cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
799
Views
5
Helpful
27
Replies

Migrating a seperate private network without changing IPs of devices?

clybumat1
Level 1
Level 1

- I have been tasked with migrating a separate private network to our local LAN. 

- Our local LAN is in a class A range 10.x.x.x

- The separate private network contains barcode scanners with hard coded IPs in a private class C range 192.x.x.x./24 These devices must retain their current IP addresses.

- I'm planning to create a new SVI VLAN on the layer 3 core switch.  This VLAN will be allowed on the layer 2 switchports that service the devices.

- The SVI/VLAN will be created with a 192.x.x.x/24 address. 

Is there anything I'm missing here?  Does this look like the correct setup to accomplish the task?

27 Replies 27

Hi chrihussey - Thanks for the reply. 

The vlan I created was vlan 22

There is no trunk from the core to the old switched network

The old switched network is a single vlan for the scanners and a few printers. Vlan 1

I am connecting my laptop to a client switch in the new network. The port is setup as such:

 interface GigabitEthernet1/6
 description ##SCANNER TESTING##
 switchport access vlan 22
 switchport mode access
 spanning-tree portfast
 spanning-tree bpduguard en

So the servers have dual NICs, one of which is connected to the old scanner switched network, correct? If this is the case, without establishing a connection to the old switched network you will not have connectivity from the new.

If you configure an access port as you did for your test, minus the portfast, and establish a connection to the old switched network things should work. This will also allow you to move the devices to the new switches in an orderly manner.

So I would just need to establish a connection to one of the old switches?  Couldn't I just setup a trunk link between a new switch and an old and things should work?

Yes, you should just need a single connection to one switch.

If the old network is VLAN 1 and you want it to be VLAN 22 on the new network it would be simpler to just configure the port as an access port as stated so that any traffic from the old network would end up being in VLAN 22 on the new. Trunking would not make this possible and would only complicate things.

Great idea.  Let me give this a shot and I'll report back later today.  Thanks for your help!

Just to make sure I've got this straight, the port on the new network (I'm going to configure it on the core) will be an access port on VLAN 22.  What about the port on the old network?  How will this port be configured?

The port on the old network would be just like any other scanner port, which I assume is an access port in VLAN 1.

Just thought of something.  We're dealing with layer 2, so vlan 1 on the old switch won't be able to talk to vlan 22 via layer 2..

As long as the ports are set up as access ports, the fact that they are in different VLANs should not matter. This information should not be propagated across the connection. So packets from the old network will be in VLAN 22 on the new, and packets from the new network will be on VLAN 1 on the old.

However, just in case the old network are Cisco switches, it would probably be a good idea to disable CDP across this connection as they may try and identify VLANs.

 

If that were the case every access port would receive broadcast traffic for every VLAN in our network.  The switch will filter everything out except traffic for the VLAN configured on the access port.. Right?

Sorry, but I'm not understanding your reasoning.

A packet coming in or out of a switch on an access port has no identifiers as to which VLAN it belongs. That is determined by the VLAN configured on the port.

So, simply put, if the old switch network is one flat VLAN 1, by connecting it to the new network with the new network access port set in VLAN 22, all traffic from the old network (VLAN 1) will be in VLAN 22 on the new. Any broadcast traffic from the old network will be isolated to VLAN 22 on the new and vice versa.

Hope that makes sense.

chrihussey - You're a genius! I set up your suggestion in a Packet Tracer lab, and it worked like a charm.  Now if it'll work in a live test, which I will try out tomorrow and let you know the results.  Thanks again!

That's really good to hear, thanks for the update.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco