cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1064
Views
0
Helpful
15
Replies

Need help in configuring a 4500 switch for VLANs and a two 3845 routers

m-abooali
Level 4
Level 4

Hi,

I have a Cisco 4500 Switch as core switch where all the users will be conecting to and there will be two 3845 routers facing a datacenter.

I need to have three VLANs:

VLAN1 for managemnet

VLAN2 internal Office

VLAN3 External Office

and have this switch talk to these routers. Then I need to setup (all static) HSRP between the two routers for redundancy.

I would appreciate if you guys can help me with the configuration of these VLANs. all on the switch? do I need subinterfaces? I have enough physical ether interfaces on the routers.

since it is only pone switch as core and everthing else, collapse, then I assume i don't need subInterfaces on the router. I am confused on how to defined the trunck or truncks in this case.

Your input is highly apprecitaed.

Regards,

Mike

2 Accepted Solutions

Accepted Solutions

Mike

Well you can use the static routes as outlined before. Assuming that your 3845 routers would have routes for the remote sites you could just add a default route on your 4500 switch one for each 3845 router ie.

ip route 0.0.0.0 0.0.0.0 "3845_1 interface connected to 4500"

ip route 0.0.0.0 0.0.0.0 "3845_2 interface connected to 4500"

Or as said before you can use a dynamic routing protocol between your 4500 and 3845 routers.

The links from the 4500 to the 3845's are not trunk links. They are not L2 links at all. They should be configured as L3 P2P links - see previous post for configuration details.

Jon

View solution in original post

If you are doing the routing on the 4500's then no the link will not be a trunk link just a routed link . On the 4500 link interface just type no switchport which makes that a routed port and add your address to the interface . The link would only be a trunk if you choose to do all your routing on the 3845's.

View solution in original post

15 Replies 15

Jon Marshall
Hall of Fame
Hall of Fame

Hi Mike

It sounds like you want to do the routing for the vlans on the 3845 routers - is that the case. If so then all you need to do on the 4500 is

1) Create the 3 vlans at layer 2 ie.

4500(config)# vlan 2

4500(config-vlan)# name Internal

etc..

2) If you have enough interfaces on the 3825 routers you do not need to use trunk links you can just allocate 3 ports on each 3825 and put one in each vlan. You then just connect them up to the switch and allocate the switchports into the relevant vlans ie.

4500(config-if)# switchport access vlan 2

etc..

You don't say which version of 4500 it is ie. if it were a 4507R then it could have redundant supervisors i which case it would make sense to use that to do the inter-vlan routing.

HTH

Jon

Hi Jon,

sorry, I must have provided full info.

I have 4510R SUP 6 and 3845 routers with 4 Ether interface.

I need the VLANs on th eswitch and then send the traffic over to the routers. Ther might be a Firewall in between as weell not i am not sure at this time.

I would appreciate if you could elaborate a little on the actual configuration. I do understand the concept as you explianed but its been a while!!?

Thx,

Mike

Mike

Does your 4510 have dual sups ?.

All the L3 inter-vlan routing can be done either

1) with the 2 routers as in the above post

2) with the 4510R.

Is there a reason you want to use the 3825 routers to do the inter-vlan routing or have i misunderstood your requirements.

Jon

we need ot have the routers given the datacenters and connection between them. I am new to this company and still trying to see how they have done things.

We are building this new office with these new gears.

SUPare redundant and I can do routing on the switch so let's asssume that we do routing on the switch and see how we can configure this switch for those VLANs please.

I will be clear on the routers later. we will be having two different circuits, a 100 MB ether and a fractional DS3 as backup. so the 100MB will beused as the primary circiut. they are from two different ISps.

the routers are 3845.

Thi soffice will be facing a datacenter using the two circuits I mentioned above.

Please let me if more information is required.

Thx,

Mike.

Okay, if the 4500 has redundant sups then it would make sense to do the inter-vlan routing on the switch.

So

1) Create the vlans at Layer 2 ie.

