Solved: C6509 SVI and trunks

Habib Zakaria · ‎06-09-2015

Hello there,

I have core switch 6509 and access switches. On the 6509 switches I have created SVIs - different subnets and I have access Layer 2 switches on the floors. I have allowed traffice 1-100 on the trunk links.

I have a new host with IIS service and I gave it a static IP address the host is in vlan 102. which is not defined on the trunk links going to the layer 2 switches. I want to allow the users in other subnets in 10, 20 , 30 to access the host in vlan 102.

Right now I can ping the host in subnet 102 from the core switch and from the access switch that it is plugged too.

What will be the right steps to achieve this?

Thanks,

InayathUlla Sharieff · ‎06-10-2015

Habib,

Please find the reason and steps to have this communication:-

1- Host A is in vlan 20 and Host B is in Vlan 50 - Which means two different vlan and subnet.

For communication between the vlans you need to have a layer 3 device.

2- Now in our scenario we have layer 3 switch in between so kindly configure the layer 3 SVI for the vlans 20 & 50 respectively.

example:- int vlan 20

ip address 171.16.10.1 255.255.255.0 >> same subnet which vlan 20 host is in.

no shut

int vlan 50

ip address 10.10.60.1 255.255.255.0 >> Same subnet which vlan 50 host is in.

no shut

Hope this resolve your query.

HTH

Regards

Inayath

*Please rate all useful posts.

View solution in original post

paul driver · ‎06-09-2015

Hello

I think youve answered your onw question!

- Create a L3 SVI interface for vlan 102 for inter vlan routing
- Define L2 vlan 102 and alow this over the trunks

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Habib Zakaria · ‎06-09-2015

Do I have to allow the vlan in the trunk? even though I want to put an access-list to allow few hosts to access that ip in vlan 102.

The reason I am asking i have campus wide network and my vlans are separated in between the office and manufacturing. we like to keep the traffic separate.

InayathUlla Sharieff · ‎06-10-2015

Allow the vlan over the trunk then create ACL for restricting the users accessing the vlans among each other.(You can think of PVLAN/VACL/ACL to achieve that).

HTH

Regards

'Inayath

Habib Zakaria · ‎06-10-2015

Thank you Paul and InayathUlla,

I was able to allow the vlan on the trunk and the pinging from one switch to another switch is working fine but I am not able to ping from the laptop commad prompt to the other laptop.

I am not sure what is the issue here. I am attaching a small topology of my network as I do not understand why I can ping both IPs of the laptop from switch console but not from the laptops.

InayathUlla Sharieff · ‎06-10-2015

Habib,

Please find the reason and steps to have this communication:-

1- Host A is in vlan 20 and Host B is in Vlan 50 - Which means two different vlan and subnet.

For communication between the vlans you need to have a layer 3 device.

2- Now in our scenario we have layer 3 switch in between so kindly configure the layer 3 SVI for the vlans 20 & 50 respectively.

example:- int vlan 20

ip address 171.16.10.1 255.255.255.0 >> same subnet which vlan 20 host is in.

no shut

int vlan 50

ip address 10.10.60.1 255.255.255.0 >> Same subnet which vlan 50 host is in.

no shut

Hope this resolve your query.

HTH

Regards

Inayath

*Please rate all useful posts.