Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
841
Views
0
Helpful
1
Replies

Help with Isolating Traffic on Different Subnets

nicweaver
Level 1
Level 1

‎04-20-2012 02:48 PM - edited ‎03-04-2019 04:06 PM

What I have is two Cisco 3750X switches, 10 bridges, and 10 routers. What I'm doing is throughput testing. The problem is all of the routers have identical subnets because in the real world there won't be two of them in the same place. The 10 bridges were the easy part. I have one switch dedicated to LAN side and one dedicated to WAN side. Since the bridges themselves allow any traffic through because they are bridges I set all of the individual ports to essentially be their own subnet by making them L3 ports. Then, I set the switch to route the traffic based on subnet through the correct port using the ip route command in the CLI. I'm using a Spirent to generate traffic and the spirent lets me wrap traffic on different streams in different IP addresses. I made the uplink have a subnet of 10.0.28.0 and I made every port have a subnet starting with 10.0.5.0 being incremented by 1. This allowed me to send traffic from source address 10.0.5.5 to destination address 10.0.28.5 and vice versa by telling the switch to route any traffic with a 10.0.5.0 subnet to port 1 (first device) and any traffic with a 10.0.28.0 address to port 24 (uplink). The reason this works is because bridges don't care what the traffic is or where it is going so everybody is fine and happy.

Now I have to introduce 10 new devices that are all routers while maintaining the previous set up and I'm stumped. I've tried everything I can think of, different Vlans, trunking, routing, L3 ports, etc. If i try to isolate everything by Vlan they can't talk to each other. If i try to isolate everything by Vlan and trunk the uplink port it won't work because you need to do Vlan tagging and my device doesn't do that and I don't think the switch can do that for you. The routing doesn't work because the uplink port has to be it's own subnet and when that subnet tries to send traffic to the router it's considered foreign and gets dropped. With L3 ports you run in to the same problem, you can isolate all of the individual ports with their own subnet but the uplink port has to have a different subnet which automatically causes the router to drop the packets. The only configuration that works is a completely default dumb switch configuration and that is unacceptable because I need all of this traffic to be isolated because of the bridges. Without the isolation, all of the data will go through the nearest easy hop which will be one of the bridges, even if that isn't the right path the switch doesn't know any better. I can change the subnet on the routers but I can't deviate too far from the original subnet which is 192.168.0.0. I tried setting up different subnets by incrementing the third octet by 1 every time, 192.168.0.1, 192.168.1.1, 192.168.2.1, etc. and think this setup will work I just don't know how to set the switch up. Setting up the switch to route the traffic properly without changing the subnet on any of the devices would be ideal.

Any help or ideas will be appreciated.

Thanks,

Nick

Labels:
0 Helpful
1 Reply 1

andrew.prince
Level 10
Level 10

‎04-21-2012 11:28 AM

Have you tried SVI's ?

Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card