Why does routing work without declaring vlan10 on 2960s-24td-l and 2900 Series Router?

jonharder · ‎10-29-2012

I have recently split the voice vlan (10) from the data network (1), and am wondering why my catalysts and router do not require an interface Vlan10 statement. In the past I used OpenBSD boxes to do the routing, and I first needed to configure vlan 10 on the interface before I could get inter-vlan communication to work. With these Cisco devices it works, and I am wondering if it is because of VTP, for the fact that the ports maybe just pass all traffic, or is there some other explanation? Below is the setup, and firmware is up-to-date on all of the devices.

Shoretel 230 (IP phone)

Statically set for 802.1 tagging and vlan 10

|

Cisco SGE2000p (Switch)

Port 24 configured for trunking vlans 1 and 10 and all other ports configured to General (for both vlans)

|

Cisco 2960s-24td-l (Switch)

Show running-config only shows vlan 1 configured. Trunking allowed vlans 1,10 configured on ports connected to the SGE switches, only vlan 1 on one port and only vlan 10 on another port connected to the router/gateway (below). DHCP servers are on their own vlan as well.

|

Cisco 2900 Series (Router)

No vlans are declared, but the interfaces are on separate subnets with ip nat inside

When I plug a phone into the POE SGE, the phone turns on, obtains an address on the proper subnet, and conversations are clear (whereas without the ip nat inside on the new subnet the calls had a lot of static). Possibly the reason that it works is because the phones properly create the tcp/ip packet, and it hops over the trunks and creates the states so that traffic routes back properly. I will install wireshark to see exactly what is going on, but is there a simple explanation that I am overlooking?

Thanks,

Jon

David Hornstein · ‎10-29-2012

Hi Jon

The switch in general mode tells the port that it can accept untagged ethernet frames from many vlans...phew..pretty confusing for a layer 2 switch know what ethernet frames belong.

Whats wrong with setting the router to a transmit/receive tagged vlan10.

There should be heaps of examples available. my example below doesn't show any NAT/QOS configuration.

2821

dot11 syslog

ip source-route

!

ip cef

ip dhcp excluded-address 192.168.20.1 192.168.20.10

ip dhcp excluded-address 10.2.1.1 10.2.1.10

!

ip dhcp pool data

import all

network 192.168.10.0 255.255.255.0

default-router 192.168.20.1

dns-server 209.18.47.61 209.18.47.62

!

ip dhcp pool voice

network 10.2.1.0 255.255.255.0

dns-server 209.18.47.61 209.18.47.62

default-router 10.2.1.1

option 66 ip 10.1.1.1

option 150 ip 10.1.1.1

!

interface GigabitEthernet0/0

ip address 192.168.75.21 255.255.255.0

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/1.1

encapsulation dot1Q 1 native

ip address 192.168.20.1 255.255.255.0

ip virtual-reassembly in

!

interface GigabitEthernet0/1.10

encapsulation dot1Q 100

ip address 10.2.1.1 255.255.255.0

!

With this sort of router configuration, you can trunk the switch ports so that all switch ports are untagged for Vlan1 and Tagged with VLAN10

2960 - no QOS configuration

interface range FastEthernet0/1 - 24

switchport mode trunk

switchport voice vlan 10

interface GigabitEthernet0/1

description to 2900 router gig0/1

switchport mode trunk

.

But I have to admit your description below does not show how the switches are connected together. A diagram, even with MS Paint, sure would be useful.