VLAN Gateways...

Walsby1983 · ‎08-05-2011

Hi all, im after some advice re vlan gateway's per switch!

I'm currently implementing some new vlans, we have 2 core switches (4500's) that are connected via an etherchannel which our access switches connect into. One being the VTP master (if thats relevant).

I've setup one of the new vlan's on the one that is the VTP master with a gateway of 10.0.30.1 - my question is if i give the same ip gateway to the same vlan on the other core switch is it going to cause issues? best practice etc? Or should it be a different ip 10.0.30.2 for example?

I did it as a test and it appears to work, but obviously there isnt much connecting on this vlan yet....

Thanks in advance

Jon Marshall · ‎08-05-2011

Alan

You shouldn't do this, you need to use a separate IP. If you have a L2 trunk connecting your core switches then you can run HSRP which provides gateway redundancy for your clients eg. -

core 1

int vlan 10

ip address 192.168.5.2 255.255.255.0

standby 10 ip 192.168.5.1 <-- Virtual IP (VIP)

standby 10 pri 110

standby 10 preempt <-- this assumes core1 is STP root as well so if core1 fails then comes back up it will preempt core 2

standby 10 authentication

core 2

int vlan 10

ip address 192.168.5.3 255.255.255.0

standby 10 ip 192.168.5.1

standby 10 pri 100

standby 10 authentication

then you use the virtual IP 192.168.5.1 as the default-gateway for your clients. core1 will be the active switch for the VIP. If core 1 fails then core 2 will take over responsibility for the VIP.

The above assumes your access-layer switch is connected to both core switches.

Jon

Walsby1983 · ‎08-05-2011

Many thanks Jon, you confirmed my suspicion! Wasnt fully aware of the HSRP (is this just for routers? or L3 switches as well) or standby commands so that is very useful thanks.

So its ok to have the standby IP the same under each switch? Standby 10 refers to the vlan number i'm assuming?

Jon Marshall · ‎08-05-2011

Alan

HSRP works on both and is actually more commonly seen between L3 switches.

So its ok to have the standby IP the same under each switch

Not sure what you mean. Each interface has it's own physical IP assigned to it. If you mean the 192.168.5.1 this is the Virtual IP, not the standby IP and it needs to be the same to provide redundancy for the clients.

The 10 in standby 10 actually refers to the HSRP group. I just used 10 to match the vlan number but it doesn't have to.

Jon

Walsby1983 · ‎08-05-2011

Thanks again Jon, apologies I'm quite new to networking - I meant the VIP. I'll read up on HSRP.

Thanks again.