Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
743
Views
0
Helpful
3
Replies

Inter Vlan routing

techtips03
Level 1
Level 1

‎03-28-2008 12:32 PM - edited ‎03-05-2019 10:03 PM

Hi

I have a network which is not very complicated. As in the attached diagram, I have 2 ISPs coming into my network terminated on 2 Adtran routers. There is no load balancing configured due to hardware limitations. There are few VLANs configured on Adtran R1 (vlan 30) and few on Adtran R2 (vlan 40). I need intervlan routing between the 2 routers. The traffic from the vlans should pass through their respectives ISPs to utilize the bandwidth from both ISPs. Servers are directly connected to the Adtran routers (it is also a 24 port switch with firewall in it)

R1 - 10.10.10.1

Vlan 30 - 10.10.30.1

server1 in vlan 30 - 10.10.30.10 has DG - 10.10.30.1

vlan 30 traffic should go through ISP1

R2 - 10.10.10.2

Vlan 40 - 10.10.40.1

server2 in vlan 30 - 10.10.40.10 has DG - 10.10.40.1

vlan 40 traffic should go through ISP2

I came to know the intervlan routing will not work in this scenario with the current code and the hardware and the reason as below

"Basically, when one router sends out an ICMP request to the other router, it makes it through the firewall just fine and get to the other side.

When the other server responds, it's sending its response to the second router. The router sees an ICMP response, but does not have any record in its firewall of an ICMP request. Since this activity can be indicative of an attack, it drops the packet"

I can ping the DG (10.10.40.1) from the server1 but cannot ping the server2 and viceversa.

So I am planning to replace atleast 1 Adtran unit (probably R2) with a Cisco 1700 unit with a switch behind and wanted to know if I come across the same problem?

Is there any other best way to set this up?

Please advise, Thanks

Labels:
Preview file
180 KB
0 Helpful
3 Replies 3

Edison Ortiz
Hall of Fame
Hall of Fame

‎03-28-2008 12:45 PM

Purchase a 3560 switch and configure Vlan30 and Vlan40 on it.

That should get you wiring speed inter-vlan routing.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_40_se/configuration/guide/swiprout.html#wp1034984

Note.- You don't need to configure a dynamic routing protocol for Vlan30 and Vlan40 inter-vlan routing. Routes will appear as connected in the switch routing table. All you need to do is enable ip routing and configure the Switch Virtual Interface with its respective IP Address.

HTH,

__

Edison.

0 Helpful

techtips03
Level 1
Level 1
In response to Edison Ortiz

‎03-28-2008 01:35 PM

Hi Edison

Thanks for the reply. I know this works if I use different switches and the routers without any routing. Unfortunately I do not have budget to buy the new equipment and trying to use the existing 1700 router.

Thanks

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to techtips03

‎03-28-2008 01:42 PM

You can configure the 1700 LAN interface as dot1q trunking and perform inter-vlan routing. However, the inter-vlan speed will be affected by whatever speed the LAN interface has.

http://www.cisco.com/en/US/docs/routers/access/1700/1701/software/configuration/guide/vlans.html#wp1021834

HTH,

__

Edison.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card