I have what I think is a simple question. My ISP is providing me with 1 public IP on a /30 network and 14 public IPs on a /28 network.
In this example the 10.0.0.1 is the default gw provided by my ISP and 10.0.0.2 is my SF300-08. If I setup my router to route to 10.0.0.2 as the default gw through the interface between the switch and router, can I configure the static routes in the switch to route further to 10.0.0.1?
Also, is it possible to have these 2 networks on different VLANs and configure inter-VLAN routing? I don't want the switch accessible from the 10.0.0.2 IP.
I'm curious - why are you adding the switch on the public side of the router? Why not just have the 10 network defined directly on the router and then have the switch on the local side?
Either way, if you wanted to set it up the way as in your diagram, the switch will have VLAN x configured with 10.0.0.2/30 as an IP interface in this VLAN. Then, it will also have VLAN y with an IP interface in the 172 network. This way you will be doing inter-VLAN routing on the switch.
You can specify Management Access Profile rules which allows you to set who is allowed to manage the switch and over which interfaces.
I was trying to simplify the way I asked my question to solve the problem at hand and I'm afraid I over simplified it. Let me explain exactly what I'm trying to do which prompted me to ask this question.
I have 1 static IP on a /30 (2 IP) network: 10.0.0.2 (the ISP GW is 10.0.0.1)
My ISP gave me a block of static IPs on a /28 (14 IPs) network routable through 10.0.0.2: 172.16.0.1 - 172.16.0.14
Currently I only have 1 ISP who has a 100-Base FX uplink in my building. Currently it's being converted to 100Base-TX via a Media Converter (MC) supplied by my ISP. What I'm trying to do is reduce the number of single points of failures (SPOFs) in network.
This is my current setup...
So in this scenario I have 2 SPOFs - the MC and my router. I want to deploy dual routers in a HSRP / VRRP configuration thereby removing the router SPOF. However the MC only has 1x 100Base-TX port and would need to be switched. The biggest issue is that my 1 static IP is on a /30 network and as I understand it you need atleast 3 IPs on the same network to be able to deploy HSRP / VRRP. This is the root of my original question.
So my design becomes this...
The router's would use 10.0.0.2 as their default GW and the switch would further statically router to 10.0.0.1 (or can I make the default route 10.0.0.1 and the switch will know what to do?).
However the switch introduces another SPOF offsetting the HSRP / VRRP. I'm working with my ISP to find the right equipment I would need so that I can remove the MC and have the 100Base-FX uplink connected directly to the switch going to the routers. This would reduce my SPOFs to 1. Until I can strike a routing agreement with 2 ISPs, I can live with this 1 SPOF.
This would be the ultimate goal (for now)...
Now behind the routers will be a pair of stacked switches with 2-port LAGGs from each router (standard design). With this design I know the SF300-08 so I'll need to find a combination of switch / SFP transceiver that will be compatible with my ISPs drop.
I hope this clarifies my original question. Any feedback is greatly appreciated.
I don't think this is accomplishing what you're looking to do. By architecting it this way, the single point of failure is moved from a router to a switch. It's better just to wait until you get the second Internet connection and terminate each connection on its own router with VRRP running between them.
I recently purchased an RV160W for an individual who was having substantial trouble with her ISP router. Unfortunately, I received the wrong model in the mail, the RV160. Is there a low cost solution anyone is aware of to attach a wireless acces...
Hey Everybody, Corey here with another issue of our newsletter. Where you can keep up with the latest from our community and support teams.
We’re hard at work making documentation for Cisco Business Switches and the Cisco Business Dashb...
I have enabled ssh on RV340 via downloading the configuration and setting ssh from false to true then uploading back to the router When I try to ssh i m able to connect and enter credentials but unfortunately getting the following error &nb...
Join us on Thursday, July 23 at 10 am PT (and on demand after) as we address the relationship small business owners have with Cisco partners as they work together to succeed on the business front.
Our ecosystem of partners, many of which are small compani...