cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

CISCO SWITCHES FOR SMALL and MEDIUM BUSINESS

Introducing the next generation of Cisco Small and Medium Business Switches. Cisco is refreshing its SMB Switch portfolio. Click here  to learn more.


1242
Views
0
Helpful
3
Replies
Highlighted
Beginner

SF300-08

Hello Community,

I have what I think is a simple question. My ISP is providing me with 1 public IP on a /30 network and 14 public IPs on a /28 network.

Sample.png

In this example the 10.0.0.1 is the default gw provided by my ISP and 10.0.0.2 is my SF300-08. If I setup my router to route to 10.0.0.2 as the default gw through the interface between the switch and router, can I configure the static routes in the switch to route further to 10.0.0.1?

Also, is it possible to have these 2 networks on different VLANs and configure inter-VLAN routing? I don't want the switch accessible from the 10.0.0.2 IP.

Thanks in advance!

Matthew Bowman

3 REPLIES 3
Highlighted
Cisco Employee

Re: SF300-08

Matthew,

I'm curious - why are you adding the switch on the public side of the router? Why not just have the 10 network defined directly on the router and then have the switch on the local side?

Either way, if you wanted to set it up the way as in your diagram, the switch will have VLAN x configured with 10.0.0.2/30 as an IP interface in this VLAN. Then, it will also have VLAN y with an IP interface in the 172 network. This way you will be doing inter-VLAN routing on the switch.

You can specify Management Access Profile rules which allows you to set who is allowed to manage the switch and over which interfaces.

Ivor

Highlighted
Beginner

Re: SF300-08

Hey Ivor,

Thanks for replying to my question.

I was trying to simplify the way I asked my question to solve the problem at hand and I'm afraid I over simplified it. Let me explain exactly what I'm trying to do which prompted me to ask this question.

I have 1 static IP on a /30 (2 IP) network: 10.0.0.2 (the ISP GW is 10.0.0.1)

My ISP gave me a block of static IPs on a /28 (14 IPs) network routable through 10.0.0.2: 172.16.0.1 - 172.16.0.14

Currently I only have 1 ISP who has a 100-Base FX uplink in my building. Currently it's being converted to 100Base-TX via a Media Converter (MC) supplied by my ISP. What I'm trying to do is reduce the number of single points of failures (SPOFs) in  network.

This is my current setup...

So in this scenario I have 2 SPOFs - the MC and my router. I want to deploy dual routers in a HSRP / VRRP configuration thereby removing the router SPOF. However the MC only has 1x 100Base-TX port and would need to be switched. The biggest issue is that my 1 static IP is on a /30 network and as I understand it you need atleast 3 IPs on the same network to be able to deploy HSRP / VRRP. This is the root of my original question.

So my design becomes this...

The router's would use 10.0.0.2 as their default GW and the switch would further statically router to 10.0.0.1 (or can I make the default route 10.0.0.1 and the switch will know what to do?).

However the switch introduces another SPOF offsetting the HSRP / VRRP. I'm working with my ISP to find the right equipment I would need so that I can remove the MC and have the 100Base-FX uplink connected directly to the switch going to the routers. This would reduce my SPOFs to 1. Until I can strike a routing agreement with 2 ISPs, I can live with this 1 SPOF.

This would be the ultimate goal (for now)...

Now behind the routers will be a pair of stacked switches with 2-port LAGGs from each router (standard design). With this design I know the SF300-08 so I'll need to find a combination of switch / SFP transceiver that will be compatible with my ISPs drop.

I hope this clarifies my original question. Any feedback is greatly appreciated.

Thanks in advance!

Matthew

Highlighted
Cisco Employee

Re: SF300-08

I don't think this is accomplishing what you're looking to do. By architecting it this way, the single point of failure is moved from a router to a switch. It's better just to wait until you get the second Internet connection and terminate each connection on its own router with VRRP running between them.