Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1705
Views
0
Helpful
3
Replies

VLAN over multiple routers or Multi-VLANs over one subnet

Go to solution
maartenmol96
Level 1
Level 1

‎06-26-2015 12:01 PM - edited ‎03-08-2019 12:43 AM

Hi guys,

So I've got this problem with my school project. 
The main goal is to connect the Dutch network with the Hungarian network. The school given me some information that I have to follow.
I had to create a Vlan99 on the switch SWD in Deventer. The subnet is 192.168.99.0. From every point in the network (including hungarian) it must be possible to connect to the switch SWD with ssh. 

In Hungarian I had to create another Vlan. They didnt give an vlan ID, but only a name. In this case it is "Vlan Servers". This Vlan must also have the subnet 192.168.99.0. From the Dutch network, it has to be possible to connect to the Full Install DC. 

The first problem I see is that there are 2 identical subnets in 2 different networks. I figured that you can't have 2 different vlans with the same subnet so I gave the Vlan Servers the vlan id 99. 

Now the problem is that I cant connect to the 192.168.99.0 subnets in the other networks. So for example, I can connect to the SWD (so vlan 99) from the Dutch network but not to the Hungarian network and vice versa. Yet there is an connection from the dutch network to the Hungarian network, but only to the 2 laptops beneath. Also I can connect to all the devices from the Hungarian network to the dutch one.

 

Its hard to explain the current situation and problem and i'm also from the Netherlands, so if something is unclear, please let me know. I also uploaded the Packet Tracer file with the IP configuration, so maybe that way is easier to understand and try.

Kind Regards,

Maarten Mol

Labels:
vlan99problem.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Shawn Guertin
Level 1
Level 1

‎06-26-2015 01:18 PM

I had to create a Vlan99 on the switch SWD in Deventer. The subnet is 192.168.99.0. From every point in the network (including hungarian) it must be possible to connect to the switch SWD with ssh.

Ok, allow routing between Vlans but use an access-list to restrict the traffic going to the ssh protocol probably on port 22 to Vlan99.

In Hungarian I had to create another Vlan. They didnt give an vlan ID, but only a name. In this case it is "Vlan Servers". This Vlan must also have the subnet 192.168.99.0. From the Dutch network, it has to be possible to connect to the Full Install DC.

The first problem I see is that there are 2 identical subnets in 2 different networks. I figured that you can't have 2 different vlans with the same subnet so I gave the Vlan Servers the vlan id 99.

I see two choices, use the same Vlan and use trunks between you downlinks, or use two different vlan numbers and split the subnet in two using Variable-Length Subnet Masking, example, if you vant to split it 50/50:

Vlan99 network IP: 192.168.99.0 Mask: 255.255.255.128

Vlan "Servers" IP: 192.168.99.128 Mask 255.255.255.128

http://www.ic-ims.com/informaticke_mreze/vlsm_eng/vlsm-and-subnetting-vlsm-tablica.gif

Now the problem is that I cant connect to the 192.168.99.0 subnets in the other networks. So for example, I can connect to the SWD (so vlan 99) from the Dutch network but not to the Hungarian network and vice versa. Yet there is an connection from the dutch network to the Hungarian network, but only to the 2 laptops beneath. Also I can connect to all the devices from the Hungarian network to the dutch one.

You can't have two different Vlans with the same address pool (unless you NAT but thats not the point in your exercise) beeause the routers can only have one route associated to a subnet. Imagine you are a delivery guy and you have to deliver a package to 16 Maple Street, you get to Maple street but you realise that two houses have the number 16 on Maple street, now what do you do? That's the same for your routers.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Shawn Guertin
Level 1
Level 1

‎06-26-2015 01:18 PM

I had to create a Vlan99 on the switch SWD in Deventer. The subnet is 192.168.99.0. From every point in the network (including hungarian) it must be possible to connect to the switch SWD with ssh.

Ok, allow routing between Vlans but use an access-list to restrict the traffic going to the ssh protocol probably on port 22 to Vlan99.

In Hungarian I had to create another Vlan. They didnt give an vlan ID, but only a name. In this case it is "Vlan Servers". This Vlan must also have the subnet 192.168.99.0. From the Dutch network, it has to be possible to connect to the Full Install DC.

The first problem I see is that there are 2 identical subnets in 2 different networks. I figured that you can't have 2 different vlans with the same subnet so I gave the Vlan Servers the vlan id 99.

I see two choices, use the same Vlan and use trunks between you downlinks, or use two different vlan numbers and split the subnet in two using Variable-Length Subnet Masking, example, if you vant to split it 50/50:

Vlan99 network IP: 192.168.99.0 Mask: 255.255.255.128

Vlan "Servers" IP: 192.168.99.128 Mask 255.255.255.128

http://www.ic-ims.com/informaticke_mreze/vlsm_eng/vlsm-and-subnetting-vlsm-tablica.gif

Now the problem is that I cant connect to the 192.168.99.0 subnets in the other networks. So for example, I can connect to the SWD (so vlan 99) from the Dutch network but not to the Hungarian network and vice versa. Yet there is an connection from the dutch network to the Hungarian network, but only to the 2 laptops beneath. Also I can connect to all the devices from the Hungarian network to the dutch one.

You can't have two different Vlans with the same address pool (unless you NAT but thats not the point in your exercise) beeause the routers can only have one route associated to a subnet. Imagine you are a delivery guy and you have to deliver a package to 16 Maple Street, you get to Maple street but you realise that two houses have the number 16 on Maple street, now what do you do? That's the same for your routers.

0 Helpful

Go to solution
maartenmol96
Level 1
Level 1
In response to Shawn Guertin

‎06-26-2015 03:19 PM

I see two choices, use the same Vlan and use trunks between you downlinks.

I think that this solution is the best. So I already made the link between SWD and R3 trunk and created the sub interface on R3. I also did this with the RTB and SWB and made the interfaces that are connected to the VLAN Servers switchport mode access and added the correct vlan ID (99) to it. Yet it doesn't work. Am I forgetting something? Or have I done something wrong? And what do you exactly mean with downlinks?

Oh and thanks for your fast en useful reaction!

 

I've made a quick new network with the exact same idea, but in a simpler configuration. The main question is: How can I connect VLAN99 on the left with VLAN99 on the right?

0 Helpful

Go to solution
Shawn Guertin
Level 1
Level 1
In response to maartenmol96

‎06-29-2015 05:46 AM

In a compagny rou could do a trunking on the switches to share vlans between all switches:

http://www.firewall.cx/networking-topics/vlan-networks/222-intervlan-routing.html

However, according to your plan, you are doing routing between cities, so you don't want trunking beyond the routers. What you should do in that case is put a different subnet in each city and route them. If you need access to another subnet and not another, allow and deny them in an access-list. Wnat is keeping you from using different subnets between two cities? Because what you were asking me was to stay on level 2 between cities instead of going level 3 as your plan describes.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card