connecting two 3550 switches with VLAN IP routing

Discussion in 'Cisco' started by g18c@hotmail.com, Nov 7, 2006.

  1. Guest

    Hi, our subcontractors have finished the switch install, consisting of
    two Catalyst 3550 switches connected to each other via a trunk on port
    47, with clients and other switches tagged off these switches.

    Im having a little trouble understanding the configuration, why has the
    client switch got an ip address of 192.168.2.10? From my understanding
    it shouldnt need an address as any packets arriving on its interface
    will be routed across trunk between the client and core switch, where
    the core switch will handle the routing?? Or am i totally offtrack?
    When i remove VLAN3 ip address from the client switch the entire lot
    goes down, it is obviously needed but i dont understand why.

    CORE CONFIG

    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log datetime
    no service password-encryption
    service sequence-numbers
    !
    hostname core
    !
    no aaa new-model
    ip subnet-zero
    ip routing
    !
    no file verify auto
    !
    spanning-tree mode pvst
    no spanning-tree optimize bpdu transmission
    spanning-tree extend system-id
    spanning-tree vlan 1-3 priority 0
    !
    vlan internal allocation policy ascending
    !
    interface GigabitEthernet0/1-20
    spanning-tree portfast
    !
    interface GigabitEthernet0/21-35
    spanning-tree portfast
    switchport access vlan 2
    switchport mode access
    !
    interface GigabitEthernet0/36-46
    spanning-tree portfast
    switchport access vlan 3
    switchport mode access
    !
    interface GigabitEthernet0/47
    description connected to client as a trunk to port 47
    switchport access vlan 3
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet0/50
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet0/51
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet0/52
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface Vlan1
    ip address 192.168.0.2 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    interface Vlan2
    ip address 192.168.1.1 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    interface Vlan3
    ip address 192.168.2.1 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 192.168.0.1
    ip http server
    !
    end



    CLIENT CONFIG

    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log datetime
    no service password-encryption
    service sequence-numbers
    !
    hostname client
    !
    no aaa new-model
    vtp domain cisco
    vtp mode transparent
    ip subnet-zero
    ip routing
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    vlan 3
    name UsersAccess
    !
    interface GigabitEthernet0/1-46
    switchport access vlan 3
    switchport mode access
    spanning-tree portfast
    !
    interface GigabitEthernet0/47
    description connected to Core Switch As a trunk port
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    interface Vlan3
    ip address 192.168.2.10 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    ip classless
    ip http server
    !
    end

    Many thanks in advance,

    Chris
    , Nov 7, 2006
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    >Hi, our subcontractors have finished the switch install, consisting of
    >two Catalyst 3550 switches connected to each other via a trunk on port
    >47, with clients and other switches tagged off these switches.


    >Im having a little trouble understanding the configuration, why has the
    >client switch got an ip address of 192.168.2.10? From my understanding
    >it shouldnt need an address as any packets arriving on its interface
    >will be routed across trunk between the client and core switch, where
    >the core switch will handle the routing?? Or am i totally offtrack?
    >When i remove VLAN3 ip address from the client switch the entire lot
    >goes down, it is obviously needed but i dont understand why.


    If you want the core switch to handle the routing, then you need
    remove the IP addresses on VLAN 2 and VLAN 3 (on both machines),
    and you need to create a trunk across to the core router, with VLAN 2
    and VLAN 3 created hooked in as sub-interfaces on that link so that
    they will get trunked across. You'll probably also need to add
    VLAN 3 as a subinterface on GE0/47 so that it will get trunked
    across the link to the client switch too, and on the client switch,
    make the mirror arrangements to get the VLANs trunked across to the
    master switch.

    VLANs only go across a trunk if the trunk has been configured
    to carry those particular VLANs. Which your switches have not
    been configured to do, so the reason your network works now is that
    each switch is doing local routing. Doing routing locally is
    usually noticably more efficient; the disadvantage of it is that
    it requires that you propagate all the routing knowledge to each
    switch (sometimes trivial to maintain), and that it prevents you
    from applying filters or access controls between the networks unless
    you put the same controls in at each place (which usually starts
    to become a mess to maintain.)
    Walter Roberson, Nov 7, 2006
    #2
    1. Advertising

  3. Guest

    > VLANs only go across a trunk if the trunk has been configured
    > to carry those particular VLANs. Which your switches have not
    > been configured to do, so the reason your network works now is that
    > each switch is doing local routing. Doing routing locally is
    > usually noticably more efficient; the disadvantage of it is that
    > it requires that you propagate all the routing knowledge to each
    > switch (sometimes trivial to maintain), and that it prevents you
    > from applying filters or access controls between the networks unless
    > you put the same controls in at each place (which usually starts
    > to become a mess to maintain.)


    Thanks for the reply, but i am still confused. If the switch trunk has
    been configured to carry VLAN3 traffic only, how can clients on the
    client switch get their packets routed for the other VLANS. I can ping
    any machine and go out onto the internet from any machibe on the client
    switch by using default gateway 192.168.2.1.

    Thanks,

    Chris
    , Nov 8, 2006
    #3
  4. In article <>,
    <> wrote:

    >Thanks for the reply, but i am still confused. If the switch trunk has
    >been configured to carry VLAN3 traffic only, how can clients on the
    >client switch get their packets routed for the other VLANS. I can ping
    >any machine and go out onto the internet from any machibe on the client
    >switch by using default gateway 192.168.2.1.


    Your client configuration has


    ip routing

    interface Vlan1
    ip address 192.168.0.5 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28
    !
    interface Vlan3
    ip address 192.168.2.10 255.255.255.0
    ip helper-address 192.168.0.31
    ip helper-address 192.168.0.28


    This creates a *local* virtual interface for VLAN1 and another for VLAN3
    and routing will take place *locally* between them.

    If you don't want VLAN 1 to route locally with VLAN 3, then
    turn off ip routing or get rid of the IP address on the VLAN interface
    (and probably get rid of the ip helper-address too.)
    Walter Roberson, Nov 8, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. NNTP Reader
    Replies:
    0
    Views:
    901
    NNTP Reader
    Jul 23, 2003
  2. Alan Strassberg
    Replies:
    0
    Views:
    602
    Alan Strassberg
    Jul 23, 2003
  3. avraham shir-el
    Replies:
    4
    Views:
    8,499
    avraham shir-el
    Jul 20, 2004
  4. SmilerNet

    Inter-VLAN Routing Cisco 3550 SMI

    SmilerNet, Sep 26, 2004, in forum: Cisco
    Replies:
    7
    Views:
    3,461
    Sam Wilson
    Oct 1, 2004
  5. Zaid
    Replies:
    14
    Views:
    11,005
Loading...

Share This Page