Solved: Re: Linking seperate building networks

esprit1987 · ‎07-20-2020

Hi,

Hope you can help...

I have 2 building networks I need to connect and with building 'A' needing to access resources on VLAN 161 in building B. I already have 3 other buildings connecting to building A but on a slightly different setup, so please can you review what I have below and advise if this will work...

The main goal is for building A on VLAN 2 192.168.150.0 \24 to access resource on VLAN 161 192.168.161.0 \24. But in an ideal world have access to all 4 vlans in building B (Vlan 160, 161, 162 and 163)

Please see below my initial config

Building A Catalyst 3560

!

interface GigabitEthernet0/49

description P2P LINK CSW

switchport trunk encapsulation dot1q

switchport trunk native vlan 161

switchport mode trunk

!

interface Vlan160

description building b management

ip address 192.168.160.1 255.255.255.0

!

interface Vlan161

description building b CCTV

ip address 192.168.161.1 255.255.255.0

!

interface Vlan162

description building b ACS

ip address 192.168.162.1 255.255.255.0

!

interface Vlan163

description building b VCOM

ip address 192.168.163.1 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.50.1

ip route 192.168.151.0 255.255.255.0 192.168.151.1

ip route 192.168.153.0 255.255.255.0 192.168.153.254

ip route 192.168.160.0 255.255.255.0 192.168.160.254

ip route 192.168.161.0 255.255.255.0 192.168.161.254

ip route 192.168.162.0 255.255.255.0 192.168.162.254

ip route 192.168.163.0 255.255.255.0 192.168.163.254

Building B SG350XG-24F

!

interface TengigabitEthernet1/0/23

description buildingAuplink

spanning-tree link-type point-to-point

switchport mode trunk ------------------------------This may need to be set as “switchport mode general” when connecting small business switches to Catalyst

switchport trunk allowed vlans all

macro description switch

!next command is internal.

macro auto smartport dynamic_type switch

!

ip default-gateway 192.168.160.1

ip route 192.168.150.0 /24 192.168.160.1

ip route 192.168.150.0 /24 192.168.161.1

ip route 192.168.150.0 /24 192.168.162.1

ip route 192.168.150.0 /24 192.168.163.1

I look forward to your feedback

Richard Burts · ‎07-20-2020

There are multiple things in this config to address:

- you do not show it so we have to ask is it correct that ip routing is enabled on the switch in building A and not enabled on the switch in building B?

- building A specifies switchport trunk native vlan 161

but building B lets the trunk use the default native vlan

- you show only partial configs so we can not be sure how the vlans are configured in building B and whether there are any vlan interfaces configured on the switch in building B.

- so are we correct that building A will do all routing for devices in building B (including routing between the several vlans in building B - vlan to vlan communication)?

- you have these static routes on the switch in building A

ip route 192.168.160.0 255.255.255.0 192.168.160.254

ip route 192.168.161.0 255.255.255.0 192.168.161.254

ip route 192.168.162.0 255.255.255.0 192.168.162.254

ip route 192.168.163.0 255.255.255.0 192.168.163.254

but they do not make sense and certainly are not needed. Each of those subnets is a connected subnet (based on the interface vlan x configured on switch in building A) and you do not need static routes for connected subnets. The switch will route for them automatically. Also what is the .254 address specified in the routes?

- you have some static routes on the building B switch which are puzzling. For one thing you specify a default-gateway on this switch which suggests that it is operating as a layer 2 switch. But static routes only work is the switch is operating as layer 3.

- also these static routes are all for the same remote subnet address but specify different next hop addresses for how to get to that remote subnet

ip route 192.168.150.0 /24 192.168.160.1

ip route 192.168.150.0 /24 192.168.161.1

ip route 192.168.150.0 /24 192.168.162.1

ip route 192.168.150.0 /24 192.168.163.1

HTH

Rick

View solution in original post

balaji.bandi · ‎07-20-2020

As per your information you have Build A has all the VLAN "Building A Catalyst 3560" as per the information you have provided.

if you like other VLAN to allow you need to add all of them if this is the trunk using to connect other switch

interface GigabitEthernet0/49

description P2P LINK CSW

switchport trunk encapsulation dot1q

switchport trunk native vlan 161

switchport trunk allowed vlan 160,161,162,163

switchport mode trunk

you need to route here :

ip route 192.168.150.0 /24 to Other switch IP address

Building B SG350XG-24F - if this switch acting as Pure Layer 2 or Layer3?

create a VLAN 160, 161,162,163

Then allocate the interface to respected VLAN.

you can have ip routing enable

ip route 0.0.0.0 0.0.0.0 x.x.x.x (uplink Switch IP address).

Another question where is VLAN 2 ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Richard Burts · ‎07-20-2020

There are multiple things in this config to address:

- you do not show it so we have to ask is it correct that ip routing is enabled on the switch in building A and not enabled on the switch in building B?

- building A specifies switchport trunk native vlan 161

but building B lets the trunk use the default native vlan

- you show only partial configs so we can not be sure how the vlans are configured in building B and whether there are any vlan interfaces configured on the switch in building B.

- so are we correct that building A will do all routing for devices in building B (including routing between the several vlans in building B - vlan to vlan communication)?

- you have these static routes on the switch in building A

ip route 192.168.160.0 255.255.255.0 192.168.160.254

ip route 192.168.161.0 255.255.255.0 192.168.161.254

ip route 192.168.162.0 255.255.255.0 192.168.162.254

ip route 192.168.163.0 255.255.255.0 192.168.163.254

but they do not make sense and certainly are not needed. Each of those subnets is a connected subnet (based on the interface vlan x configured on switch in building A) and you do not need static routes for connected subnets. The switch will route for them automatically. Also what is the .254 address specified in the routes?

- you have some static routes on the building B switch which are puzzling. For one thing you specify a default-gateway on this switch which suggests that it is operating as a layer 2 switch. But static routes only work is the switch is operating as layer 3.

- also these static routes are all for the same remote subnet address but specify different next hop addresses for how to get to that remote subnet

ip route 192.168.150.0 /24 192.168.160.1

ip route 192.168.150.0 /24 192.168.161.1

ip route 192.168.150.0 /24 192.168.162.1

ip route 192.168.150.0 /24 192.168.163.1

HTH

Rick

balaji.bandi · ‎07-20-2020

As per your information you have Build A has all the VLAN "Building A Catalyst 3560" as per the information you have provided.

if you like other VLAN to allow you need to add all of them if this is the trunk using to connect other switch

interface GigabitEthernet0/49

description P2P LINK CSW

switchport trunk encapsulation dot1q

switchport trunk native vlan 161

switchport trunk allowed vlan 160,161,162,163

switchport mode trunk

you need to route here :

ip route 192.168.150.0 /24 to Other switch IP address

Building B SG350XG-24F - if this switch acting as Pure Layer 2 or Layer3?

create a VLAN 160, 161,162,163

Then allocate the interface to respected VLAN.

you can have ip routing enable

ip route 0.0.0.0 0.0.0.0 x.x.x.x (uplink Switch IP address).

Another question where is VLAN 2 ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Richard Burts · ‎11-10-2020

I am glad that our suggestions were helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick