Re: switching issue

Roza12 · ‎10-01-2018

Hi guys

please anyone can help me with below issue

i have designed part of the network in Packet tracer to be more understandable, so please check the attached picture

Main office --- E0MPLS --- branch office

in core switch many vlans are configured

vlan for servers: vlan200 ip add 172.16.20.1

vlan for voice: vlan 300 ip add 172.16.30.1

and in branch office they have equipment (server, 3 printers) in same range vlan server (vlan200)

but the problem is the traffic from main to branch is going and back (broadcast, high traffic)

they asked to reduce this traffic (broadcast) how can we solve this problem ???

Seb Rupik · ‎10-02-2018

Hi there,

You will need to create a new VLAN at the branch office:

VLAN400 (192.168.40.0/24) and route it on the branch router. This will reduce the broadcast traffic traversing the EOMPLS link.

You will then need to create a point-to-point link between the main office and branch office, using the Layer3 link to route between the two sites. Due to the size it will be sufficient to configure static routing between the sites and not require running a dynamic routing protocol.

cheers,

Seb.

Roza12 · ‎10-02-2018

Hi Seb

Thanks for your info.

please correct me if i'm wrong

1-

Mainoffice# configure terminal

Mainoffice(config)# ip route 172.16.40.0 255.255.255.0 172.16.100.90

2-

Branchoffice# configure terminal

Branchoffice(config)# interface vlan 400

Branchoffice(config-if)# ip add 172.16.40.1 255.255.255.0

Branchoffice(config-if)# no ip redirects

only configure like this way to solve the problem ????

and they asked to configure voice vlan also in branch office can we do that or not ???

and what about the default gateway, is it necessary to configure it or not ????

because i'm going to replace the device and make new configuration

Deepak Kumar · ‎10-02-2018

Hi,

Second option to configure Broadcast storm at the branch office.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Seb Rupik · ‎10-02-2018

The VLAN400 SVI looks good.

Regarding the static route, what is 172.16.100.90 ?

For the point-to-point link you will need to configure SVIs at each site I the same subnet. Say VLAN1000, with the following config:

! mainoffice
int vlan 1000
  ip address 10.10.1.1 255.255.255.252
!
ip route 172.16.40.0 255.255.255.0 10.10.1.2
!

! branchoffice
int vlan 1000
  Ip address 10.10.1.2 255.255.255.252
!
ip route 192.168.20.0 255.255.255.0 10.10.1.1
ip route 192.168.30.0 255.255.255.0 10.10.1.1
!

And then remove VLAN200 from the MPLS link but span the new VLAN1000 between them.

Cheers,

Seb.

Roza12 · ‎10-02-2018

Hi Seb

172.16.100.90 is a mgm ip (svi) in branch like diagram that i attached before

main office

inter vlan 1

ip add 172.16.100.1 255.255.255.0

branch office

inter vlan 1

ip add 172.16.100.90 255.255.255.0

------------------------------------

and regarding to this config.

ip route 192.168.20.0 255.255.255.0 10.10.1.1
ip route 192.168.30.0 255.255.255.0 10.10.1.1

these IP addresses for vlans (servers, voice) , or what ???

and do i need to configure voice vlan in branch because they asked me to do that ???

and what do you mean (remove vlan 200 ) this vlan for servers ??

remove it from main office or from branch or what ??? and why ???

and default gateway do i need to configure it ?????

Thanks in advance

Seb Rupik · ‎10-02-2018

I would keep your management VLAN for that purpose, don't use it for bulk inter-site traffic.

Voice traffic can also be routed, so create a VLAN401 for that purpose (192.168.41.0/24) and have that traffic routed via VLAN1000 back to the main office. You will need to configure DHCP helpers on the new VLANs so that DHCP requests are sent to the main office. This will require you to create additional DHCP scopes for the new VLANs 400 and 401.

Those ip route statements you highlighted provide the paths back to the main office for VLANs 20 and 30. If the branch office is a stub network with no local POP on the internet (ie all traffic must go to the main office) then you could just configure the default gateway to send all traffic to 10.10.1.1

cheers,

Seb.

