Hi all, can anyone help me with my design, we have a core router at head office and lots of 3550 switches, we have a remote office that connects via a les 100 circuit, basically out core router already has lots of secondary addresses so I was thinking of plugging the les circuit into one of our switches and putting that as a layer 3 port, then routing to that switch from our core, would that be ok, or are there other prefered methods ?
Can you explain the relationship of LES circuit and the secondary ip ? Do you mean to remove the secondary ip and create VLAN then assign the ip to the VLAN ?
hi, there is no relationship between the les and sec ip,, basically the les plugs into our switch at the head office, the other end goes into a router, for the 2 sites to see each other they need a common subnet on the routers as its ethernet, but our core router already has to many secondaty addresses, I wanted to assign each end a 192.168.1.0/30 address, so what I was going to do was enable ip routing on a switch here, put the port the les sits on into a layer 3 mode, then from our core route to vlan 1 on this switch which will then route out the remote office, is this ok ?
can you by just putting a simple diagram? so that i can explain you clearly.
I have a similiar WAN setup in my organization where i hav set only a primary IP address in the router & created vlans in my layer 3 switch, all the routers fall under 1 vlan(eg. vlan 2) & all the server under falls on vlan 3, so that the client from the remote end will jus connect to the server ip address, because on the layer 3 switch , i have enabled inter-vlan routing.
hope you understood.
rate this post.
Carl, basically, it works and agreed on Anand's suggestion. It is just to remind if there is another L3 routing / switching device will be connected to your core and exchange the routes, you have to design the routing plan to prevent backdoor or un-preferred path. And also need to check any L2 looping if they are located at the same VLAN.
Hope this helps.
the best practise is to create VLANs for each different segmnet of your network.
Most of today's routers and switches can handle VLANS (802.1Q or ISL)
With that way you will separete all segments of you network, reduce broadcasts and off course secure your traffic.
If for any reason all remote ethernets from you provider comes to the same port on your switch then I suggest you use tunnels from remote sites to the central site.
Hope this helps