Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
780
Views
5
Helpful
2
Replies

Layer 2 & 3 switch 3550

jmaurer1205
Level 1
Level 1

‎11-26-2007 11:11 AM - edited ‎03-05-2019 07:37 PM

I'm configuring VLAN's on a Cisco 3550 & 2960. The 3550 is a layer 2 & 3 switch. I've configured the "router on a stick" config before but this is the first time on a layer 2 & 3 switch. Then trunking to 2960 thru gi ports.

How would I connect the VLAN's together to be routed? Do I put the IP on the VLAN or do I configure subinterfaces on the router port? And if I put the IP on the VLAN can I apply acl to it like an interface?

I'm thinking that you wouldn't create sub-int, you would need to connect a cable and trunk it.

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎11-26-2007 11:23 AM

The 3550 will have SVI's- Switched Virtual Interfaces. What that means is each VLAN can have a layer 3 address.

switch(config)# interface vlan 5

switch(config-int)# ip add 10.10.5.254 255.255.255.0

switch(config)# interface vlan 6

switch(config-int)# ip add 10.10.6.254 255.255.255.0

You'll need to enable ip routing-

switch(config)# ip routing

Now hosts between the VLANs can communicate. Finally to add the 2960 into the mix, you will want to create a trunk between the switches. No sub-interfaces needed and you can apply ACLs inbound and outbound.

HTH and please rate.

0 Helpful

vanguardro
Level 1
Level 1

‎11-26-2007 11:30 AM

hello,

one method to configure your network, is to have all switches in same vtp domain,

for example:

sw 3560 can be your server for vtp domain

!

vtp mode server

vtp domain MyNetwork

!

and on all of your 2960 switches can be clients on this VTP domain

!

vtp mode client

vtp domain MyNetwork

!

interconnection between switches can be done with trunk command:

!

in gi 0/1

sw tr en dot

sw mo tr

!

and now we can create some vlan in vlan databases on our server

3560#conf t

!

vlan 10

name users10

!

vlan 11

name user11

!

vlan 30

name servers

!

if all interconnection is done proprely, vlan information will be propagated to all your clients (aka access-switches in your vtp domain)

now we will work on our vlan routing problem

on our L3 switch 3560 we will assign ip address to interface vlan:

!

interface vlan 10

description Interface Vlan10

ip address 172.16.10.0 255.255.255.0

no shut

!

int vlan 11

desc Interface Vlan11

ip address 172.16.11.0 255.255.255.0

no shut

!

int vlan 30

desc interface servers

ip address 172.16.30.0 255.255.255.0

no shut

!

ip routing

!

doing this, routing will be done in 3560 and 2960 will be used as access-switches

also you can create some acl and apply this acl to int vlan

!

int vlan 10

ip access-gr 10 in

!

best regards,

vanguardro

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card