Inter VLAN routing

Discussion in 'Cisco' started by Jeitzen@gmail.com, Jun 18, 2007.

  1. Guest

    I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
    and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
    to the internet, its just I cannot route between them. I need vlans 20
    and 30 to be able to access resources on vlan 10. Any Ideas? any thing
    you guys need to see? Much thanks in advance!
     
    , Jun 18, 2007
    #1
    1. Advertising

  2. Trendkill Guest

    On Jun 18, 12:51 pm, wrote:
    > I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
    > and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
    > to the internet, its just I cannot route between them. I need vlans 20
    > and 30 to be able to access resources on vlan 10. Any Ideas? any thing
    > you guys need to see? Much thanks in advance!


    IP routing enabled? You shouldn't need a protocol if it is, but you
    may want to consider turning up something basic like RIP for those
    networks. Should work fine.
     
    Trendkill, Jun 18, 2007
    #2
    1. Advertising

  3. Guest

    So on the interface (the VLAN) enable rip?
     
    , Jun 18, 2007
    #3
  4. writes:
    >I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
    >and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
    >to the internet, its just I cannot route between them. I need vlans 20
    >and 30 to be able to access resources on vlan 10. Any Ideas? any thing
    >you guys need to see? Much thanks in advance!


    Do you have layer-3 interfaces done up in each of the VLANs? You'll
    have to run packets through the router to do inter-vlan routing. I'm
    assuming that is what you want, as if you wanted layer-2, then there's
    no point in doing seperate VLANs.

    How about some sanitized configs of the apporiate config sections?
     
    Doug McIntyre, Jun 18, 2007
    #4
  5. Cliff Guest

    If your running router on a stick, all the vlans should be directly
    connected and assuming the trunk to your router is configured
    correctly (Sub interfaces, encapsulation, total) then you shouldn't
    need any routing protocols or any static routes to reach each of the
    different networks. They should seen as directly connected. I not,
    check your routing table and see what the router sees. From there you
    can get a better of idea what is going on. If networks (Vlans) are not
    showing up in your routing table, they are not connected correctly. If
    they are not directly connected you will need static routes or a
    routing protocol.

    A look at the config of your router and switch that is trunking the
    vlans would go a long ways for help!



    On Jun 18, 12:15 pm, Trendkill <> wrote:
    > On Jun 18, 12:51 pm, wrote:
    >
    > > I have a 2801 router with a 4 port ethernet switch. I have vlan10 20
    > > and 30 assigned to fa0/3/0 /1 /2 on the switch. all vlans can connect
    > > to the internet, its just I cannot route between them. I need vlans 20
    > > and 30 to be able to access resources on vlan 10. Any Ideas? any thing
    > > you guys need to see? Much thanks in advance!

    >
    > IP routing enabled? You shouldn't need a protocol if it is, but you
    > may want to consider turning up something basic like RIP for those
    > networks. Should work fine.
     
    Cliff, Jun 18, 2007
    #5
  6. Cliff Guest

    On Jun 18, 12:21 pm, wrote:
    > So on the interface (the VLAN) enable rip?


    If you want to run rip. Go to privlaged, and global exec prompted.
    Turn on Rip.

    I beleive it's simply "Router)router rip"

    Then add the network address of each attached network you want to
    broadcast. FOr example if you have networks

    192.168.10.0
    192.168.20.0
    192.168.30.0

    simply type

    network 192.168.10.0
    network 192.168.20.0
    network 192.168.30.0

    Do this after you have turned on rip, you would have entered a new
    prompt. If you do it correctly those attached interfaces will be
    broadcast. However if your networks are directly connected it is not
    needed and you might be having another problem.

    Look at your routing table and see what it says

    "show ip route"

    do that at the privlaged prompt.
     
    Cliff, Jun 18, 2007
    #6
  7. Guest

    I got it working, I had to set each VLAN to process the other VLAN
    packets, at the VLANS that I want to talk to each other!! her is my
    config, I am sure it can use a little tunning up!! tell me what you
    think.

    Current configuration : 5268 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname edge.bluehaven
    !
    boot-start-marker
    boot system flash startup-config
    boot config flash:startup-config
    boot-end-marker
    !

    !
    no aaa new-model
    !
    resource policy
    !
    no network-clock-participate wic 1
    no ip cef
    !
    !
    ip dhcp relay information option
    no ip dhcp relay information check
    !
    !
    ip name-server 192.168.1.19
    ip name-server 192.168.100.11
    !
    !
    !

    !
    !

