04-28-2010 01:36 AM - edited 03-04-2019 08:18 AM
I need to extend the vlan that has been created in the cuurrent facility core switch, to another building
over a WAN link. The scope is to route the traffic to wards the onsite(from current building).
04-28-2010 02:00 AM
Hi Uday,
Before getting into how this might be done, what is it that you'd like to achieve? - There are a number of drawbacks and innefficiencies to extending a broadcast domain over geographical sites.
What type of WAN circuit do you have - or do you have one yet?
If it is a L3 circuit, you might want to look at L2TPv3 (Layer Two Tunneling Protocal, version 3).
If you have a L2 ethernet circuit you might be able to trunk a few VLANs over the circuit (if the carrier supports dot1q) or else you might only be able to plug in two access ports at each end of the link.
Sorry to repeat myself, but if there is any way to achieve what you want without splitting a VLAN across sites I'd strongly recommend investigating it.
HTH
Kevin
04-28-2010 02:10 AM
Thanks for looking into this brennan,
Here I am explaining you that what might be done.
We have 2 branches connected with PRI link (in the same city).
And we have client site and that has connection with only one of our branch. This connection has some limitations. We natted one private VLAN to a single public IP, and we are doing the routings and all to wards the client. For client the source IP is unique(eventhough there are several hosts)
Now we want to give the connectivity to the client site from the other branch also.
Could you please tell me the best way to do it.
04-28-2010 02:17 AM
Hi Uday,
I don't think extending a VLAN is what you're looking for.
If I understand correctly, is this your setup?
You want
How does
Is it a VPN?
I presume you are using static routes between
Kevin
04-28-2010 02:25 AM
Yes Kevin
Exactly
Now I want the connectin should be from
Coz we cannt go for aother link btw
And the connection btw
04-28-2010 02:32 AM
Hi Uday,
I'm with you now.
You need two additional static routes. This is assuming that there is full ip connectivity between
On
On
The syntax for this is
ip route x.x.x.x y.y.y.y z.z.z.z
Where x.x.x.x y.y.y.y is the network and mask of the destination network and z.z.z.z is the next hop to that destination.
Depending on the relationship between yourself and your client, you might want to implement some ACL's to restrict the flow of traffic between you.
HTH
Kevin
(EDIT: You mentioned NAT, could you elaborate on that, as it may have a bearing)
Message was edited by: brennan.k
04-28-2010 03:29 AM
As I told eariler.....Client is allowing my traffic as single source
(196.12.X.X)
From
in
04-28-2010 03:32 AM
Hi Uday,
I'm not sure if that would be possible with your NAT configuration.
Can you post your configs (without any sensitive information)?
Kevin
04-28-2010 09:31 AM
Certainly you can achieve the same without extending LAN. Now if site 2 allowed only site 1 to communicate then there are couple of options available to you.
I have put my current understanding of your requirement in the diagram attached. Need basic information to suggest something workable for you
What is the challenge
Share the config of the network devices in the path
Shailesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide