Solved: Layer3 switch and router

tolinrome tolinrome · ‎12-24-2013

I have a network that I need to connect to the internet. All internal vlans point to a couple of layer 3 switches. On the layer 3 switch I connected a router for internet access.

On the inside interface of the router I gave it an ip address of 10.1.0.1 - this is the ip address I want all my lan traffic to route to for internet access.

1. Do I have to give the layer 3 switch interface port a static ip address or just connect it with a cable (the other side is the internal interface of the router 10.1.0.1)?

2. On the layer 3 switch what command do I use to forward all lan traffic to this router, is it "ip route 0.0.0.0. 0.0.0.0 10.1.0.1?

3. Do I use that above command on both of my layer 3 switches or just the one connected directly to the router?

Thanks.

azifak · ‎12-24-2013

Hello,

i think the missing part is the route to 10.1.10.0/24 , 10.1.20.0/24, 10.1.30.0/24, 10.1.40.0/24 and 10.1.50.0/24 on Router (ip address 10.1.0.1/24)... if we miss the same router will not be able to route the packet back to your L3 switch.

can you add a static route on your router pointing to 10.1.0.6 (for ex:- ip route 10.1.10.0 255.255.255.0 10.1.0.6)

or

you can run some dynamic routing protocol for the same

Regards

Azif

View solution in original post

cadet alain · ‎12-24-2013

Hi,

1. Do I have to give the layer 3 switch interface port a static ip  address or just connect it with a cable (the other side is the internal  interface of the router 10.1.0.1)?

You have 2 options:

-make this port a routed port with no switchport command and give it an IP address in the same subnet as the router

-make this port an access port in a dedicated vlan and create the corresponding SVI with an IP address in in the same subnet as the router

2. On the layer 3 switch what command do I use to forward all lan  traffic to this router, is it "ip route 0.0.0.0. 0.0.0.0 10.1.0.1?

Correct

3. Do I use that above command on both of my layer 3 switches or just the one connected directly to the router?

if your switches are cascaded then you need to issue this command on the switch connected to router and on the downstream switch you must have a static default route pointing towards the edge switch.

Could you post a topology of your network so we can give an answer that applies to your topology as well as tell us if all switches will be routing or not.

Regards

Alain

Don't forget to rate helpful posts.

tolinrome tolinrome · ‎12-24-2013

Vlans

100 - 10.1.0.0

10 - 10.1.10.0

20 - 10.1.20.0

30 - 10.1.30.0

40 - 10.1.40.0

50 - 10.1.50.0

Router 2 inside interface 10.1.0.1 which I want as the default gateway fo rth eentire network to access the internet.

please explain what you mean about adding the a command to the downstream switch, a static defaul troute. Thanks.

I'm planning on adding more routers to start with ospf and access lists etc.

tolinrome tolinrome · ‎12-24-2013

I cant even ping the router, not sure what else to do. To make it even simpler I removed the layer 3 switch connected to the router above and now have only one layer 3 switch (10.1.0.6) and still cant ping the router. All internal hosts can communicate with each other, just need to get all the vlans routed to the internet.

Below I pasted the show run from the layer 3 switch connected to the router and the show ip route and show ip int brief from the router.

Layer 3 switch:

hostname Switch
!
!
!
!
!
ip routing
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/1
switchport mode access
!

!
interface FastEthernet0/24
switchport mode access
!
interface GigabitEthernet0/1
switchport access vlan 100
!
interface GigabitEthernet0/2
switchport access vlan 100
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
description SERVERS_VLAN
ip address 10.1.10.1 255.255.255.0
!
interface Vlan20
description SALES_VLAN
ip address 10.1.20.1 255.255.255.0
!
interface Vlan30
description ACCOUNTING_VLAN
ip address 10.1.30.1 255.255.255.0
!
interface Vlan40
description IT_VLAN
ip address 10.1.40.1 255.255.255.0
!
interface Vlan50
description VOICE_VLAN
ip address 10.1.50.1 255.255.255.0
!
interface Vlan100
ip address 10.1.0.6 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.0.1
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end

ROUTER:

interface GigabitEthernet0/0
ip address 10.1.0.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/0/0
switchport mode access
shutdown
!
interface FastEthernet0/0/1
switchport mode access
shutdown
!
interface FastEthernet0/0/2
switchport mode access
shutdown
!
interface FastEthernet0/0/3
switchport mode access
shutdown
!
interface Serial0/1/0
no ip address
shutdown
!
interface Serial0/1/1
no ip address

show IP route

Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.1.0.0/24 is directly connected, GigabitEthernet0/0
L       10.1.0.1/32 is directly connected, GigabitEthernet0/0

Show ip int brief

Router#show ip int brief

Interface IP-Address OK? Method Status Protocol

GigabitEthernet0/0 10.1.0.1 YES manual up up

GigabitEthernet0/1 unassigned YES unset administratively down down

FastEthernet0/0/0 unassigned YES unset administratively down down

FastEthernet0/0/1 unassigned YES unset administratively down down

FastEthernet0/0/2 unassigned YES unset administratively down down

FastEthernet0/0/3 unassigned YES unset administratively down down

Serial0/1/0 unassigned YES unset administratively down down

Serial0/1/1 unassigned YES unset administratively down down

Vlan1 unassigned YES unset administratively down down

LUKASZ KITA · ‎12-24-2013

I think there is an encapsulation problem between vlans.
There has to be encapsulation for every vlan to be routed thru the router.
For example: inter fa 0/0.100
encapsulation dot1q 100
Inter fa 0/0.20
Encapsulation dot1q 20

Sent from Cisco Technical Support Android App

tolinrome tolinrome · ‎12-24-2013

luke,

I took your advice and on the L3 switch interface that is conected to the router and did the following:

int gi0/1

Switch(config-if)#switchport trunk encapsulation dot1q

and now I am able to ping from this switch only to the router and vice versa.

1. How can I make it to where all vlans can access the router?

tolinrome tolinrome · ‎12-24-2013

btw, it seesm youre asking me to configure sub interfaces on the L3 switch. Since this is a L3 switch I have already configured "int vlan #".

Does anyone know why I'm not able to ping the router from any of the hosts?

Thanks.

azifak · ‎12-24-2013

Hello,

i think the missing part is the route to 10.1.10.0/24 , 10.1.20.0/24, 10.1.30.0/24, 10.1.40.0/24 and 10.1.50.0/24 on Router (ip address 10.1.0.1/24)... if we miss the same router will not be able to route the packet back to your L3 switch.

can you add a static route on your router pointing to 10.1.0.6 (for ex:- ip route 10.1.10.0 255.255.255.0 10.1.0.6)

or

you can run some dynamic routing protocol for the same

Regards

Azif