Solved: Router on stick config test

mahesh18 · ‎01-30-2011

Router on stick config Verification

Hi all,

I did lab test for router on stick config.this connection was between router and switch with router has no
connection to internet,

i am pasting my config from both switch and router to make sure it is correct and if anything modification
is needed or not.

i plug pc to switchport fa0/2 and fa0/3 and they both get mac addresses.

switchport fa0/2 is on vlan 10 and fa0/3 is on vlan 20.

my question is default gateway of switch did i assign right IP address to switch for default gateway ???????????????

sh run
2620Router# sh running-config fu
2620Router# sh running-config full
Building configuration...

Current configuration : 1317 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 2620Router
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$Aw3r$0JtaogBBD4La/CUCySQHy/
enable password 7 141D13051905383276786265
!
no aaa new-model
ip subnet-zero
ip cef
!
!
!
--More--                           ip dhcp pool Vlan10
   import all
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.1
!
ip dhcp pool vlan20
   import all
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
!
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
--More--                           !
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.0.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.2.1 255.255.255.0
ip nat inside
!
interface BRI0/0
--More--                            no ip address
encapsulation hdlc
shutdown
!
interface Serial1/0
no ip address
shutdown
no fair-queue
!
interface Serial1/1
no ip address
shutdown
!
interface Serial1/2
no ip address
shutdown
!
interface Serial1/3
no ip address
shutdown
!
ip http server
no ip http secure-server
--More--                           ip classless
!
!
!
!
!
!
!
!
line con 0
password 7 10440817101600125E547B7B
login
line aux 0
line vty 0 4
!
!
end

2620Router#sh ip in tbrief                     t brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES unset up                    up
FastEthernet0/0.10         192.168.0.1     YES manual up                    up
FastEthernet0/0.20         192.168.2.1     YES manual up                    up
BRI0/0                     unassigned      YES unset administratively down down
BRI0/0:1                   unassigned      YES unset administratively down down
BRI0/0:2                   unassigned      YES unset administratively down down
Serial1/0                  unassigned      YES unset administratively down down
Serial1/1                  unassigned      YES unset administratively down down
Serial1/2                  unassigned      YES unset administratively down down
Serial1/3                  unassigned      YES unset administratively down down

****************************************************************************************************

Switch side config

3548XL#sh running-config
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 3548XL
!
no logging console
enable secret 5 $1$kz4Q$oKhKC3cCDZD0.tnBOqWBp1
enable password 7 0119070A4E0A1416731C1F59
!
!
!
!
!
!
ip subnet-zero
!
!
--More--                           !
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 20
spanning-tree portfast
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
--More--                           !
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
--More--                           interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
--More--                           !
interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
--More--                           interface FastEthernet0/43
!
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface VLAN1
no ip address
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN10
--More--                            ip address 192.168.0.2 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
interface VLAN20
ip address 192.168.2.2 255.255.255.0
no ip directed-broadcast
no ip route-cache
shutdown
!
ip default-gateway 192.168.0.1
!
line con 0
exec-timeout 60 0
password 7 12130419070A1E1D787B7578
login
transport input none
stopbits 1
line vty 0 4
exec-timeout 60 0
password 7 12130419070A1E1D787B7578
login
line vty 5 15
--More--                            exec-timeout 60 0
password 7 04510A081A205E575B495447
login
!
end

3548XL#sh ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
VLAN1                      unassigned      YES unset up                    down
VLAN10                     192.168.0.2     YES manual up                    up
VLAN20                     192.168.2.2     YES manual administratively down down
FastEthernet0/1            unassigned      YES unset up                    up
FastEthernet0/2            unassigned      YES unset down                  down
FastEthernet0/3            unassigned      YES unset up                    up
FastEthernet0/4            unassigned      YES unset down                  down
FastEthernet0/5            unassigned      YES unset down                  down

Reza Sharifi · ‎01-30-2011

Correct, and since you already have an ip adress on the router, then you shouled be good.

View solution in original post

Reza Sharifi · ‎01-30-2011

Hi Mahesh,

If the switch is layer-2 only and you want to use vlan 10 for management of the switch, then yes, the default gateway is correct.

Also, since the router is doing the routing for you, you do not need an SVI for vlan 20 on the switch. You simply need an L-2 vlan.

If vlan 10 and 20 are used for user traffic, then you should create a 3rd vlan for management traffic

so, 10 and 20 for user and 30 for management. In this case you only need L-2 vlans for 10 and 20 and an SVI for vlan 30 with default gateway in vlan 30

You will also need a 3rd sub-interface on the router for vlan 30 subnet.

HTH

Reza

mahesh18 · ‎01-30-2011

Hi Reza,

thanks for reply.

when you say management vlan only it means vlan just to telnet the switch right and no ports assigned to it??

i want two vlans on L2 switch to pass traffic.

my vlan 20 shows admin down even though i did no shut few times this is because a layer 2 switch can have only 1 SVI interface???

when you say

Also, since the router is doing the routing for you, you do not need an SVI for vlan 20 on the switch. You simply need an L-2 vlan.

---it means i should use command vlan 20 and assign no IP address to it right?

Also L2 vlan is Vlan with out ip address right ???

thanks

mahesh

Reza Sharifi · ‎01-30-2011

Mahesh,

when you say management vlan only it means vlan just to telnet the switch right and no ports assigned to it??

Correct, you just add the vlan to the trunk uplink to the router

my vlan 20 shows admin down even though i did no shut few times this is because a layer 2 switch can have only 1 SVI interface???

correct, when you create a second vlan/svi it will bring down the first one. So you can only have one SVI and that is usually for management vlan

Also, since the router is doing the routing for you, you do not need an SVI for vlan 20 on the switch. You simply need an L-2 vlan.

---it means i should use command vlan 20 and assign no IP address to it right?

Also L2 vlan is Vlan with out ip address right ???

correct, just L-2 vlans with no IPs

HTH

Reza

mahesh18 · ‎01-30-2011

Hi Reza,

thanks for reply again.

so it menas i can remove command ip address 192.168.2.2 255.255.255.0 and use this command under switch

vlan 20

and assign ports to it?

Reza Sharifi · ‎01-30-2011

Correct, and since you already have an ip adress on the router, then you shouled be good.

mahesh18 · ‎01-30-2011

Hi Reza,

Many thanks for you help on this.

regards

mahesh