Solved

Configure router interface for multiple vlance

Posted on 2011-02-19
18
523 Views
Last Modified: 2012-05-11
in a LAN environment that has many vlans from Access switches trunked to L3 switch, then from L3 switch the uplink port is connected to the router interface in order to route vlans to a different network.

how is the IP interface of the router facing those vlans going to be configured?

I have done similar configuration in the lab using router on a stick. But I have been told in the real world router on a stick is not used because of the performance sensitivity.

Any idea ?

thanks
0
Comment
Question by:jskfan
  • 5
  • 5
  • 4
  • +2
18 Comments
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 193 total points
Comment Utility
just like the example below, if you want to trunk VLAN's 5 and 10 from switch to router, you would use subinterfaces to route the vlans to the router.

interface GigabitEthernet0/0
 no ip address
 duplex full
 speed 1000

interface GigabitEthernet0/0.5
 encapsulation dot1Q 5
 ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.2.1 255.255.255.0


As performance is concerned, it depends on how many nodes are going to be routed, the model of the router and specs of the router.  I would use the router on the stick for a small office (<30 or so nodes).  Anything larger, I would use a cisco 3560/3750 with L3 capabilities and create a routed link between the router and the switch.  The router is designed for routing, so use it as such - IMHO.
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 115 total points
Comment Utility
You would route the traffic at the L3 switch. (that's what it's for).
0
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 193 total points
Comment Utility
Oh, I didn't catch that you have a L3 switch already in the mix.  Then, you would use it for the L3 routing.  Create interface vlans for all the vlans that you have and create a routed link to the router (I would use a /29 address).  Then, on the router, create routes back to the routed interface on the switch for all networks that are on the switch with a 0.0.0.0 route from the switch back to the router.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 39 total points
Comment Utility
As stated above:

On the L3 switch create 1 routed interface

interface fast 0/23
 no switch
 ip address 192.168.255.2 255.255.255.252

ip route 0.0.0.0 0.0.0.0 192.168.255.1


Router:
 interface fast 0/0
  ip add 192.168.255.1 255.255.255.252

ip route <vlan subnets> <mask> 192.168.255.2
ip route 0.0.0.0 0.0.0.0 <next hop ip>

0
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 193 total points
Comment Utility
On thing on the subnet mask - I would use a /29 instead of a /30 (255.255.255.248) just in case you need to put something inline on that routed link.  A /30 limits you to only 2 IP's where a /29 give you 6 useable IP's.
0
 

Author Comment

by:jskfan
Comment Utility
example:

Access Switch1= 2 vlans  = 192.168.1.x , 192.168.2.x
Access Switch2= 2 vlans=  192.168.3.x , 192.168.4.x
Access Switch3= 2 vlans= 192.168.5.x , 192.168.6.x
Access Switch4= 2 vlans= 192.168.7.x , 192.168.8.x

L3 Switch =12 ports

Router=2 interfaces (Fastethernet and Serial)

How would you configure the L3 interfaces to route the vlans internally.?
How would you confogure the Router to route the vlans externally?

Thanks
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 115 total points
Comment Utility
ip routing
int fa0/1
 desc link to router
 no switchport
 ip address 172.16.1.2 255.255.255.252
 no shut
int vlan 1
 ip address 192.168.1.1 255.255.255.0
 no shut
int vlan 2
 ip address 192.168.2.1 255.255.255.0
 no shut
int vlan 3
 ip address 192.168.3.1 255.255.255.0
 no shut
etc...
router eigrp 1
 network 192.168.0.0 0.0.255.255

0
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 193 total points
Comment Utility
                                    Router
                                          |
                                          |
                                 Layer 3 Switch                                                             ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4

Pardon the crudeness of the above diagram.

On the L3 switch, you will create all the interface VLANs.  These will be the gateways for all networks.  You will also create a 0.0.0.0 route to route traffic to the router for networks that are not defined on the interface VLAN's.  Also, I would recommend using port-channel on each access layer back to L3 for redundancy and throuput.

L3 Switch Config:

interface vlan 10
ip add 192.168.1.1 255.255.255.0
no shut
interface vlan 20
ip add 192.168.2.1 255.255.255.0
no shut
****And so on from the VLAN's***
ip route 0.0.0.0 0.0.0.0 192.168.254.1

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk


interface GigabitEthernet1/0/1
 description *****To Switch 1******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
interface GigabitEthernet1/0/2
 description *****To Switch 1******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on

and so on for all 4 switches

interface gi1/0/12

 (or whatever int you chose for the connection back to the router)
no switchport
ip address 192.168.254.2 255.255.255.248
no shut

ip routing (enables ip routing)

_____

On the Router
interface gi0/1 (or whatever int you chose for the connection back to the L3 Switch)
ip add 192.168.254.1 255.255.255.248

ip route 192.168.1.0 255.255.255.0 192.168.254.2
ip route 192.168.2.0 255.255.255.0 192.168.254.2
ip route 192.168.3.0 255.255.255.0 192.168.254.2
ip route 192.168.4.0 255.255.255.0 192.168.254.2
ip route 192.168.5.0 255.255.255.0 192.168.254.2
ip route 192.168.6.0 255.255.255.0 192.168.254.2
ip route 192.168.7.0 255.255.255.0 192.168.254.2
ip route 192.168.8.0 255.255.255.0 192.168.254.2