Roza12 · ‎10-02-2018

Hi Seb

could you please be more specified regarding to DHCP helper and DHCP scops

DHCP helper: which ip should i use ??

configure scope: in branch, am i right ??

so the config. will be :

main office 
-------------
inter vlan 1
ip add 172.16.100.1 255.255.255.0
!
int vlan 1000
  ip address 10.10.1.1 255.255.255.252
   spanning-tree portfast
!
int vlan 200 // servers
  ip address 172.16.20.1 255.255.255.0
!
!
int vlan 300 /// voice
  ip address 172.16.30.1 255.255.255.0
!
ip route 172.16.40.0 255.255.255.0 10.10.1.2   
!

branch office
---------------
inter vlan 400  ///   servers
 ip add 172.16.40.1 255.255.255.0
ip  helper address <ip add>
!
inter vlan 401  ///   voice
 ip add 172.16.41.1 255.255.255.0
ip  helper address <ip add>
!
int vlan 1000
  Ip address 10.10.1.2 255.255.255.252
   spanning-tree portfast
!
ip route 172.16.20.0 255.255.255.0 10.10.1.1 /// or default gateway 10.10.1.1
ip route 172.16.30.0 255.255.255.0 10.10.1.1 /// or default gateway 10.10.1.1
!
ip dhcp pool vlan400
network 172.16.40.0 255.255.255.0
default-route 172.16.40.1 
!
ip dhcp pool vlan401
network 172.16.41.0 255.255.255.0
default-route 172.16.41.1

please correct me if i'm wrong ??

Seb Rupik · ‎10-02-2018

Looks good. Make the following additions:

! main office
!
int vlan 1000
  no spanning-tree portfast
!
ip route 192.168.41.0 255.255.255.0 10.10.1.2
!

! branch office
!
no ip dhcp pool vlan 400
!
no ip dhcp pool vlan 401
!

Regarding the DHCP, it is probably a good idea to use the same DHCP servers as the main office. The main office DHCP scope will have DHCP options configured which are pertinent to the voice configuration. What IP helper address do you use on the SVIs at the main office? Use the same IP on the branch office SVIs.

Cheers,

Seb.

Roza12 · ‎10-02-2018

Hi Seb

Thanks for all info.

regarding to DHCP scope you mean only add range (vlan 400 and vlan 401 ) to dhcp server in main office

no need to create new dhcp only for branch

for helper address i found we have two, same range server (vlan200)

ip helper-address 172.16.20.27

ip helper-address 172.16.20.43

and last question

do i need to configure trunk between 2 offices for different vlans or not ??????????

Seb Rupik · ‎10-02-2018

Yes, use those two IPs in the server VLAN 200 as the helper address for the branch site SVIs.

Regarding the trunk link, the MPLS link only needs to carry VLAN 1 and VLAN 1000.

Perhaps at a later date you may want to look at having a new management VLAN routed at the branch site to remove the small amount of broadcast traffic that may be traversing the management VLAN between sites.

cheers,

Seb.

Roza12 · ‎10-02-2018

Hi Seb

Perhaps at a later date you may want to look at having a new management VLAN routed at 
the branch site to remove the small amount of
 broadcast traffic that may be traversing the management VLAN between sites.

How can i do that cuz we are facing this issue and i need to reduce broadcast traffic ?????

Seb Rupik · ‎10-02-2018

I doubt you management VLAN would generate as much as the Server and Voice VLANs. But...to implement a new management VLAN follow the same steps for the creation of the VLAN400 above. Make sure you route it at the branch, remove VLAN1 from the MPLS link between sites and provide a static route for the subnet at the main office. I assume you will statically assign IP addresses on the management VLAN so there will be no need for a new DHCP scope.

You will also need to update any monitoring software to use the new IP addresses of infrastructure kit on the new management VLAN.

With this implemented you will just have VLAN1000 traversing the MPLS circuit and should have resolved your broadcast traffic issues.

Cheers,

Seb.