How to route a segmented LAN? - Page 3

christopher_hall · ‎07-14-2011

I had posted previously about segmenting LAN traffic ( https://supportforums.cisco.com/message/3393501#3393501 ) and have a follow-up question. The traffic flow on the network is fine, but we are not able to access our remote locations.

Using the example in that thread:

Let's use your example. If your Vlan interfaces are configured on the 3560:

interface Vlan10

description LAN A

ip address 10.20.102.1 255.255.255.0

interface Vlan 104

description LAN B

ip address 10.20.104.1 255.255.255.0

Device A has his default gateway set to 10.20.102.1 (interface Vlan10) and device B has his default gateway configured to 10.20.104.1 (interface Vlan104). If device A (10.20.102.55) wants to talk to device B (10.20.104.25), the traffic would have been routed on the 3560 between Vlans 102 and 104.

As for DHCP, if there is a server on a separate network (let's give the DHCP server an ip: 192.168.2.15) you would configure an 'ip helper-address' on each vlan, which will forward each DHCP Discover broadcast to the DHCP server as a unicast packet. This is done because by default the router (3560) will not forward broadcasts.

interface Vlan10

description LAN A

ip address 10.20.102.1 255.255.255.0

ip helper-address 192.168.2.15

interface Vlan 104

description LAN B

ip address 10.20.104.1 255.255.255.0

ip helper-address 192.168.2.15

Hope this makes sense.

Now lets say LAN A and LAN B are located in SITE1. A second site, SITE2, has the address of 10.20.128.1. I can't ping the Site2 location from the LAN B (10.20.104.x) segment in Site1. I think I should set a static route on our switch with something like this:

ip route 10.20.0.0 255.255.0.0 10.20.102.10

The address 10.20.102.10 would be a wan router in this example.

Am I right here?

Thanks,

Chris

Jon Marshall · ‎07-19-2011

Is the next-hop for the route being advertised the site B router ?

Jon

christopher_hall · ‎07-19-2011

yes

Jon Marshall · ‎07-20-2011

Chris

This may be a timing issue. If you do a "sh ip bgp" on the site B switch do you see the route ? If so it may be a RIB failure. This will be because you have the static route added. If it is there you could try removing the static route and see if it then adds the BGP route to the routing table.

Jon

christopher_hall · ‎07-20-2011

Hi Jon,

The route does not show up in a show ip bgp. I'll try removing the static route and bouncing bgp at site B.

christopher_hall · ‎07-20-2011

Removing route & bouncing BGP on the site B switch this AM didn't work. Still not showing the 104 network. I also bounced bgp on the site B router this AM.

Jon Marshall · ‎07-20-2011

Chris

Does the switch in site B have other BGP routes received from site B router ?

Jon

christopher_hall · ‎07-21-2011

Yes.

Jon Marshall · ‎07-21-2011

Could you post the BGP config from site B router and switch together with a "sh ip bgp" from both devices ?

Jon

christopher_hall · ‎07-22-2011

Jon,

With some sensitve information, I would prefer to not post this publicly. I've sent this as a private message.

christopher_hall · ‎07-27-2011

Jon,

Wanted to confirm you got the requested information.

Thanks,

Chris

Jon Marshall · ‎07-27-2011

Chris

Apologies, got a bit distracted. Yes i got it but i also need the actual BGP config from the site B router and switch if you can send it.

Jon

christopher_hall · ‎08-02-2011

Jon,

Problem sovled. I contacted support and we added a sub-interface to our data center router and added the new network as a neighbor. The new network was also added as a neighbor on the data center switch.

Jon Marshall · ‎08-02-2011

Chris

Glad to hear you got it solved. Thanks for letting us know.

Jon