example:

Access Switch1= 2 vlans  = 192.168.1.x , 192.168.2.x
Access Switch2= 2 vlans=  192.168.3.x , 192.168.4.x
Access Switch3= 2 vlans= 192.168.5.x , 192.168.6.x
Access Switch4= 2 vlans= 192.168.7.x , 192.168.8.x

L3 Switch =12 ports

Router=2 interfaces (Fastethernet and Serial)

How would you configure the L3 interfaces to route the vlans internally.?
How would you confogure the Router to route the vlans externally?

Thanks
0
 
Don JohnstonInstructorCommented:
ip routing
int fa0/1
 desc link to router
 no switchport
 ip address 172.16.1.2 255.255.255.252
 no shut
int vlan 1
 ip address 192.168.1.1 255.255.255.0
 no shut
int vlan 2
 ip address 192.168.2.1 255.255.255.0
 no shut
int vlan 3
 ip address 192.168.3.1 255.255.255.0
 no shut
etc...
router eigrp 1
 network 192.168.0.0 0.0.255.255

0
 
SeeMeShakinMyHeadCommented:
                                    Router
                                          |
                                          |
                                 Layer 3 Switch                                                             ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4

Pardon the crudeness of the above diagram.

On the L3 switch, you will create all the interface VLANs.  These will be the gateways for all networks.  You will also create a 0.0.0.0 route to route traffic to the router for networks that are not defined on the interface VLAN's.  Also, I would recommend using port-channel on each access layer back to L3 for redundancy and throuput.

L3 Switch Config:

interface vlan 10
ip add 192.168.1.1 255.255.255.0
no shut
interface vlan 20
ip add 192.168.2.1 255.255.255.0
no shut
****And so on from the VLAN's***
ip route 0.0.0.0 0.0.0.0 192.168.254.1

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk


interface GigabitEthernet1/0/1
 description *****To Switch 1******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
interface GigabitEthernet1/0/2
 description *****To Switch 1******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on

and so on for all 4 switches

interface gi1/0/12

 (or whatever int you chose for the connection back to the router)
no switchport
ip address 192.168.254.2 255.255.255.248
no shut

ip routing (enables ip routing)

_____

On the Router
interface gi0/1 (or whatever int you chose for the connection back to the L3 Switch)
ip add 192.168.254.1 255.255.255.248

ip route 192.168.1.0 255.255.255.0 192.168.254.2
ip route 192.168.2.0 255.255.255.0 192.168.254.2
ip route 192.168.3.0 255.255.255.0 192.168.254.2
ip route 192.168.4.0 255.255.255.0 192.168.254.2
ip route 192.168.5.0 255.255.255.0 192.168.254.2
ip route 192.168.6.0 255.255.255.0 192.168.254.2
ip route 192.168.7.0 255.255.255.0 192.168.254.2
ip route 192.168.8.0 255.255.255.0 192.168.254.2

Access Switch 1

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk


interface fa1/0/1
 description *****To L3******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
interface fa1/0/2
 description *****To L3******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on

and so on for all 4 switches
0
 
jskfanAuthor Commented:

I didn't get this:

L3 Switch Config:

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk

0
 
Marius GunnerudSenior Systems EngineerCommented:
Well the  switch port configuration is incorrect. You only need to trunk the physical interfaces.  

Port channel is used to bundle the links into one logical link. You do not need to do this if you area low on usable ports but it does improve data transfer between switches.

As don mentioned above, configure eigrp on the layer 3 switch to route inter vlan traffic. also create a default route pointing to the router on the layer 3 switch.
0
 
jskfanAuthor Commented:
I guess he meant  description *****To Switch 1***** instead of  description *****Switch 1*****

L3 Switch Config:

interface Port-channel1
 description *****To Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk
0
 
Marius GunnerudSenior Systems EngineerCommented:
you would still not trunk the port-channel interface.  The correct way to do this is to trunk the physical interfaces first then create the channel group.

for example.

interface g1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk

interface g1/0/2
switchport trunk encapsulation dot1q
switchport mode trunk

interface range g1/0/1 - 2
channel-group 1 mode active
0
 
jskfanAuthor Commented:
MAG03:
Can you please reproduce the example that SeeMeShakinMyHead has written above by writing comments under each line of configuration:
                                     Router
                                          |
                                          |
                                 Layer 3 Switch  
--------------------------------------------------------------------------
        ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4

0
 
Marius GunnerudSenior Systems EngineerCommented:

                                      Router
                                          |
                                          |
                                 Layer 3 Switch  
       --------------------------------------------------------------------------
        ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4
  vlan 1                   vlan 2                      vlan 3               vlan 4
10.1.1.0/24        10.1.2.0/24            10.1.3.0/24       10.1.4.0/24

I have added vlans and mock ip addresses for this example. In this example i have only placed one vlan on each switch but others can be added but then the routing protocol will need to be updated.

In this setup the Layer 3 switch will be doing all the inter vlan routing. So an example for the Layer 3 switch would be like this.

ip routing

int vlan 1
ip add 10.1.1.1 255.255.255.0

int vlan 2
ip add 10.1.2.1 255.255.255.0

int vlan 3
ip add 10.1.3.1 255.255.255.0

int vlan 4
ip add 10.1.4.1 255.255.255.0

int range fa0/1 - 8
switchport trunk encapsulation dot1q     (trunk the inter switch connections)
switchport mode trunk
shut

int range fa0/1 - 2
channel-g 1 mode active     (bundle the two links connected to switch 1, the interfaces should be shut down before configuring as issues can arise if they are not shut down. there is no need to trunk here as the interfaces are already trunked. This command takes the two interfaces and places them both into one logical interface.)

int range fa0/3 - 4
channel-g 2 mode active

int range fa0/5 - 6
channel-g 3 mode active

int range fa0/7 - 8
channel-g 4 mode active

int range fa0/1 - 8
no shut

router eigrp 10      (performs the inter vlan routing.)
no auto-summary
net 10.1.1.0 0.0.0.255
net 10.1.2.0 0.0.0.255
net 10.1.3.0 0.0.0.255
net 10.1.4.0 0.0.0.255

ip route 0.0.0.0 0.0.0.0 fa0/9 (or whichever interface leads to the router, the router will handle all routing out of your network.)
0
 
SeeMeShakinMyHeadCommented:
I have never had a problem with setting the port-channels up in trunk mode.  What is the reason behind not doing so?  Also, can you setup EIGRP on an ipbase IOS?  Not just in a stub, but full EIGRP?
0
 
Don JohnstonInstructorCommented:
There's no problem with creating a port channel with trunks (or non-trunks, for that matter). When the channel is built, the relevant configuration on the physical interface will be adopted by the port-channel interface.

Once the channel is built, changes to the port-channel interface will be pushed down to the physical interface members.
0
 
Marius GunnerudSenior Systems EngineerCommented:
I understand that there is no problem with setting up port channel with trunks.  However I feel that configuring trunks on both the physical interface and on the port channel interface is overkill.

yes you can set up EIGRP on an ip base, not just in a stub.
0
 
jskfanAuthor Commented:
thanks
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 5
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now