09-04-2010 01:23 AM - edited 03-06-2019 12:49 PM
Hello,
Our Internet Service Provider , give us a cable modem that we need to connect to a switch , from this switch , one go to the TV SET TOP BOX and the other one is normal PC's for internet.
When I look in the TV MENU of the Set Top Box , the IP is in the range of 10.0.x.x /16
When I look in the PC they are in the range of 192.168.1.x /24 (I can only have 1 PC at the time)
This means that they use some VLANS , where the INTERNET in maybe in VLAN 1 and the STB in VLAN ?
Now I come to the question :
I have a CISCO 1841 ROUTER (2 Fast Ethernet)
The idea , F0/0 is from my ISP , F0/1 go to my CISCO 2960 SWITCH (TRUNK)
I would like to have from F0/0 to F0/1 a "direct connection" in a certain VLAN x
This is the first step IN F0/0 = OUT F0/1 (NO ROUTING ; NO FIREWALL ; NOTHING)
The next step , I would like to have a other VLAN that have DHCP ; ROUTING ; Etc
Both VLANS will come out in one trunk and I will filter them out in the CISCO 2960 SWITCH.
I know how to create VLANS ,NAT ,ROUTING TABLES , but I have no clue how to make a trunk out of my router.
Here below in a small drawing what I would like to archive :
> OUT F0/1 10.0.x.x in VLAN X
ISP 10.0.x.x /16 + 192.168.1.x/24 IN F0/0 >
> OUT F0/1 192.168.100.x in VLAN Y (NOTE THE IP RANGE 192.168.100.x)
Thank you in advance for your input
Best Regards,
Didier.
Solved! Go to Solution.
09-05-2010 02:18 AM
Hello Didier,
you probably still need to go with a packet capture to see vlan tags as a LAN switch allows or denies tagged frames depending on the fact the port is configured as a trunk and the vlan-ids are present or not in the vlan database.
Note: for the IPTV service each TV channel is a different multicast stream and the network may be configured to allow only one stream at a given time so you may not be able to connect two set top boxes and to see two different TV programs on them.
To be noted that if the network does not perform this control the risk is that you can use too much bandwidth on the IPTV part resulting in bad quality.
Hope to help
Giuseppe
09-04-2010 04:25 AM
Hello Didier,
>> I can only have 1 PC at the time
Ok connect the router in place of the PC and makes it to get an ip address by DHCP.
That interface is the router outside for NAT and what you connect on the internal network of your choice will be NATTED by the router
int f0/0
ip address dhcp
ip nat outside
int f0/1
ip address 172.31.21.1 255.255.255.0
ip nat inside
access-list 111 permit ip 172.31.21.0 0.0.0.255 any
ip nat inside source list 111 interface fas0/0 overload
ip route 0.0.0.0 0.0.0.0 dhcp
! check the dhcp option on your router otherwise you could try to use ip route 0.0.0.0 0.0.0 fas0/0 but this relies on proxy ARP enabled on ISP
What you would like to do is more difficult to achieve you should first find out what these vlans are X=10 Y=20 for example and I'm not sure you can bridge at the subinterface level
interface fas0/0
no ip address
int fas0/0.10
enc dot1q 10
bridge-group 1
int fas0/0.20
enc dot1q 20
ip address dhcp
ip nat outside
interface fas0/1
no ip address
interface fas0/1.10
enc dot1q 10
bridge-group 1
But the point is that I'm not sure your C1841 supports per subinterface bridging and unless you would like to connect multiple PCs to internet and mutiple set top boxes ( but then how to receive two different TV channels ?) the first setup is simpler and works for sure only some possible issues with static default route
Hope to help
Giuseppe
09-04-2010 05:03 AM
Hi Didier,
You can first capture the traffic from cable modem see what VLANs it is using. Once we know the VLANs I will do something like the following
fa0/0
fa0/0.X
en do X
ip add dhcp
int fa0/0.Y
en do Y
ip add dhcp
ip dhcp pool STB
network 172.16.1.0/24
default-router 172.16.1.1
import all
ip dhcp pool PC
network 172.16.2.0/24
default-router 172.16.2.1
import all
fa0/1.X
en do X
ip add 172.16.1.1
fa0/1.Y
en do Y
ip add 172.16.2.1
add all the NAT rules ...
Not same as what you are looking for, but that gives you different vlans for STB and PC, and use different IP when traffic leaves cable modem.
Regards,
Lei Tian
09-04-2010 02:08 PM
Hello,
Thank you both for this useful reply.
Is it possible to trace the VLAN's that I have on my network or do I have to use wireshark ?
Thank You Again for our great help.
Best Regards,
Didier.
09-04-2010 03:42 PM
Hi Didier,
Is your current switch a L2 switch? Can you see its config?
Regards,
Lei Tian
09-05-2010 12:40 AM
I have put the CISCO 2950 switch just after the MODEM of my provider.
Maybe I can use some IOS commands to see what the are doing.
Thank You in advance for your help
Best Regards,
Didier
09-05-2010 02:18 AM
Hello Didier,
you probably still need to go with a packet capture to see vlan tags as a LAN switch allows or denies tagged frames depending on the fact the port is configured as a trunk and the vlan-ids are present or not in the vlan database.
Note: for the IPTV service each TV channel is a different multicast stream and the network may be configured to allow only one stream at a given time so you may not be able to connect two set top boxes and to see two different TV programs on them.
To be noted that if the network does not perform this control the risk is that you can use too much bandwidth on the IPTV part resulting in bad quality.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide