Re: VLANs in Cisco 3 layer hierarchical model

rupesh00111 · ‎03-06-2018

Hi Experts,

We are planning to convert 2 Layer (Core and Access) LAN topology to 3 Layer (Core-Distribution-Access) hierarchical model.

All L3 interfaces will be moved from Core to New Distribution layer. Please find attached topology I am testing in GNS3.

I have below question

1. Can we assign same VLAN (10.64.1.0=VLAN1) on distribution Switch1 (IOU2) and distribution Switch2 (IOU5)?

2. Currently I have done the config as mention in Question1 above but I am not able to ping IOU5=10.64.1.12 from PC1 but I am able to ping IOU2=10.64.1.11 from PC1

and / OR

not able to ping IOU2=10.64.1.11 from PC3 but I am able to ping IOU5=10.64.1.12 from PC3

Please help

Best Regards

Rupesh

chrihussey · ‎03-06-2018

The current design will not allow for VLAN 1 to be the same L3 network (10.64.1.x) on both distributions as there is no L2 connectivity between them. If you want them to share the same management network you will need to establish a L2 link between the distributions. If you don't want to do that, they will have to be separate management networks.

Also, it is best practice not to use VLAN 1 at all. It would be best just to create a different VLAN(s) for management.

Hope this helps.

rupesh00111 · ‎03-06-2018

Hi chrihussey,

Thanks for your reply.

What would be the good practice to creating creating L2 interface between distribution switches?

Or

To use different subnets on each distribution?

Thanks

chrihussey · ‎03-06-2018

That would depend on what you want to achieve. If you want similar VLANs / networks on both distributions then you would almost certainly need a L2 trunk between the switches. This would also provide a level of redundancy, especially if you were to run HSRP and have dual uplinks from the access to the distributions. A pretty common design.

If however you want total L3 separation between the distributions then you'd have to keep all the VLANs and networks unique to each switch. If this is the case, I would still make the VLANs unique to both so that if you ever have to join them there won't be any conflicts.

Hope this helps

brselzer · ‎03-07-2018

Hello,

Another option you have is to make loopbacks with /32 subnets so that each router has its own subnet. Then you could advertise those routes into your routing protocol. This way, everything is L2 and you don't have to worry about running L2 links everywhere. For example:

IOU1 Int Lo1 = 10.64.1.1/32

IOU2 Int Lo1 = 10.64.1.2/32

IOU5 Int Lo1 = 10.64.1.5/32

This way all your ip address are in the same address space (10.64.1.0) but they aren't actually in the same subnet. With this setup, you will use your routing protocol to route to your management IPs.

Hope that helps!

-Bradley Selzer
CCIE# 60833

rupesh00111 · ‎03-07-2018

Hi Bradley,

Thanks for our reply. I will test both the options and will keep posted here.

Best Regards,

Rupesh

Joseph W. Doherty · ‎03-13-2018

As Chris has been responding, not much I can add, but was curious why you're moving from a 2 layer design to 3 layer.

As your diagram shows a router symbol for the core device, I presume you plan to have a L3 core, but I also was wondering whether you've considered a L2 core.