Solved: couple questions regarding vlan routing

menash · ‎08-17-2020

1. lets say i create a network of 10.0.0.0/24 under vlan 10 and im trying to set up a default gateway for it, i encounter a problem where if i just take a router's interface (i.e fa0/0) and simply give it an ip address under the network's scope, it will not route packets out of the subnet, even if i have only one vlan connected to it. instead, i have to use fa0/0.10 method, and so i could then use encapsulation dotiq 10, which seems to work. what am i doing wrong?

2. lets say i have network A configured with vlan 10, and a network B configured with vlan 20, which are both connected to 2 different interfaces of a router. hosts on both sides can ping one each other. if i wanted to place a vlan 20 pc on network A, would i need to create another subnet under network A, or could i simply use network B's settings and it'll work? what would happen if i try to create vlan 20 under network A with the same settings as on network B? if i tried to create vlan 10 and 20 on both networks, will i end up with 4 different subnets under 2 vlans?

i added the base configuration ive been messing around with, but coudlnt come up with solid answers because nothing worked. would love to get answer from you guys!

Joseph W. Doherty · ‎08-17-2020

#1 Sounds like you're using a trunk interface on the switch side, which will tag all frames other than the "native" VLAN (VLAN 1, by default). For the router to work, normally, with a trunk interface, its frames should be tagged, or not, to match those from the switch. If this what's happening, switch frames tagged as VLAN 10 (if not native) would need the router to have a subinterface that "expects/processes" those tagged frames. (NB: a router port, not being a subinterface, "expects/processes" untagged frames.

#2 Cisco routers, generally, reject the same network appearing on different router interfaces. Unclear you fully understand the difference between a VLAN, which is a L2 broadcast domain, and a network, which is a L3 address space/block. You can have multiple networks within the same VLAN, but cannot normally (you can mix VLAN frames, but it's done in a way that the VLANs don't "know" they've been mixed) have multiple VLANs in the same network (address/block).

View solution in original post

Joseph W. Doherty · ‎08-17-2020

#1 Sounds like you're using a trunk interface on the switch side, which will tag all frames other than the "native" VLAN (VLAN 1, by default). For the router to work, normally, with a trunk interface, its frames should be tagged, or not, to match those from the switch. If this what's happening, switch frames tagged as VLAN 10 (if not native) would need the router to have a subinterface that "expects/processes" those tagged frames. (NB: a router port, not being a subinterface, "expects/processes" untagged frames.

#2 Cisco routers, generally, reject the same network appearing on different router interfaces. Unclear you fully understand the difference between a VLAN, which is a L2 broadcast domain, and a network, which is a L3 address space/block. You can have multiple networks within the same VLAN, but cannot normally (you can mix VLAN frames, but it's done in a way that the VLANs don't "know" they've been mixed) have multiple VLANs in the same network (address/block).

menash · ‎08-17-2020

that was definitely helpful, thank you for the detailed answer.