Avatar of Jonathan Lo
Jonathan LoFlag for Australia asked on

IP address of the core switch vs the IP address of the virtual interface for the management VLAN?

Hi Experts,


I'm programming up a L3 core switch and is a little confused and would like to get some inputs on this one.


I have been provided with a VLAN/IP address schedule similar to below:


VLAN   Name                        IP Range                     Gateway IP

91         Management           192.168.0.0/22          192.168.0.1

92         Workstations           192.168.8.0/24          192.168.8.1

93         IP Phones                 192.168.16.0/22       192.168.16.1

94         Guest                        192.168.32.0/24        192.168.32.1


On top of that, in the IP address schedule for the network switches defined the core switch with an IP of 192.168.0.101, which I presume would reside in the management VLAN 91.


I'm a bit confused as usually I'd program VLANs on the core switch like:

interface vlan 91

ip address 192.168.0.1 255.255.252.0

interface vlan 92

ip address 192.168.8.1 255.255.252.0


.... vice versa


When I do that, the interface IP also becomes the gateway of the device within that VLAN. But with VLAN 91, it is not possible to apply a second IP to the interface. Furthermore, the other switches in the network are configured in L2 mode and has a default gateway of 192.168.0.101 at the moment to allow traffic.


What have I missed? Is it a standard practice to have the VLAN interface IP different to the core switch's IP?


I'm still learning so any help is appreciated!  :)

NetworkingNetwork ManagementNetwork Architecture* interVlan

Avatar of undefined
Last Comment
Jonathan Lo

8/22/2022 - Mon
Don Johnston

Unless you’re working with something like a Nexus switch, there really is no “management“ IP address.  So for your typical multilayer switch, you manage it using whatever IP address you want that is assigned to the switch.  If you want to restrict it to a specific address, you can do that with access lists.

But in the end, it’s just another IP address assigned to the switch.
ASKER
Jonathan Lo

FYI I'm working with a Ruckus ICX7750 switch :)

So is it correct for me to say that the IP address of the core switch should be configured either as 192.168.0.1 or 192.168.0.101 and the VLAN 91's gateway would follow whatever IP address the switch is programmed?

In other words, devices in VLAN 91 will be using the IP address of the core switch as gateway as well as management via SSH?
Don Johnston

Yes.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
ASKER
Jonathan Lo

Thanks Don!
ASKER
Jonathan Lo

Now after a bit of back and forth with the design team, it seems they would like the IP address of the switch to be 192.168.0.101 however the gateway of VLAN91 as 192.168.0.1.

The config for the VLAN at the moment is

interface vlan91
ip address 192.168.0.101 255.255.252.0

How should I go by setting this up? As the core switch handles the L3 routing, I'm not able to add a second IP to the VLAN....

Thanks!
ASKER CERTIFIED SOLUTION
Don Johnston

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
Jonathan Lo

Don:
I'm working with Ruckux ICX and they too have that option. Thanks!

Soulja:
Thanks for your input! I actually doubted myself for a second as to what is the "standard practice" hahaha
I actually created random names for the VLAN and IP addresses, so yeah they are not for phones :) but I don't like the idea of /22 either

Thanks all for your input!
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.