    !
    !
    controller T1 0/1/0
    framing esf
    clock source internal
    linecode b8zs
    channel-group 0 timeslots 1-24
    !
    controller T1 0/1/1
    framing esf
    clock source internal
    linecode b8zs
    channel-group 0 timeslots 1-24
    !
    !
    !
    !
    !
    interface Multilink1
    ip address 10.0.0.1 255.255.255.252
    ip route-cache flow
    ppp multilink
    ppp multilink group 1
    !
    interface FastEthernet0/0
    no ip address
    ip route-cache flow
    shutdown
    duplex auto
    speed auto
    no keepalive
    !
    interface FastEthernet0/1
    no ip address
    ip access-group bluehaven in
    ip access-group bluehaven out
    ip virtual-reassembly
    ip route-cache flow
    shutdown
    duplex auto
    speed auto
    snmp trap link-status permit duplicates
    !
    interface FastEthernet0/3/0
    description Blue Haven Servers VLAN 10
    switchport access vlan 10
    speed 100
    !
    interface FastEthernet0/3/1
    description Blue Haven Operations VLAN 20
    switchport access vlan 20
    speed 100
    !
    interface FastEthernet0/3/2
    description Blue Haven Supplies Direct Operations VLAN 30
    switchport access vlan 30
    speed 100
    !
    interface FastEthernet0/3/3
    speed 100
    !
    interface Serial0/1/0:0
    no ip address
    encapsulation ppp
    ip route-cache flow
    ppp multilink
    ppp multilink group 1
    !
    interface Serial0/1/1:0
    description bluehaven corp
    no ip address
    ip access-group bluehaven in
    ip access-group bluehaven out
    encapsulation ppp
    ip route-cache flow
    no cdp enable
    ppp multilink
    ppp multilink group 1
    !
    interface Vlan1
    no ip address
    ip helper-address 192.168.1.19
    !
    interface Vlan10
    ip address 192.168.1.2 255.255.255.0
    ip virtual-reassembly
    ip route-cache flow
    vlan-id dot1q 10
    exit-vlan-config
    !
    vlan-id dot1q 20
    exit-vlan-config
    !
    vlan-id dot1q 30
    exit-vlan-config
    !
    !
    interface Vlan20
    ip address 192.168.2.1 255.255.255.0
    no ip next-hop-self eigrp 1
    ip virtual-reassembly
    ip route-cache flow
    vlan-id dot1q 10
    exit-vlan-config
    !
    vlan-id dot1q 20
    exit-vlan-config
    !
    vlan-id dot1q 200
    exit-vlan-config
    !
    !
    interface Vlan30
    ip address 192.168.3.1 255.255.255.0
    no ip next-hop-self eigrp 1
    ip virtual-reassembly
    ip route-cache flow
    vlan-id dot1q 10
    exit-vlan-config
    !
    vlan-id dot1q 30
    exit-vlan-config
    !
    vlan-id dot1q 200
    exit-vlan-config
    !
    !
    router isis
    !
    ip route profile
    ip route 0.0.0.0 0.0.0.0 192.168.1.254
    ip route 192.168.1.0 255.255.255.0 192.168.1.254
    ip route 192.168.100.0 255.255.255.0 10.0.0.2
    ip route 192.168.200.0 255.255.255.0 10.0.0.2
    ip route 192.168.254.0 255.255.255.0 192.168.100.1
    ip route 192.168.255.0 255.255.255.0 192.168.100.1
    !
    ip flow-cache timeout active 1
    ip flow-export source Vlan10
    ip flow-export version 5
    ip flow-export destination 192.168.1.118 9996
    !
    no ip http server
    no ip http secure-server
    !
    ip access-list extended bluehaven
    permit ip any any
    !
    snmp-server community public RW
    snmp-server ifindex persist
    !
    !
    !
    !
    control-plane
    !
    disable-eadi
    !
    line con 0
    line aux 0
    line vty 0 4
    login
    !
    scheduler allocate 20000 1000
    end
     
    , Jun 18, 2007
    #7
  8. Guest

    Okay, I thought I had it. I was wrong. From VLAN20 and 30 I can hit my
    DNS server on VLAN10 @192.168.1.19 but I cannot access any other
    resources. from VLAN1 I can ping machines on the other 2 VLANS.
     
