Routing between two networks

karamak2 · ‎06-07-2016

Hi All,

I had a question here.

Basically, we have two different networks. Each network has one Cisco 2960 layer 2 switch for each network in the same location. These are two individual networks. There is a link from each switch to a service provider router. The service provider has provided us two interfaces on their router, one for each network. The default gateway on each switch is the inside interface IP of the router. The service provider router does all the routing before sending it out WAN to our data center.

Attached is a quick drawing put together.

Now, we have a backup server connected to each switch for each network. In an attempt to reduce the number of backup servers, management has asked us to reduce to one backup server (for both networks) and use the other backup server as spare. My question is, how can we route between the two networks, for the sake of using single backup server. The users should still be on separate networks. Do we need to put a layer 3 device to perform the routing? Or can we add some kind of static routes on our layer 2 switch to the service provided router since it is doing all the routing? Can someone please comment?

Seb Rupik · ‎06-07-2016

Hi there,

Since both your existing networks will be using the service provider router as the default gateway for their respective VLANs you do not need to make any changes to the topology or configuration of the switches.

The SP router will provide the inter-VLAN routing. If the networks cannot communicate then there will be configuration present on the router which is preventing it, possibly something as simple as an ACL. Talk to your provider, the solution should be achievable at no extra cost.

cheers,

Seb.

karamak2 · ‎06-07-2016

Thanks guys for your replies.

Seb,

Both networks are on VLAN 1. Both networks will use the router as default gateway. But since the network communication occurs before it hits the service provider router, won't I need to configure any static routes?

Seb Rupik · ‎06-08-2016

Hello again,

The VLAN ID you are using on your switches is arbitrary and will not cause a conflict on the SP router. The communication which occurs on the switches is at Layer2, any destination IP addresses not within the switch subnet will be sent to the gateway (SP router).

Therefore no static routes are required.

cheers,

Seb.

Prabath Godevithanage · ‎06-07-2016

Few Options for you,
First thing I would try,request the Service provider to add required routing on the router.ISPs i have dealt in the past allow some minor changes depending on your contract with no charges.

If you want the flexibility for changes,I would go adding my own router just after the ISP router.This may require some ISP changes

Third option,You could have two Network Interface Cards on your server connecting to two different networks.here no ISP changes would require

Depending on your IOS on the switches, There's a possibility that they could support static routing on SVIs.
but can't see a way that you could use that without making major rearrangement on to the network,Plus this would still require some changes on ISP router to get your backup network on to internet

***Please rate all the useful posts***
-Prabath

karamak2 · ‎06-07-2016

Prabath,

Thanks a lot for your reply.

Regarding the first option, What routing would they need to add extra? Since they are routing between the two networks? Also, since the network communication occurs before it hits the service provider router, won't I need to configure any static routes?

Regarding the second option, it won't be possible to add my own router after the ISP router, since it connects to the WAN directly.

If going the third option, how can I route between the two networks only for this one server. Its VLAN1 only for both networks, but different subnets.

Prabath Godevithanage · ‎06-07-2016

well,As Seb mentioned if your ISP router already does the routing you wouldn't have to do anything but the way you explained it inst.

simple way to test, jump on to the backup server that you'd like to keep and ping hosts that you'd like to be backed up or access in both the networks that you have mentioned.

This way you could confirm whether there is existing routing in between or not. Then I would do a trace route to identify the path they are travelling as well,just to make sure to find out where the actual routing happens.

Post your back up servers IP/Mask/Gateway details and what ever the IP details you have

We'll look at your first question after doing the above ping test.as for the last question .Well for your last question what I meant was you have to insert an additional NIC on to your server that you going to keep.So it can be plugged in to both the network at the same time.no additional routing required in this case and will only resolve the connectivity for just that server

***Please rate all the useful posts***
-Prabath

karamak2 · ‎06-07-2016

Prabath,

Thanks again. This is not yet implemented. We are still in implementation stages and I would like to know what it would take. One thing is that both are class C and /24 subnets.

One network is 192.40.24.0/24 and the other is 192.40.26.0/24. So the default route on one switch points to 192.40.24.254 and the default route on the other switch points to 192.40.26.254. The switch IP are 192.40.24.211 and the other Switch IP is 192.40.40.211.

So would they still be able to access each other if inside the LAN, although the SP does the routing?

Prabath Godevithanage · ‎06-07-2016

So would they still be able to access each other if inside the LAN, although the SP does the routing?not unless ISP router is configured for intervlan routing

However its not a difficult task,depending on the choice of ISP router it might be a tick-box or two static routing statement minimum.All you have to request your ISP is to enable intervlan routing on your two networks that they going to hand off.

Do you have any security concerns?as in devices in 192.40.24.0/24 accessing devices in 192.40.26.0/24.If that's the case,you could request your ISP to block everything else than your backup server through an access-list.

Also what's the ISP link?is it just internet or a WAN link

You loose your flexibility when you deal with ISPs a bit for you r internal routing.For small sites of ours we usually have our own router behind ISP which we use for routing and various type monitoring

***Please rate any useful posts***

***Please rate all the useful posts***
-Prabath

Joseph W. Doherty · ‎06-08-2016

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

As the other posters have already noted, it's likely your provider can route between your two network, easily.

That said, the ISP's router might not be sized to effectively (performance) route between the two networks for a high volume of traffic, as might be seen with a backup server.

As you also note, you're in the implementation stage, work with your SP to have a L3 device that can handle your LAN routing performance requirement.

If they are unwilling to provide such a device, or it seems excessively expensive, there are other options. Such as using a dual homed server (already mentioned) or having your own L3 device in front of the SP's router (also already mentioned).