Solved: intervlan communication without router or l3 device - Page 2

suresh.nr3171 · ‎03-12-2018

Hi,

I was asked in an interview that two hosts connected through 2 cisco 2950 switches in different vlans should communicate each other without using layer 3 device and l3 switch. Is this possible?

Richard Burts · ‎08-03-2019

My previous response was focused on how it could work for 2 PCs connected to 2 switches and in different vlans could communicate. @sanchita13 reports that it was tested and did not work. The most important aspect of this situation is whether PC1 will send an arp request and whether PC2 will respond to that request.

@Giuseppe Larosa has supplied one solution which makes it work and that is to have a single IP subnet used in both vlans. In that case PC1 certainly will send the arp request and PC2 will certainly respond, and communication is successful. My suggested solution addressed what is commonly assumed when we say 2 vlans it implies 2 IP subnets. Clearly that is what @sanchita13 tested. And reports that it did not work. The key to understanding this is not the switches and how they operate but is the PCs and the OS of the PC and how the OS works. My explanation of how it could work assumes that PC1 will send the arp request and that PC2 will respond to the arp request. That assumption is not always true, as @sanchita13 demonstrated. Many OS will arp for destinations within the local subnet and will depend on its gateway for communication outside of its gateway. If PC1 has address 192.168.10.2 with gateway 192.168.10.1 and if PC2 has address 192.168.20.2 with gateway 192.168.20.1 then communication between PCs will fail. So for the communication to succeed we either need an OS that will arp anyway or we need to fool the OS into sending the arp. (ways of fooling the OS might include changing the subnet masks of the addresses to make them appear to be in the same supernet, or configuring the gateway as 0.0.0.0 or as the same as the PC address, or perhaps not configuring a gateway address - much depends on the OS and version of OS of the PC).

The question from the original poster was about how networks and switches within the networks work. My suggestion focused on networking operations and how it would be possible for 2 PCs in 2 vlans on 2 switches could be able to communicate. the testing done by @sanchita13 involves not only the networking of the switches but also depends on the behavior of the connected PCs.

HTH

Rick

HTH

Rick

jasonelmore · ‎10-25-2023

I couldn't get this to work no matter if the host pc's on each switch were in the same subnet or not. Switchport mode access between the two switches seems to prevent any vlan hopping

Joseph W. Doherty · ‎10-25-2023

It can be done.

If you were unable to make it work, most likely you either missed a necessary configuration change or you misunderstand what all must be done to allow it to work.

Not that this is proof alone but 3 Hall of Fame members believe it can be done.

If you provide ALL the details of what you did, possibly we can point out what might be the issue in your trials.

Richard Burts · ‎10-25-2023

I agree with Joseph that we do not have enough information about what you did in setting up this test. Was it done with real hardware or done in some emulator? Were the PCs in the same layer 3 subnet or in different subnets? Were the switches connected using access ports or connected by trunk and with mismatched native vlan?

And another important aspect of whether it will work or not depends on the behavior of the PCs. The important thing is that a PC must send an arp request to the other PC. If both PCs are in the same IP subnet it is much more likely that arp will be sent. If the PCs are in different subnets arp might be sent but it might not. I have experienced some OSes that would arp for a remote address and have experienced some OSes that will not. In the test it might be useful to configure the PCs with IP address and mask but without a default gateway.

HTH

Rick

sanchita13 · ‎08-02-2019

the solution shared by Richard is also not working