Access Switch 1

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk


interface fa1/0/1
 description *****To L3******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on
interface fa1/0/2
 description *****To L3******
 switchport trunk encapsulation dot1q
 switchport mode trunk
 channel-group 1 mode on

and so on for all 4 switches
0
 

Author Comment

by:jskfan
Comment Utility

I didn't get this:

L3 Switch Config:

interface Port-channel1
 description *****Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk

0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 17

Assisted Solution

by:MAG03
MAG03 earned 153 total points
Comment Utility
Well the  switch port configuration is incorrect. You only need to trunk the physical interfaces.  

Port channel is used to bundle the links into one logical link. You do not need to do this if you area low on usable ports but it does improve data transfer between switches.

As don mentioned above, configure eigrp on the layer 3 switch to route inter vlan traffic. also create a default route pointing to the router on the layer 3 switch.
0
 

Author Comment

by:jskfan
Comment Utility
I guess he meant  description *****To Switch 1***** instead of  description *****Switch 1*****

L3 Switch Config:

interface Port-channel1
 description *****To Switch 1*****
 switchport trunk encapsulation dot1q
 switchport mode trunk
0
 
LVL 17

Assisted Solution

by:MAG03
MAG03 earned 153 total points
Comment Utility
you would still not trunk the port-channel interface.  The correct way to do this is to trunk the physical interfaces first then create the channel group.

for example.

interface g1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk

interface g1/0/2
switchport trunk encapsulation dot1q
switchport mode trunk

interface range g1/0/1 - 2
channel-group 1 mode active
0
 

Author Comment

by:jskfan
Comment Utility
MAG03:
Can you please reproduce the example that SeeMeShakinMyHead has written above by writing comments under each line of configuration:
                                     Router
                                          |
                                          |
                                 Layer 3 Switch  
--------------------------------------------------------------------------
        ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4

0
 
LVL 17

Assisted Solution

by:MAG03
MAG03 earned 153 total points
Comment Utility

                                      Router
                                          |
                                          |
                                 Layer 3 Switch  
       --------------------------------------------------------------------------
        ||                                ||                          ||                        ||
Switch 1               Switch 2                 Switch 3            Switch 4
  vlan 1                   vlan 2                      vlan 3               vlan 4
10.1.1.0/24        10.1.2.0/24            10.1.3.0/24       10.1.4.0/24

I have added vlans and mock ip addresses for this example. In this example i have only placed one vlan on each switch but others can be added but then the routing protocol will need to be updated.

In this setup the Layer 3 switch will be doing all the inter vlan routing. So an example for the Layer 3 switch would be like this.

ip routing

int vlan 1
ip add 10.1.1.1 255.255.255.0

int vlan 2
ip add 10.1.2.1 255.255.255.0

int vlan 3
ip add 10.1.3.1 255.255.255.0

int vlan 4
ip add 10.1.4.1 255.255.255.0

int range fa0/1 - 8
switchport trunk encapsulation dot1q     (trunk the inter switch connections)
switchport mode trunk
shut

int range fa0/1 - 2
channel-g 1 mode active     (bundle the two links connected to switch 1, the interfaces should be shut down before configuring as issues can arise if they are not shut down. there is no need to trunk here as the interfaces are already trunked. This command takes the two interfaces and places them both into one logical interface.)

int range fa0/3 - 4
channel-g 2 mode active

int range fa0/5 - 6
channel-g 3 mode active

int range fa0/7 - 8
channel-g 4 mode active

int range fa0/1 - 8
no shut

router eigrp 10      (performs the inter vlan routing.)
no auto-summary
net 10.1.1.0 0.0.0.255
net 10.1.2.0 0.0.0.255
net 10.1.3.0 0.0.0.255
net 10.1.4.0 0.0.0.255

ip route 0.0.0.0 0.0.0.0 fa0/9 (or whichever interface leads to the router, the router will handle all routing out of your network.)
0
 
LVL 8

Assisted Solution

by:SeeMeShakinMyHead
SeeMeShakinMyHead earned 193 total points
Comment Utility
I have never had a problem with setting the port-channels up in trunk mode.  What is the reason behind not doing so?  Also, can you setup EIGRP on an ipbase IOS?  Not just in a stub, but full EIGRP?
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 115 total points
Comment Utility
There's no problem with creating a port channel with trunks (or non-trunks, for that matter). When the channel is built, the relevant configuration on the physical interface will be adopted by the port-channel interface.

Once the channel is built, changes to the port-channel interface will be pushed down to the physical interface members.
0
 
LVL 17

Assisted Solution

by:MAG03
MAG03 earned 153 total points
Comment Utility
I understand that there is no problem with setting up port channel with trunks.  However I feel that configuring trunks on both the physical interface and on the port channel interface is overkill.

yes you can set up EIGRP on an ip base, not just in a stub.
0
 

Author Closing Comment

by:jskfan
Comment Utility
thanks
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now