Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
0
Helpful
5
Replies

InterVLAN routing query - Managed Router

jeremyneave
Level 1
Level 1

‎02-29-2016 08:05 AM

Can someone save my sanity and keep me on the right tracks in regards to the following network situation and solution.

I'm looking to set-up a number of VLANs on a school network, which is soon to have a VOIP system installed. There is an 1841 router in place, however this is managed by a third party provider (LA), who seem unwilling to assist. The curriculum VLAN, configured by the LA, is set-up on VLAN 13.

The thoughts are to install a Cisco SG300-10, reset to Layer 3 and put in place the VLANs/ routes to assist with the new VOIP system.

Can I confirm I am right in thinking the default VLAN on the SG300 will remain on 13? If so, my stumbling block is what IP do I assign this when I set it up on the SG300.

Labels:
0 Helpful
5 Replies 5

intport1231
Level 1
Level 1

‎02-29-2016 05:22 PM

Effectively, you need more cooperation from third party provider. At least you have to take a look at the configuration of one of the hosts in 1841 router vlan 13 (if there are any).

It is not clear why you need the router in L3. what else are you adding up there? teachers pcs? wifi APs? the router goes out to the Internet (what gateway ip?) or just to an unified voice switching center for voip?

If you're adding just voip phones I see little use for L3 switch unless you are to provide the IPs for the phones via the internal dhcp pool in the SG switch.

It all depends on what the router is already doing. Is the router interface for vlan 13 vlan tagged, untagged, accepting how many vlans? This determines how you have to reach the router if your voip traffic has to arrive previously tagged by you (SG) or if on the contrary the router will take care of that.

There are 2 possibilities:

1. Router port for vlan 13 is an access port.

In that case the traffic is expected as untagged and then you don't need to worry about changing your vlan settings. (SG switch by default comes in vlan 1 untagged so it'll arrive as untagged traffic to the router's port and then no problem)

2. Router port for vlan 13 is a tagged port.

Then you need to create vlan 13 in your SG

------- In the case the router port accepts tagged traffic only

all switch voip ports to access vlan 13

switch uplink port (i.e fiber port channel or ethernet portchannel or ge9/ge10) as trunk native vlan 13.

If the router won't provide dhcp pools, nor will there be the third party people available for adding additional routes to different vlans, then you will have to set the switch in L3 mode, vlan 1 as no ip dhcp, vlan 13 ip address belonging to the same subnet as that in router.

-------- In the case the router port does accept additional untagged traffic for something (i.e switch management, external DHCP)

all switch ports as trunk allowed vlan 13 tagged (native 1) (default) (in the case you can specify the vlan in the IP phones.)

Or

All switch ports as general vlan 13 tagged, pvid 1 (default), mac-to-vlangroup---vlangroup-to-vlan for the voip ports (in case the IP phones cannot do vlan tagging therefore allowing the switch to do it for you)... here you have to be in L2 mode thus you won't have internal dhcp pools.

in any case:

ip helper (bootp,bootc ports 67/68) to your external dhcp server ip address, default-gateway router port vlan 13 --- Obviously the router has to have the route to the external dhcp server.

========== besides that =========

the Ip address for vlan 1 will be one NOT Belonging to the routers vlan 13 subnet in any case (if you don't want to mess with your traffic). You have to choose it depending on how you access the management (i.e remotely, locally... you can leave it as console management only and leave the vlan 1 ip address as 192.168.1.1 /24)

You have to check: cos-tos and qos settings will have to be inforced by you in case the router is not doing it; You have to inquiry about that... or you need to know if qos is not being inforced in the network (it'll depend on what is that router carrying and what is being connected to)

===== POE - Fast ethernet =====

You should have gotten the fast ethernet model instead SF302-08p (or the noisy sf300-24p) if voip phones is what you need to connect. 100 mbps is plenty for voip phones, 1 gbps is overkill. Also you'll need the poe (+) function most likely, you'll need to check what wattage the ip phones require so as to see if you need the P, PP, or MP model.

0 Helpful

jeremyneave
Level 1
Level 1
In response to intport1231

‎03-01-2016 11:36 AM

Thanks to you both.

I've confirmed with the LA today that the router port is set as an access port. :)

Any interVLAN routing you do downstream of that on the SG300 is internal to it and need not concern the 1841.

0 Helpful

devils_advocate
Level 7
Level 7
In response to jeremyneave

‎03-01-2016 11:51 AM

As long as your new vlans only need to talk to each other and don't need to access anything upstream of the router.

If that is the case then give the sg300 an ip addreds in vlan13 and add a default route towards the router.

0 Helpful

jeremyneave
Level 1
Level 1
In response to devils_advocate

‎03-01-2016 11:54 AM

They do, one is for voip the other is wireless. 

0 Helpful

devils_advocate
Level 7
Level 7

‎03-01-2016 08:00 AM

You will need to speak to them regardless I think.

Even if you stuck the SG300 into L3 mode, created your Vlans etc, how would the 1841 be able to return traffic to subnets it has no clue about.

The SG300 doesn't do NAT so the 1841 route would see the Source IP as the subnets you have created on the SG300. Without static routes back, it would drop the traffic.

If it were me, I would ask the provider of the 1841 if they were willing to create a static route for a larger block of addresses.
For example,

  • Create Vlan 13 on the SG300
  • Give the SG300 an IP address in the existing Vlan13 range. 
  • Create an untagged port in Vlan 13 and plug this into the 1841
  • Get them to create a static route with a larger subnet mask, maybe a /21 or /22 and make sure all your new subnets are going to be in this range, they can be /24's if you want.

They will also need to ensure the new range (s) are setup to NAT if the router goes towards the internet. 

0 Helpful
Customers Also Viewed These Support Documents