Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5766
Views
10
Helpful
6
Replies

Same VLAN Configuration in two switches - Routing between VLAN

Go to solution
Cisconew
Level 1
Level 1

‎08-20-2020 01:24 PM

Hi,

I have attached PT-Topology for VLAN configuration.

Used vlan10,20,30 in SW1 & SW2.End devices connected to SW1 & SW2 is assigned with ip addresses in same subnets in both switches in respect with vlans.

I've created sub interfaces(Fa 0/0.10,0.20&0.30) in Router for Fa 0/0 interface which is connecting to Switch 1.

Should i need to create subinterfaces for Fa 0/1 which is connecting to SW1.

 

Please find below show run command output for router, SW1 & SW2.

 

I am little confused here. Please help me.

 

Router#sh run

Building configuration...

 

Current configuration : 941 bytes

!

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

!

!

!

!

!

!

!

ip cef

no ipv6 cef

!

!

!

!

!

!

!

!

!

!

!

!

spanning-tree mode pvst

!

!

!

!

!

!

interface FastEthernet0/0

ip address 192.168.1.100 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.10.100 255.255.255.0

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 192.168.20.100 255.255.255.0

!

interface FastEthernet0/0.30

encapsulation dot1Q 30

ip address 192.168.30.100 255.255.255.0

!

interface FastEthernet0/1

ip address 192.168.2.100 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1.10

encapsulation dot1Q 10

no ip address

!

interface Vlan1

no ip address

shutdown

!

ip classless

!

ip flow-export version 9

!

!

!

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

end

 

SW1#sh run

Building configuration...

 

Current configuration : 1299 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname SW1

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport mode trunk

!

interface FastEthernet0/2

switchport access vlan 10

switchport mode access

!

interface FastEthernet0/3

switchport access vlan 20

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 30

switchport mode access

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address 192.168.1.1 255.255.255.0

!

ip default-gateway 192.168.1.100

!

!

!

!

line con 0

!

line vty 0 4

login

line vty 5 15

login

!

!

!

!

end

 

SW2#sh run

Building configuration...

 

Current configuration : 1299 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname SW2

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport mode trunk

!

interface FastEthernet0/2

switchport access vlan 10

switchport mode access

!

interface FastEthernet0/3

switchport access vlan 20

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 30

switchport mode access

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

ip address 192.168.2.1 255.255.255.0

!

ip default-gateway 192.168.2.100

!

!

!

!

line con 0

!

line vty 0 4

login

line vty 5 15

login

!

!

!

!

end

Labels:
Preview file
302 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-20-2020 01:33 PM

Don't know if it's possible in Packet Tracer, but to have a second interface, on the router, connecting to second switch, you would need to "bridge" the interfaces to the switches, and have one bridge interface, per VLAN, on the router.

The other way to deal with your topology, would be to eliminate the router<>SW2 link, and replace with a SW1<>SW2 link, which is trunked. (This approach is more likely to work in Packet Tracer.)

View solution in original post

0 Helpful

Go to solution
Martin L
VIP
VIP

‎08-20-2020 01:59 PM

 

Vlans on switch and routers do separate broadcast domains; and router interfaces must be on different networks, subnets.  Hence, On right side of a router, you must use different subnetting scheme (ip addressing). you can use same vlan numbers but usually we use different vlan numbers and networks/subnets/addressing from left side. 

if you do have identical vlans and subnets on left and right side of a router, then this would imply 2 different companies connected together.   in such case, you would have to add a router to do NAT translations in order for left side to communicate with right side. 

 

Regards, ML
**Please Rate All Helpful Responses **

View solution in original post

6 Replies 6

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-20-2020 01:32 PM - edited ‎08-20-2020 01:36 PM

On Router :

 

interface FastEthernet0/0

no ip address 192.168.1.100 255.255.255.0

no ip address

duplex auto

speed auto

 

On switch side :

 

Interface fas 0/1

switchport trunk encapsulation dot1q

switchport mode trunk

spanning-tree portfast trunk

 

test and advise

 

EDIT :

 

Sorry i missed the Picture, you can have different VLAN numbers on another side in the router on fas 0/1

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎08-20-2020 01:33 PM

Hello,

 

this won't work. You cannot have subinterfaces for the same Vlan on two interfaces of the same router. What are you trying to accomplish ?

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-20-2020 01:33 PM

Don't know if it's possible in Packet Tracer, but to have a second interface, on the router, connecting to second switch, you would need to "bridge" the interfaces to the switches, and have one bridge interface, per VLAN, on the router.

The other way to deal with your topology, would be to eliminate the router<>SW2 link, and replace with a SW1<>SW2 link, which is trunked. (This approach is more likely to work in Packet Tracer.)
0 Helpful

Go to solution
Cisconew
Level 1
Level 1
In response to Joseph W. Doherty

‎08-20-2020 02:01 PM

Thanks Joseph,

As you said, i have removed link between SW2 and Router.

Also connected sw1>>SW2 as trunk.

 

I have changed my Topology as below. It worked for me.

 

 

Thanks for your reply

Preview file
302 KB
0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Cisconew

‎08-20-2020 02:29 PM

Great!

BTW, what you were trying to do, has advantages and disadvantage to what you have now.

From a L2 perspective, in your original design, if the router fails you lose all L3, but L2 (same VLAN) traffic continues to work normally.

In the second/current design (what I suggested), besides losing all L3 if router fails, if SW1 fails, the remaining SW still loses L3 because it loses path to router. (In such a real world design, you might consider attaching "more important" hosts to SW1 rather than SW2.)

For redundancy, a "better" design, would be to "merge" both topologies, i.e. have the router with a link to both switches and the switches interconnected. That way, if the router failed, your switches would still, at least, maintain the VLANs across both switches, and if either switch fails, the remaining switch would operate normally. (A, somewhat, nice improvement, for only the "cost" of just one additional Ethernet link [assuming router bridged interfaces support multiple interfaces].)

You can further improve redundancy, but only by obtaining better/more hardware.
0 Helpful

Go to solution
Martin L
VIP
VIP

‎08-20-2020 01:59 PM

 

Vlans on switch and routers do separate broadcast domains; and router interfaces must be on different networks, subnets.  Hence, On right side of a router, you must use different subnetting scheme (ip addressing). you can use same vlan numbers but usually we use different vlan numbers and networks/subnets/addressing from left side. 

if you do have identical vlans and subnets on left and right side of a router, then this would imply 2 different companies connected together.   in such case, you would have to add a router to do NAT translations in order for left side to communicate with right side. 

 

Regards, ML
**Please Rate All Helpful Responses **

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card