Thanks Reza,

I've done this. I can get into the switch module doing it the same way you described. My problem is how do the router and switch communicate the VLANS? Is there an internal switch fabric between the two like the 881s?

For instance; on the 881s I configure the VLANs and VLAN interface  IPs on the router then, I configure the switchports to a VLAN. I'm wondering where I should configure the VLANs and their ip addresses - on the router or switch and how do the router and switch module exchange data between them?

Thanks, Pat.

Pat,

If I remember correctly, it is the last port on the switch module.  do a "sh ip int bri"

If you have a 24 port module, than it should be port 25 or 26.

HTH

Thanks Reza.

What are these interfaces - are they the connection to the router? If so, do I configure them as trunks to use the VLANs that were configured on the router? And, what interface on the router connects to them, if any?

Thanks, Pat.

Pat,

If the interface is in up and up mode, do a "sh cdp nei" it will tell you what port on the router it is connected to. It may be gi2/0 but not sure

HTH

Switch#sh cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
mchenry.pcc.int  Gig 0/26          169              R S   CISCO2951 Gig 2/0
mchenry.pcc.int  Gig 0/25          142              R S   CISCO2951 Gig 2/1
Switch#

I did a ctrl shift 6 then x

Then I go into the router...........

mchenry#sh ip int br

Interface                  IP-Address      OK? Method Status                Protocol

Embedded-Service-Engine0/0 unassigned      YES NVRAM  administratively down down

GigabitEthernet0/0         unassigned      YES NVRAM  down                  down

GigabitEthernet0/1         172.17.0.17     YES NVRAM  down                  down

GigabitEthernet0/2         unassigned      YES NVRAM  administratively down down

GigabitEthernet2/0         1.1.1.1         YES manual up                    up

GigabitEthernet2/1         unassigned      YES unset  up                    up

NVI0                       unassigned      YES unset  administratively down down

Tunnel0                    172.20.68.12    YES NVRAM  up                    down

Tunnel1                    10.3.68.12      YES NVRAM  up                    down

Vlan1                      unassigned      YES unset  up                    up

mchenry#

So it appears that I'm connecting to the switch module through gig2/0 on the router for management but , this still doesn't answer the question I have for configuring. I want the connection between ther router and switch module to be layer 2. Should I make the g2/0 on ther router and the g0/26 on the switch trunk ports. Or is ther a more elegant way of doing this?

By the way what is the embedded-service-Engine0/0?

Thanks, Pat.

Correct, you would need the trunk 0/25 on the switch side and 2/1 on the router side since they are neighbors.  These are internal interfaces.

mchenry.pcc.int  Gig 0/25          142              R S   CISCO2951 Gig 2/1

HTH

OK.

What about the g0/26 to g2/0 link? Should I just shut that?

It would seem weird to me to have one layer 3 connection and one trunk connection, wouldn't it? Or, is this the way it is done?

Thanks, Pat.

Isn't gi2/0 (ip 1.1.1.1) the one you use to session to the switch? If yes, than you need to have this interface in up and up mode in order to get from the router to the switch.

By the way what is the embedded-service-Engine0/0?

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/cimce/1.0/configuration/guide/CIMCe.html#wp1104930

HTH

Reza,

I'm trying to understand this concept of the switch module inside a router and I'm not getting any closer.

The config will have 2 VLANs - 10 and 30 both sharing the same subnet and IP. 10 will be for data and 30 will be for voice.

So, should I create the VLANs on the switch then, configure a VLAN 10 interface and a VLAN 30 interface on the router? And create a trunk between the router and switch. g2/1 on the router and g0/25 on the switch?

Thanks, Pat.

Pat,

First, usually you assign one vlan to one subnet and not 2 vlans to one subnet.  It does work, but it is not common and also confusing.  So, if you are planning 2 have 2 vlans, assign a subnet to each. Specially since one of your vlan (30) will be used for voice, it is always a good idea to keep the voice vlan/subnet separate from data.

Example:

192.168.10.0/24 vlan 10 data

192.168.30.0/24 vlan 30 voice

Now, let me explain the switch concept.

Think about the switch module as regular 3560 switch.  As a matter of fact the switch module inside your router runs the same image that you load on a standalone 3560 switch. Now, you create 2 layer-2 vlans (10 and 30) on the switch module.

config t

vlan 10

name data vlan

config t

vlan 30

name voice vlan

now, you trunk interface gi0/25

On the router side you now add 2 sub-interfaces to gi2/1 (one for vlan 10 and one for vlan 30)

example:

config t

inter gi2/1.10

ip address 192.168.10.1 255.255.255.0

encap dot.1q 10

inter gi2/1.30

ip address

192.168.30.1 255.255.255.0

encap dot.1q 30

So, the route routes between vlan 10 and 30.

It this more clear now?

HTH

Reza

Thanks for answering so late.

Yes that does clear things up a lot!!

I know the 2 VLANs on one subnet is a little confusing but, that is how we have been deploying the 881s to remote users so, I'm going to keep it standard for the small office-2951s.

This brings up some more questions:

I'm a little confused about the g2/1 and g2/0. Does Cisco give you 2 of these "logical"  interfaces for the purpose of what I want to accomplish - provide a trunk between the router and switch module for passing VLANs or I gues you could keep it an access port for a flat network using one interface and also provide a layer three connection for management using the other?

Thanks, Pat.

Thought I might include this to give you a better idea of what I am trying to accomplish.

This is the VLAN interface configs on the 881s:

interface Vlan10

description Corporate Access

ip address 172.16.0.209 255.255.255.248

no ip redirects

no ip unreachables

ip nat inside

ip inspect cvo-inspect in

ip virtual-reassembly

ip tcp adjust-mss 1360

no autostate

!

service-policy input mark_incoming_traffic

interface Vlan20

description Guest Access

ip address 192.168.68.1 255.255.255.0

ip nat inside

ip inspect cvo-inspect in

ip virtual-reassembly

ip policy route-map pbr

no autostate

!

interface Vlan30

description Corporate Voice

ip unnumbered Vlan10

ip access-group allow_skinny_acl in

ip inspect voice in

no autostate

!

service-policy input mark_incoming_traffic

end

Vlan1                      unassigned      YES TFTP   administratively down down

Vlan10                     172.16.0.209    YES manual up                    up

Vlan20                     192.168.68.1    YES manual up                    up

Vlan30                     172.16.0.209    YES TFTP   up                    up

I'm thinking I could create the same config with the 2951 but use the sub-interfaces like you described.

Do you think that will work?

Thanks, Pat.

It should work.

I did a sample config on a 2800

interface GigabitEthernet0/1.10

encapsulation dot1Q 10

ip address 172.16.0.209 255.255.255.248

no snmp trap link-status

!        

interface GigabitEthernet0/1.20

encapsulation dot1Q 20

ip address 192.168.68.1 255.255.255.0

no snmp trap link-status

!        

interface GigabitEthernet0/1.30

encapsulation dot1Q 30

ip unnumbered GigabitEthernet0/1.10

no snmp trap link-status

GigabitEthernet0/1.10      172.16.0.209    YES manual up                    down   

GigabitEthernet0/1.20      192.168.68.1    YES manual up                    down   

GigabitEthernet0/1.30      172.16.0.209    YES TFTP   up                    down

This interface is not connect to anything and that is why it shows it as up and down, but you get the idea.

HTH

Reza