Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6219
Views
0
Helpful
7
Replies

Configure VLAN for PC's in different subnets

Go to solution
black_ice856
Level 1
Level 1

‎07-17-2016 07:56 AM - edited ‎03-08-2019 06:39 AM

"A VLAN is a group of end stations in a switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users."

So I got the VLAN concept right. This may be a newbie question but I have been trying to figure this out on the last few days and I just can't get it.

In my project I have PC's in different subnets and each PC has a VLAN assigned:

VLAN 11 (192.168.11.0) : 9,10,13,14,21

VLAN 12 (192.168.12.0) : 1,8,15,20

For each switch:

- All the VLANS were created

- Interfaces connected to a PC are in access mode to the assigned VLAN.

- Interfaces connected to a router are trunk links.

I have connectivity between PC21 and PC14 (same VLAN and subnet) but I want to have connectivity between PC's in the same VLAN but in different subnets aswell. What should be the default gateway for PC21 and PC14 ?

I just can't figure out what should be the next step and I really need help.

P.S - All the PC's IP addresses are static for now but there should be a DHCP server doing this stuff. Can I have a tip on how to do that?

Thanks in advance!

Labels:
Preview file
35 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pwwiddicombe
Level 4
Level 4
In response to black_ice856

‎07-18-2016 07:24 PM

You have (routed) 3 switches with 3 subnets on EACH switch, so you need 9 DIFFERENT subnets for clients. 

On your DHCP server,  you need to declare 9 scopes.  For each, you will declare the IP address of the router subinterface as the default gateway to assign to clients.

You can have clients in multiple subnets in a single VLAN; but unless you have declared secondary interfaces on the router interface, clients will really only be able to talk to other clients in the same logical subnet within that "physical" vlan address space.  This is normally only recommended if you're doing address migration, with the intention of removing the secondary when migration is complete.

Remember that between vlans (both within the connected switch and the remote vlans), you need somehow to tell the routers how to get to the other vlans.  "IP Routing" by itself is normally enough to get to other subnets within each router-trunk-switch setup; but to the other remote subnets the router needs to have information on how to get there.  You can either configure ALL possible destinations on each router (not so bad in your situation), or use a dynamic router protocol.  If all Cisco, the easiest to setup is EIGRP.  Then if you add a new subnet somewhere, you just include it into that router's EIGRP tables, and all the remote sites will know how to get to it.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
pwwiddicombe
Level 4
Level 4

‎07-17-2016 08:41 AM

Your PC addressing scheme will be problematic - you have 192.168.11.x and 12.x PC's in multiple areas separated by routers.  It becomes fairly complex to accomplish this, having a VLAN span from one router (location ?) to another.  The upper site, for instance, should have, say, 192.168.13.x addresses; although that does "break" the VLAN definition (which normally applies to subnets at a single location).

Since you have trunking defined to your routers from switches, then you should have the definitions for each subnet on a subinterface on the router - and that's where the PC's should set their default gateway.  That interface on the router (where the gateways for the devices should point) is where you would have IP helper-address  10.1.x.x, the IP address of the DHCP server.

0 Helpful

Go to solution
black_ice856
Level 1
Level 1
In response to pwwiddicombe

‎07-18-2016 05:37 AM

Thanks for your answer, now I see it, two computers in the same VLAN don't need to be in the same subnet.

Correct me if im wrong please:

About the sub-interfaces and inter-VLAN routing, I have 3 VLANS so I need to create in every router interface connected to a switch 3 sub-interfaces for each VLAN and set each PC default gateway the corresponding sub-interface according to the assigned VLAN.

So If I have 3 switches connected to a router I will have 9 sub-interfaces on the router, 3 for each subnet?

Since we have 3 VLANS each subnet may have computers with 3 different default-gateway values (pointing to the sub-interfaces) so I need 3 DHCP pools for each subnet?

0 Helpful

Go to solution
pwwiddicombe
Level 4
Level 4
In response to black_ice856

‎07-18-2016 07:24 PM

You have (routed) 3 switches with 3 subnets on EACH switch, so you need 9 DIFFERENT subnets for clients. 

On your DHCP server,  you need to declare 9 scopes.  For each, you will declare the IP address of the router subinterface as the default gateway to assign to clients.

You can have clients in multiple subnets in a single VLAN; but unless you have declared secondary interfaces on the router interface, clients will really only be able to talk to other clients in the same logical subnet within that "physical" vlan address space.  This is normally only recommended if you're doing address migration, with the intention of removing the secondary when migration is complete.

Remember that between vlans (both within the connected switch and the remote vlans), you need somehow to tell the routers how to get to the other vlans.  "IP Routing" by itself is normally enough to get to other subnets within each router-trunk-switch setup; but to the other remote subnets the router needs to have information on how to get there.  You can either configure ALL possible destinations on each router (not so bad in your situation), or use a dynamic router protocol.  If all Cisco, the easiest to setup is EIGRP.  Then if you add a new subnet somewhere, you just include it into that router's EIGRP tables, and all the remote sites will know how to get to it.

0 Helpful

Go to solution
black_ice856
Level 1
Level 1
In response to pwwiddicombe

‎07-22-2016 07:53 AM

Thanks now everything seems to be more clear to me.

I have used RIPv2 for network 10.0.0.0 and I have connection from my DHCP server to all routers and vice-versa.

I used the ip helper-address command in my sub interfaces pointing to my DHCP server IP, but in every machine I get the error "DHCP failed. APIPA is being used".

The DHCP pools have gateways matching the sub-interfaces IP addresses. 

Any ideas on what's wrong in here?

0 Helpful

Go to solution
pwwiddicombe
Level 4
Level 4
In response to black_ice856

‎07-22-2016 08:04 AM

What IP address ranges are you using for clients?  They need to be able to get to the server; and the server back to the clients, so if they're in 192.168.x.x, that'd better be in your routing tables as well.

Make sure your DHCP server can ping the client gateway the clients will be using.

0 Helpful

Go to solution
black_ice856
Level 1
Level 1
In response to pwwiddicombe

‎07-22-2016 08:25 AM

I can ping the sub-interfaces and the router, I guess routing is well configured.

0 Helpful

Go to solution
black_ice856
Level 1
Level 1
In response to black_ice856

‎07-22-2016 02:16 PM

Oh I found it, I had the starting IP addresses wrong for all the DHCP pools, now it's fixed and working 100%.

Thanks for all the help I really apreciated it!

0 Helpful
Customers Also Viewed These Support Documents