    , Jun 18, 2007
    #8
  9. Guest

    Okay,

    Here is my routing table

    Gateway of last resort is 192.168.1.254 to network 0.0.0.0

    S 192.168.200.0/24 [1/0] via 10.0.0.2
    10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
    C 10.0.0.2/32 is directly connected, Multilink1
    C 10.0.0.0/30 is directly connected, Multilink1
    S 192.168.255.0/24 [1/0] via 192.168.100.1
    S 192.168.254.0/24 [1/0] via 192.168.100.1
    C 192.168.1.0/24 is directly connected, Vlan10
    C 192.168.2.0/24 is directly connected, Vlan20
    S 192.168.100.0/24 [1/0] via 10.0.0.2
    C 192.168.3.0/24 is directly connected, Vlan30
    S* 0.0.0.0/0 [1/0] via 192.168.1.254
     
    , Jun 18, 2007
    #9
  10. Cliff Guest

    Ill need someone to back me up here because I havnt used router on a
    stick ina while. That and I dont have the time to look it up, dealing
    with my own issues atm....

    Are you trunking all 3 vlans to one single interface? Or are they
    coming in on 3 different interfaces?

    Also, on the router you shouldnt have to program any of the vlans
    unless it acting as a switch also. You simply need to tag the
    interfaces to the appropriate switches. I remember assigning hepler
    address's and other information directly to the interface, not the
    vlan interface. In fact i dont ever remember programing a vlan
    interface on a router. But its been a while so I would have to say I
    dont know. All I remember having to do was assign a vlan to each sub
    interface, define the type of encapsulation, and boom done. Ive never
    programed on a vlan interface on a router. Even if the router is
    switching, it shouldnt be necessary.

    You could try keeping this

    interface FastEthernet0/3/0
    description Blue Haven Servers VLAN 10
    switchport access vlan 10
    speed 100

    Removing this

    interface Vlan10
    ip address 192.168.1.2 255.255.255.0
    ip virtual-reassembly
    ip route-cache flow
    vlan-id dot1q 10
    exit-vlan-config

    moving the encapsulation statement back to the interface and move the
    IP address onto the interface.

    The way I understand it you wouldnt normally assign an IP address to a
    vlan interface unless you were truely on a switch. If this is really a
    router, it makes more sense to program the IP address on the interface
    itself.

    What confuses me is your using Dot1q as your trunking encapsulation,
    but your FA0/3/0 is set to switchport access. That tells the switch
    that it is not a trunked link, there would be no need for an
    encapsulation protocol.

    If your trunking, and those are sub interfaces, then you need to have
    it look more like this....

    interface FastEthernet0/3/0
    description Blue Haven Servers VLAN 10
    encapsulation dot1q 10
    ip address 192.168.1.2 255.255.255.0
    speed 100

    If its a switchport, and memory serves me right, you also need
    "switchport mode trunk" "Switchport access" tells the switch that that
    port is going to an end node like a computer.

    Any how you might want to wait for confirmation on what I said but if
    your in a rush theres this option. (and can afford to have that
    portion of the network down) you can always try what I said and if it
    doesnt work reboot the router remembering not to save the config.


    On Jun 18, 1:43 pm, wrote:
    > Okay,
    >
    > Here is my routing table
    >
    > Gateway of last resort is 192.168.1.254 to network 0.0.0.0
    >
    > S 192.168.200.0/24 [1/0] via 10.0.0.2
    > 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
    > C 10.0.0.2/32 is directly connected, Multilink1
    > C 10.0.0.0/30 is directly connected, Multilink1
    > S 192.168.255.0/24 [1/0] via 192.168.100.1
    > S 192.168.254.0/24 [1/0] via 192.168.100.1
    > C 192.168.1.0/24 is directly connected, Vlan10
    > C 192.168.2.0/24 is directly connected, Vlan20
    > S 192.168.100.0/24 [1/0] via 10.0.0.2
    > C 192.168.3.0/24 is directly connected, Vlan30
    > S* 0.0.0.0/0 [1/0] via 192.168.1.254
     
    Cliff, Jun 18, 2007
    #10
  11. Guest

    I got it now. We are in a transistion right now and have servral
    diffrent gateways on the network. Some of the servers use the old
    gateway for now till we move everything over and test it. I just
    needed to add a route on that gateway device to point back to my cisco
    for my other subnets! thanks again.
     
    , Jun 19, 2007
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mamun Shaheed

    Inter VLAN Routing.

    Mamun Shaheed, Oct 22, 2003, in forum: Cisco
    Replies:
    5
    Views:
    22,837
    shakeel
    Dec 15, 2007
  2. John Gill

    Re: Inter VLAN Routing

    John Gill, Oct 27, 2003, in forum: Cisco
    Replies:
    4
    Views:
    4,433
    Andre Beck
    Nov 1, 2003
  3. Damo
    Replies:
    8
    Views:
    6,709
  4. FeatureBug
    Replies:
    3
    Views:
    14,765
    Ivan Ostres
    Sep 3, 2004
  5. JohnD
    Replies:
    3
    Views:
    4,388
    stephen
    Dec 18, 2007
Loading...

Share This Page