11-06-2017 01:18 PM - edited 03-08-2019 12:38 PM
Hello everyone I have a rather unorthodox networking question. And bear with me I know this is crazy.....
So we are developing a customized application that needs to be able to talk between two laptops.
Each laptop has a virtual NIC that is tagging VLANs 7 with a /24 networking & 8 with a /26 network.
And below is the network topology:
Router (top)
Switch (middle)
- Port f1/0/45 connecting the switches and configured as an access port passing only vlan 7
Switch (bottom/access)
-client A (port f1/0/5 configured with a trunk port to the switch passing vlan 7 & 8)
-client B (port f1/0/6 configured with a trunk port to the switch passing vlan 7 & 8)
Other notes, we do not have control of the distribution switch or the router. And when I do the show mac address-table command client A is showing the same MAC address from vlan 7 & 8. And traffic between 7 & 8 cannot be allowed.
The current problem is that traffic between 7 & 7 is not working. And I apologize in advance I cannot post the configurations. I suspect that the software doing the tagging is causing an issue. When I look at the mac table on client A I see that it shows vlan 7 & 8 with two identical MAC's. But I need help from the experts here.
Thank you
11-06-2017 01:41 PM
I don't see any issue with both addresses resolving to a singular MAC address. Both frames are sourced from the same NIC. I have a switch connected to a router with multiple addresses, and see the same behavior:
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0462.734e.0d48 DYNAMIC Gi1/0/2
2 0462.734e.0d48 DYNAMIC Gi1/0/2
What do you mean by "And traffic between 7 & 8 cannot be allowed"?
11-06-2017 07:45 PM - edited 11-06-2017 07:48 PM
Interesting.
And what I mean by traffic needs to be separated is. VLAN 7 is going out to a router and can get to an intranet of sorts. But traffic on VLAN 8 needs to only talk to devices that are also on VLAN 8 hanging off the same switch.
11-07-2017 06:12 AM
Then you should be able to use a L3 ACL at their default gateway or you can use a L2 VACL on the switch they're connected to.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide