Solved: Re: Connecting switches over a routed port ?

DSterling · ‎09-01-2023

Two Cisco switches are connected thru a routed port.

Switch 1

Port 24 192.168.1.1 255.255.255.252

Switch 2

port 24 192.168.1.2 255.255.255.252

There is a static route going across the routed port to switch 1:

ip route 0.0.0.0 0.0.0.0 192.168.1.1

Switch 1 has the layer 3 vlan 68 192.168.68.1 255.255.255.0

!Note: all devices in vlan 68 are on switch 1.

Switch 2 has a layer 2 vlan 68.

I connect a computer to switch 2 configure it for vlan 68 ip:

Computer: 192.168.68.10 255.255.255.0

Port on switch 2 configured as a access port for vlan 68.

Switch 2: I can ping the default gateway for vlan 68 and other ip's in vlan 68 (located on switch 1).

I can't communicate from the computer to the default gateway (vlan 68) or other devices on vlan 68.

I figure that is because the switches are connected by a routed port and not a trunk port, am I correct on this?

To fix this I would have to connect the computer to switch one or create a trunk port between the switches allowing vlan 68?

M02@rt37 · ‎09-01-2023

Hello @DSterling,

You're correct.

The issue you're facing is because the switches are connected through a routed port, which effectively separates the Layer 2 domains on each switch. In this setup, the VLAN 68 traffic from the computer on Switch 2 can reach its default gateway on Switch 2 because it's in the same VLAN within that switch. However, when it needs to communicate with devices in VLAN 68 on Switch 1, it can't, because the Layer 2 VLAN is not extended across the routed link.

2 options:

--Physically connect the computer to Switch 1, where VLAN 68 is configured at Layer 3. This is the simplest solution if possible.

--Create a trunk link between Switch 1 and Switch 2, allowing VLAN 68 to pass between them. This way, both switches understand VLAN 68, and devices in that VLAN on both switches can communicate.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

M02@rt37 · ‎09-01-2023

Hello @DSterling,

You're correct.

The issue you're facing is because the switches are connected through a routed port, which effectively separates the Layer 2 domains on each switch. In this setup, the VLAN 68 traffic from the computer on Switch 2 can reach its default gateway on Switch 2 because it's in the same VLAN within that switch. However, when it needs to communicate with devices in VLAN 68 on Switch 1, it can't, because the Layer 2 VLAN is not extended across the routed link.

2 options:

--Physically connect the computer to Switch 1, where VLAN 68 is configured at Layer 3. This is the simplest solution if possible.

--Create a trunk link between Switch 1 and Switch 2, allowing VLAN 68 to pass between them. This way, both switches understand VLAN 68, and devices in that VLAN on both switches can communicate.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

balaji.bandi · ‎09-01-2023

I can't communicate from the computer to the default gateway (vlan 68) or other devices on vlan 68.

i take this as Switch 2 not able to ping Switch1 SVI of VLAN 68

I figure that is because the switches are connected by a routed port and not a trunk port, am I correct on this?

yes correct since its routed port you can only do routing, the Layer 2 domain not extended, so you need to convert that router ports to Layer2 Trunk and use SVI on Switch1 and switch 2 if you like.

To fix this I would have to connect the computer to switch one or create a trunk port between the switches allowing vlan 68?

yes you want to extend VLAN 68, then you need trunk config.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Joseph W. Doherty · ‎09-01-2023

Putting in another way, since the two switches are connected via L3, not L2, although you have two VLAN 68s, one defined on each switch, they are NOT a single VLAN or L2 domain.

Conversely, it's also possible to have different VLANs defined on different switches, yet they are the same L2 domain. BTW, this is NOT recommended.

Lastly, it's also possible to have the two routers with L3 interfaces, in my two above paragraphs' situations.

Richard Burts · ‎09-02-2023

One way to understand this issue begins with remembering that a vlan is a broadcast domain. Any broadcast originated from a device in the vlan is forwarded to all other ports in the vlan and not to any other (especially not to a routed port). So the pc connected in vlan 68 of switch 2 attempts a ping which sends a broadcast arp request. The arp request would be forwarded to any port on the switch that is also in vlan 68 (and it sounds like there are no other ports on vlan 68 of switch 2). So the ping fails.

HTH

Rick