Re: Routing vlans without a trunk

erdiazgue · ‎01-23-2007

Hi,

Is there a way to route between 2 vlans WITHOUT using vlan trunking and using only 1 cable between the Router and the Switch.

Scenario:

Router

|

Switch

/ \

Vlan1 Vlan2

Richard Burts · ‎01-23-2007

Ernesto

Given the limitations of 2 VLANs on the switch, one cable from the switch to one interface on the router, I do not believe that Inter-VLAN routing is possible without trunking (UNLESS the switch happens to be a layer 3 switch which can do its own Inter-VLAN routing).

HTH

Rick

HTH

Rick

erdiazgue · ‎01-23-2007

Hi Rick,

It's a switch layer 2.

Francois Tallet · ‎01-23-2007

Not with a Cisco switch afaik. You need a trunk or two physical links between the router and the switch.

Regards,

Francois

Francois Tallet · ‎01-23-2007

BTW, why is that requirement? Are you trying to do something similar to private vlans? (private vlans might help here)

Regards,

Francois

erdiazgue · ‎01-23-2007

Hi Francois,

It was a challenge Lab. I didn't get to know what was the correct answer thats why I wanted to doublecheck with the forum if there could be any possible way around given the limitations.

Do you think it could be possible using private vlans?

Francois Tallet · ‎01-23-2007

Oh I see;-)

Yes, I guess they were expecting private vlans here. A promiscuous port allow you to have l3 connectivity between two private vlans while preventing direct l2 connectivity. Now, of course, you can challenge the fact that the two vlans are different, as they share the same primary vlan;-)

Regards,

Francois

markwgallagher · ‎01-23-2007

I'm pretty sure you can use Subinterfaces on each side if you run ios on both sides...

you'll still have some 802.1q config, but it would look something this:

ROUTER

interface GigabitEthernet2/0

description ROUTER

ip address 10.14.2.254 255.255.255.0

!

interface GigabitEthernet2/0.1

encapsulation dot1Q 1 native

no snmp trap link-status

no cdp enable

no shut

!

interface GigabitEthernet2/0.14

description ROUTER-OPER-NET-GATEWAY

encapsulation dot1Q 14

ip address 10.14.1.254 255.255.255.0

ip access-group lan-ROUTER-OPER-in in

ip access-group lan-ROUTER-OPER-out out

!

interface GigabitEthernet2/0.114

description ROUTER-MGMT-NET-GATEWAY

encapsulation dot1Q 114

ip address 10.19.14.254 255.255.255.0

ip access-group lan-ROUTER-MGMT-in in

ip access-group lan-ROUTER-MGMT-out out

no shut

!

SWITCH

interface GigabitEthernet0/1

description SWITCH

ip address 10.14.2.253 255.255.255.0

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 1 native

no snmp trap link-status

no cdp enable

no shut

!

interface GigabitEthernet0/1.14

description SWITCH-OPER-NET-GATEWAY

encapsulation dot1Q 14

ip address 10.14.1.253 255.255.255.0

ip access-group lan-SWITCH-OPER-in in

ip access-group lan-SWITCH-OPER-out out

!

interface GigabitEthernet0/1.114

description SWITCH-MGMT-NET-GATEWAY

encapsulation dot1Q 114

ip address 10.19.14.253 255.255.255.0

ip access-group lan-SWITCH-MGMT-in in

ip access-group lan-SWITCH-MGMT-out out

no shut

!

erdiazgue · ‎01-23-2007

Thanks for the answer, I'm sure this could work, but the challenge question was without using trunking (without using ISL or dot1q)

BTW In the scenario both the switch and router are Cisco, and the switch is a layer 2 device.