asked on layer 2 and 3 switches
Hello,
I would like to have a nice explanation on a couple of things regarding layer 2 & 3 switches. The last time I asked this question it kind of went in different directions, so to avoid that I'll try and be clearer. These things below are what I do not need explanations on (followed below that I will explain what I need to understand better). What I do not need explanations on:
- I understand what vlans are
- I understand the difference between layer 2 & 3 switches
- I know what vlan trunking\tagging is
- I know what a default gateway is
- I understand that Layer 3 switches does the IP routing and layer 2 doesn't (mac addresses).
What I need to understand clearly is:
When I look at a layer 2 switch (show run) I see that the default vlan1 has no ip address and is shut down, a new vlan was created vlan10 and this vlan was given an IP address and default gateway. But the switch its self was given an IP address as well.
For ex:
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.50.2 255.255.255.0
ip helper-address 10.10.50.101
no ip route-cache
!
ip default-gateway 10.10.50.20
So I'm assuming the default gateway for the pc's that connect to this switch is 10.10.50.20 which is also the IP of the inside interface of the firewall.
So if that is correct then this is what I don't understand:
Why is there an IP for interface and DG address for vlan10?
Why do I read that there can only be 1 management vlan per switch? What do they specifically mean by management vlan? There has to be obviously an IP address to telnet into (10.10.40.2)? But if its used for management only why then are almost all the interfaces associated with that vlan10?
Shouldn't there be a vlan interface to access the switch and another vlan for all the computers to associate with?
So basically I need to understand better the concept of interface vlan and management vlan and ip default gateway.
Thanks!
I would like to have a nice explanation on a couple of things regarding layer 2 & 3 switches. The last time I asked this question it kind of went in different directions, so to avoid that I'll try and be clearer. These things below are what I do not need explanations on (followed below that I will explain what I need to understand better). What I do not need explanations on:
- I understand what vlans are
- I understand the difference between layer 2 & 3 switches
- I know what vlan trunking\tagging is
- I know what a default gateway is
- I understand that Layer 3 switches does the IP routing and layer 2 doesn't (mac addresses).
What I need to understand clearly is:
When I look at a layer 2 switch (show run) I see that the default vlan1 has no ip address and is shut down, a new vlan was created vlan10 and this vlan was given an IP address and default gateway. But the switch its self was given an IP address as well.
For ex:
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.50.2 255.255.255.0
ip helper-address 10.10.50.101
no ip route-cache
!
ip default-gateway 10.10.50.20
So I'm assuming the default gateway for the pc's that connect to this switch is 10.10.50.20 which is also the IP of the inside interface of the firewall.
So if that is correct then this is what I don't understand:
Why is there an IP for interface and DG address for vlan10?
Why do I read that there can only be 1 management vlan per switch? What do they specifically mean by management vlan? There has to be obviously an IP address to telnet into (10.10.40.2)? But if its used for management only why then are almost all the interfaces associated with that vlan10?
Shouldn't there be a vlan interface to access the switch and another vlan for all the computers to associate with?
So basically I need to understand better the concept of interface vlan and management vlan and ip default gateway.
Thanks!
Switches / HubsRoutersNetworking
Last Comment
Don Johnston
Well, the interface vlan 10 is what you would set the default gateway to the devices on vlan 10. So for the computers it would be 10.10.50.2. You typically make a different "Switched Virtual Interface" for every vlan and set that as the default gateway for the devices on that vlan. If the switch is only in layer 2 then the ip default gateway command is used. If it is in layer 3 there will either be a route for traffic or the ip route command will be used Hope this helps clarify things a little bit.
ASKER
Is that the standard way of doing things? The devices that are part of vlan10 are using as their default gateway the address that is ip default-gateway 10.10.50.20 and all is working. I still need an explanation, also about the management vlan etc.
Thanks.
Thanks.
That's because all traffic is being sent to .20.
The way I do it is a different subnet for each VLAN, and then a different subnet between the switch and router. As far as I know the management VLAN is for an out of band way to send management traffic on a different VLAN than normal user traffic.
The way I do it is a different subnet for each VLAN, and then a different subnet between the switch and router. As far as I know the management VLAN is for an out of band way to send management traffic on a different VLAN than normal user traffic.
ASKER
Right but how does the switch know if I have more than one management vlan, I can create 50 vlans if I want
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Now on Nexus switches, there is an out-of-management port.Typo.. :-)
ASKER
spenserscannell - On your first respone:
"Well, the interface vlan 10 is what you would set the default gateway to the devices on vlan 10. So for the computers it would be 10.10.50.2. You typically make a different "Switched Virtual Interface" for every vlan and set that as the default gateway for the devices on that vlan. (Is this layer 3?)
If the switch is only in layer 2 then the ip default gateway command is used. (Layer 2)
If it is in layer 3 there will either be a route for traffic or the ip route command will be used Hope this helps clarify things a little bit. " (Layer 3)
Correct?
--------------------------
Yes, its a layer 2 switch I'm talking about. I understand now what youre saying but, what confuses me is that are the clients looking to the switch as their default gateway or the firewall? The firewall inside IP is 10.10.50.20, which is the ip default-gateway of the layer 2 switch. So I'm assuming then that that is just the IP the switch uses (just like the pcs in vlan10 for their default gateway). Correct?
And if its a layer 3 switch and I have say 5 vlans, I will then have 5 vlan interfaces with all their own default gateways corresponding to the subet their on.
It seems that the example I wrote in the question is using the interface vlan 10 as their management interface (IP) and the vlan for the clients as well.
Correct?
donjohnston - thanks for the explanation on the management vlan, totally got that now.
"Well, the interface vlan 10 is what you would set the default gateway to the devices on vlan 10. So for the computers it would be 10.10.50.2. You typically make a different "Switched Virtual Interface" for every vlan and set that as the default gateway for the devices on that vlan. (Is this layer 3?)
If the switch is only in layer 2 then the ip default gateway command is used. (Layer 2)
If it is in layer 3 there will either be a route for traffic or the ip route command will be used Hope this helps clarify things a little bit. " (Layer 3)
Correct?
--------------------------
Yes, its a layer 2 switch I'm talking about. I understand now what youre saying but, what confuses me is that are the clients looking to the switch as their default gateway or the firewall? The firewall inside IP is 10.10.50.20, which is the ip default-gateway of the layer 2 switch. So I'm assuming then that that is just the IP the switch uses (just like the pcs in vlan10 for their default gateway). Correct?
And if its a layer 3 switch and I have say 5 vlans, I will then have 5 vlan interfaces with all their own default gateways corresponding to the subet their on.
It seems that the example I wrote in the question is using the interface vlan 10 as their management interface (IP) and the vlan for the clients as well.
Correct?
donjohnston - thanks for the explanation on the management vlan, totally got that now.
ASKER
anyone?
The default gateway for 10.10.50.0/24 network would be a routing device (or firewall) on that network. So in your case, it sounds like 10.10.50.20 is the correct gateway.
If you have a multi-layer switch, then there would be 5 SVI's (VLAN interfaces). Each SVI will have an IP address for that network. The hosts on those networks would use the SVI IP address on their network.
If you have a multi-layer switch, then there would be 5 SVI's (VLAN interfaces). Each SVI will have an IP address for that network. The hosts on those networks would use the SVI IP address on their network.