4500(config)# vlan 2

4500(config-if) name Internal

4500(config)# vlan 3

4500(config-if) name External

2) Create the L3 interfaces for these vlans ie.

vlan 1

ip address 192.168.5.1 255.255.255.0

vlan 2

ip address 192.168.6.1 255.255.255.0

no shut

vlan 3

ip address 192.168.7.1 255.255.255.0

Clients in vlan 2 will have default-gateway set to 192.168.6.1 and clients in vlan 3 will have default gateway set to 192.168.7.1

3) Allocate ports on 4500 into vlans eg.

4500(config) int range gi3/1 - 20

4500(config-if-range)# switchport access vlan 2

For connectivity to the routers i would use 2 connections and make them routed links so you need 2 x /30 subnets eg.

192.168.4.0/30

192.168.4.4/30

Connect the switch to each router. Configure the port on the switch as

4500(config-if)# no switchport

4500(config-if)# ip address 192.168.4.1 255.255.255.252

4500(config-if)# no shut

The 3825 end of this link will be 192.168.4.2 255.255.255.252

4500(config-if)# no switchport

4500(config-if)# ip address 192.168.4.5 255.255.255.252

4500(config-if)# no shut

The 3825 end of this link will be 192.168.4.6 255.255.255.252

Then you can run a routing protocol (EIGRP/OSPF etc) between your 4500 and the 3845 routers.

HTH

Jon

Thanks John,

this make sense and I beleive this is how they need tobe done.

if we decide to use no Routing protocols (IGP) at this time and stay totally Static, would it change the scenario at all?

Thanks,

Mike

Mike

Not really no. Your 4500 will automaticaly route between the vlans because they are directly connected and you can then add static for remote subnets on your 4500 pointing to both 3845's.

Remember to add routes on the 3845's to get back to the vlans on the 4500 switch.

Jon

John,

why did you came at this conclusion that because of th eredundant SUP, we can do routing on the switch and not the router?

what would change if router start to route the traffic?

thx,

Mike

Mike

I just assumed you wanted to do the inter-vlan routing with your 3845 routers initially and i wasn't sure if your 4500 was layer 2 only.

When we refer to the routing there are 2 things here

1) the routing between the vlans. This could either be done on the 4500 or using the 3845 switches. It would always make more sense to use the L3 switch for this.

2) Routing from the 4500 vlans to other remote subnets. The 3845 routers will do this for you giving your 4500 connectivity to other parts of your infrastructure.

Apologies if i misled you

Jon

John,

you are right and didn't miss my point at all. the fact is creating VLANs on the L3 siwtch makes all the sense and what you explian will take cae of my current issue with the initial setup of vlans for this office but you brought up another point which would have come up sooner or later and that is connectivity between the VLANs in this office and the VLANs in the datacenter and other remote offices?

We do need these vlans to communicate to other vlans in other offices across the nation or through two datacenters.

what do you recommend for this please?

I am sorry that i didn't thibk of this sooner and many thanks for bringing it up.

Regards,

Mike

Mike

Well you can use the static routes as outlined before. Assuming that your 3845 routers would have routes for the remote sites you could just add a default route on your 4500 switch one for each 3845 router ie.

ip route 0.0.0.0 0.0.0.0 "3845_1 interface connected to 4500"

ip route 0.0.0.0 0.0.0.0 "3845_2 interface connected to 4500"

Or as said before you can use a dynamic routing protocol between your 4500 and 3845 routers.

The links from the 4500 to the 3845's are not trunk links. They are not L2 links at all. They should be configured as L3 P2P links - see previous post for configuration details.

Jon

Thanks very much for you very helpful and detailed support information. You are right, you talked about L3 links to the routers so no L2 trunks.

I areally appreciate your help. I haev alreday rated your support!

Cheers!

Mike.

John,

one more thing, the uplink from the 4500 switch to the 3845 (both links) should be in truck mode?

Thx,

Mike

If you are doing the routing on the 4500's then no the link will not be a trunk link just a routed link . On the 4500 link interface just type no switchport which makes that a routed port and add your address to the interface . The link would only be a trunk if you choose to do all your routing on the 3845's.

Review Cisco Networking for a $25 gift card