Avatar of Ima Bum
Ima Bum
 asked on

Networking Layer 3 Switching Routers

This is a company network for Acme.com, my fictitious network.   Please refer to my Visio attachment that I have created for this question.  

In both the Seattle and Boston offices there are four departments, Marketing, Sales, Accounting and HR.  As you can see, they're all in their own respective VLANS.  My objective is to figure out how to configure routing so that workstations in different Vlans can access resources wherever they want, either on other Vlans in the same office or in some cases resources on workstations in the remote site.  

I do not want to implement a "Router on a stick solution" (I already know how to do this) and am trying to figure out a different way using Layer 3 Core switches in each office along with a router.  I'm just now learning this so appreciate any coaching!  I'm a few days into this with various approaches and think I could use some tips at this juncture.
Cheers,
R
Routing---Inter-VLAN-Routing.jpg
RoutersSwitches / Hubs

Avatar of undefined
Last Comment
Ima Bum

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
MartinDRZ

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
eeRoot

The "core" switch would need to be a layer 3 switch because layer 3 switches can do inter VLAN routing.  The unlabeled stack of 4 switches can be layer 2 switches, because they will route any traffic up to the layer 3 switch if the traffic needs to go across VLAN's or out to the other site.
Ima Bum

ASKER
Thanks for the responses so far.

Just wanted to clarify a few things here.  

First, it looks like I may have a design flaw with regard to the Vlans?  To clarify, if we have a marketing VLAN in each office, then should they be using two different VLANs, subnets and names?  For instance, in Seattle, it should be Vlan 30, MarketingSea, subnet 172.16.30.x and in Boston we should have VLAN31, MarketingBos, subnet 172.16.31.x ?  

The way I see this network, the core switches are L3 switches and the other switches, stacked 4-high in each office are L2 switches.  The two offices are connected via a VPN connection (of some sort ) I'd like to have all of the VLANs in their own subnets, e.g, in the Seattle office:


MarketingSea    172.16.30.x  Vlan 30
SalesSea        172.16.40.x  Vlan 40
AccountingSea   172.16.50.x  Vlan 50
HRSea           172.16.60.x  Vlan 60


In the Boston office:

MarketingBos    172.16.31.x  Vlan 31
SalesBos        172.16.41.x  Vlan 41
AccountingBos   172.16.51.x  Vlan 51
HRBos           172.16.61.x  Vlan 61


So if we enable "IP ROUTING" on the layer3 switches what traffic gets routed by the L3 switches and what traffic gets routed by the routers?   I'm confused on how the IP addresses and gateways would look?    

To make it easy,lets say that a workstation in the Seattle VLAN 30, subnet 172.16.30.47 needs to communicate with a workstation in Boston on Vlan 61, IP address 172.16.61.52 ?  What would be the path of that traffic and how would it get routed?
eeRoot

The layer 3 switches would be aware of what IP subnets are at the other site, and route traffic accordingly.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
MartinDRZ

So if we enable "IP ROUTING" on the layer3 switches what traffic gets routed by the L3 switches and what traffic gets routed by the routers?   I'm confused on how the IP addresses and gateways would look?    

The L3 switch would have a Layer 3 interface in each local VLAN (ie an IP address). That would be the default gateway for the switch.

The rest is up to you and is a design choice. You can have your switches aware of the dynamic routing protocol if they support it, else you could have the dynamic routing protocol on your VPN endpoint (router or firewall, depends how you've got it set up really). The L3 switches default gateway would be that device.

So if we enable "IP ROUTING" on the layer3 switches what traffic gets routed by the L3 switches and what traffic gets routed by the routers?   I'm confused on how the IP addresses and gateways would look?

Layer 3 is Layer 3. A Layer 3 switch is essentially a router with a lot of ports.

To make it easy,lets say that a workstation in the Seattle VLAN 30, subnet 172.16.30.47 needs to communicate with a workstation in Boston on Vlan 61, IP address 172.16.61.52 ?  What would be the path of that traffic and how would it get routed?

It would basically go along these lines (but not exactly to make it easier to understand):

172.16.30.47
172.16.30.1 (default GW, L3 interface on core)
172.16.x.254 (VPN endpoint in Seattle, chosen by default route on L3 switch)
172.16.y.254 (VPN endpoint in Boston, chosen by routing table on the Seattle VPN endpoint via OSPF/EIGRP)
172.16.61.1 (L3 interface on core in Boston for VLAN 61)
172.16.61.52


Hope this helps!
Ima Bum

ASKER
Thanks MartinDRZ for taking the time to explain this.  Aside from the points, please know that your efforts are really appreciated!

R