cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2270
Views
31
Helpful
17
Replies

Keep VLAN Tags between 1921's over T1?

ADynes
Level 1
Level 1

I must be doing something wrong.  I am looking to transfer 3 VLANS (10, 20, and 30) over a T1 point to point using Cisco 1921 routers.  I do not want to "Bridge" the connection, one location has a 10.1.0.0/16 subnet and the other location has a 10.2.0.0/16 subnet because we don't want to saturate the already slow link.  I tried the instructions here:

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_tech_note09186a0080094663.shtml  but it didn't seem to work.

With these routers couldn't I create the three VLAN's then tell the GigabitEthernet0/0 interface it's a trunk port?  Or do I setup sub interfaces (.10, .20, and .30) for each vlan?  I've tried all of the above and I can't get it to work.  I can directly plug into the router and ping the other router on the other side of the T1 but I can get the info comming from my Dell PowerConnect 6248 (plugged into a trunk port) to go through to the router which is why I think it's a vlan issue.

-Allan

1 Accepted Solution

Accepted Solutions

The Vlan configuration for each site would be locally significant.

You can configure Vlan 10 in all sites and have the edge routers 'routed' these subnets to HQ and other branches.

I'm not sure what routing protocols are supported by the Dell Layer3 switch but all you need is have a common routing protocol between the 2921 router and the Dell Layer3 switch as well as 2921 and the other edge routers.

Regards,

Edison

View solution in original post

17 Replies 17

Peter Paluch
Cisco Employee
Cisco Employee

Allan,

I am somewhat confused by the requirements you have described. On one hand, you say you want to keep VLAN tags over a T1 link meaning that you want to essentially span your VLANs between both locations. On the other hand, you are saying that the two locations have different IP spaces - which defies the purpose of having a VLAN span both your locations, as a VLAN is always a single IP subnet.

Do you really want to make your VLANs span through both sides, or are you simply seeking for routing between your sites? Please note that VLANs 10, 20, and 30 defined as subinterfaces on one router are absolutely independent from VLANs 10, 20, and 30 on a different router, so if you just want to route between, say, VLAN 10 on two different routers, you do not care about keeping the VLAN tag at all.

Best regards,

Peter

Peter - We would like to segment Users (VLAN 10), Servers/Infrastructure (VLAN 20), and Phones (VLAN 30).   We also have a DMZ (VLAN 40) but we don't want to route that over the T1 (it's used for guest access).  We have 5 offices between two cities, each city has a "main" office with all our servers and the majority of users then some branch offices with 2 - 15 users and a couple printers.  So we want each VLAN to be the same in each city.  We have a Dell PC6248 Layer 3 switch in the main office of each city and Cisco 1921's.  For city A we would have something like 10.1.10.* for VLAN 10 and in city B it would be 10.2.10.*. 

Would this config be easier then I'm imagining?  Could I just set up the router with multiple IP addresses and route the information from one side to the other?  If so maybe that's what I'm stuck on.

The Vlan configuration for each site would be locally significant.

You can configure Vlan 10 in all sites and have the edge routers 'routed' these subnets to HQ and other branches.

I'm not sure what routing protocols are supported by the Dell Layer3 switch but all you need is have a common routing protocol between the 2921 router and the Dell Layer3 switch as well as 2921 and the other edge routers.

Regards,

Edison

webstd.design
Level 1
Level 1

Provider could provide 802.1q tunneling / Q in Q service using VPLS

I'm not worried about routing....I was going to assign manual routes since it's pretty simplistic.  I only really need something like this:

City A  (10.1.*)

0.0.0.0 0.0.0.0 (City A's proxy)

10.2.0.0 255.255.0.0 192.168.255.2   (City B side of the T1 serial connection)

City B (10.2.*)

0.0.0.0 0.0.0.0 (City B's proxy)
10.1.0.0 255.255.0.0 192.168.255.1 (City A side of the T1 serial connection)

So do I setup sub interfaces on my GigabitEthernet and turn on dot1q encapsulation then jsut assign them IP's on that VLAN's subnet and be done with it or am I now over simplifying it?

Edit: Each city's systems are almost a mirror.  Same file and print server, same proxy, each has a internet connection, each has a couple branches that are physically close (that use wireless bridges) but not in the same building.  City A has some servers that it doesn't make sense to duplicate which is why we have the T1...that and for active directory.  I want to use VLAN's and have the identical setup in each city for two reasons....simplicity in design and also disaster recovery.  So technically if the routing works across the routers I don't need to "bridge" the VLAN's.  I'm just thrown on how to make this happen.  I also want to make sure VLAN 40 never touches the other VLAN's but does travel my trunk ports over the wireless.  Whatever is the easiest way to accomplish this would work for me.

If you are looking for your WAN router do the the local Vlan routing, then you need subinterfaces on the edge router LAN interface and do router-on-a-stick.

I much prefer you configure the subnets in the Dell L3 switch and perform the inter-vlan routing there.

The router will simply have the IP address assigned to the main interface on a common subnet to the Dell L3 switch.

Oh..I think you mis understood.  I'm going to do the inter vlan routing on the switch.   I simply want to make sure that 10.1.10.* on VLAN 10 in City A is 10.2.10.* on VLAN 10 in city B.  That's all I want to accomplish.

Allan Dynes wrote:

Oh..I think you mis understood.  I'm going to do the inter vlan routing on the switch.   I simply want to make sure that 10.1.10.* on VLAN 10 in City A is 10.2.10.* on VLAN 10 in city B.  That's all I want to accomplish.

That implies bridging. You shout not bridge on WAN and much less on T1.

No.....again I am NOT birdging. I want to ROUTE across the T1 but maintain my VLANs. 

I believe Edison's comment headed me into the general direction I want.  I have now setup three sub interfaces on g0/0 as follows:

GigabitEthernet0/0.10 - VLAN 10 - 10.2.10.1 - dot1q encapsulation

GigabitEthernet0/0.20 - VLAN 20 - 10.2.20.1 - dot1q encapsulation

GigabitEthernet0/0.30 - VLAN 30 - 10.2.30.1 - dot1q encapsulation

I then plugged GigabitEthernet0./0 into the trunk port of my Dell 6248 Layer 3 switch.  The switch is setup with VLAN 10, 20, 30, and 40 (40 is a DMZ and will not route).  I can now ping from the switch plugged into VLAN 10 port with myself at 10.2.10.50) to 10.2.10.1 sucessfully.  I then plug into a VLAN 20 port and I cannot ping it which is what I want. 

Edison - so if I configure the identical setup on the other router the sub interfaces will tag my data going out of the opposite router and into the trunk port on that switch correct?  Does this make better sense?

Well, the thing is that when routing, the VLAN encap is not carried, as it is not needed.

So, in routing there is no way to preserve it. Packets will go where they have to go.

Also, and please do not get offended, if this is your first networkin project of similiar characterists, and you want have it done good and fast,, get help from a certified engineer, or person of equivalent experience

Won't the Cisco router on the other side "retag" the packets?  Since I'm using sub interfaces each with their own IP I shouldn't "need" to maintain the VLAN tag across the T1 from what I understand. 

Allan Dynes wrote:

Won't the Cisco router on the other side "retag" the packets?  Since I'm using sub interfaces each with their own IP I shouldn't "need" to maintain the VLAN tag across the T1 from what I understand. 

Yes, and yes.

So I'm actually done with the config then?   The router will accept the three subnets since I have a sub interface for each, trasfer them over the T1, then the router on the other side will sent the packets to that sides switch and tag it based on the subnet.  Correct?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco