Re: router with 802.1q strange request

eric.loiseau · ‎03-20-2009

Hi,

it is a strange request but I have 2 sites with a layer2 link where 802.1q is supported.

For a while, I need to install a router on one side to separate the flow.

But

1 - vlan 1 must be share by both sites with differents networks and the router must terminate the flow and route the trafic.

2 - Others vlans are no routable but must be pass through the router.

For second request do I need to use bridge mode ?

config are like this

________________________________

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.1.1.1 255.255.2550

!

interface FastEthernet0/0.100

description VLAN

encapsulation dot1Q 100

interface FastEthernet0/1.1

encapsulation dot1Q 1 native

ip address 10.1.2.1 255.255.255.0

!

interface FastEthernet0/0.100

description VLAN

encapsulation dot1Q 100

Regards

Giuseppe Larosa · ‎03-21-2009

Hello Eric,

the possibility to bridge over vlan subifs is IOS and platform dependent.

You can verify if you router accepts it.

You need to define a bridge-group for each pair of vlans you want to bridge or it will be a terrible mess.

bridge 1 protocol ieee

int f0/0.100

no ip addr

bridge-group 1

int f0/1.100

no ip addr

bridge-group 1

then bridge-group 2 for another pair of Vlans and so on.

Verify also the max number of bridge-groups you can create they can be less then the number of vlans that need to be bridged.

I would consider if it is a possible solution to bypass the router totally: actually almost all vlans just need to be propagated like in a l2 trunk.

you can remove vlan1 in the list of permitted vlans on both sides and you have a working solution with no bottlenecks.

Locally on each site one device will provide the default gateway for the vlan1.

Only possible problem of a partitioned vlan1 is vtp: if you use vtp you need to deploy it in two vtp domain on the two sides of the link

Hope to help

Giuseppe