Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cat4507R Vlan/network routing
- Thread starter ronnpower
- Start date
If they're all configured on that switch, then all VLAN's should be able to communicate with eachother by default. Check that all the VLAN's are active by doing a "show vlan" or "show ip interface brief". One of these commands should help out.
- Thread starter
- #4
If I may intrude...
Create interfaces on your 4507 for your vlans. Here's an example:
config t
interface vlan 100
ip address 10.16.0.1 255.255.255.0
no shutdown
!
interface vlan 200
ip address 10.1.0.1 255.255.255.0
no shutdown
end
Now if you set up ports in either vlan, they should be able to ping each other.
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
Create interfaces on your 4507 for your vlans. Here's an example:
config t
interface vlan 100
ip address 10.16.0.1 255.255.255.0
no shutdown
!
interface vlan 200
ip address 10.1.0.1 255.255.255.0
no shutdown
end
Now if you set up ports in either vlan, they should be able to ping each other.
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
Whoops...don't forget to turn on a routing protocol, it's best practice. Not that you should need it...since all routers know about all directly connected interfaces.
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
- Thread starter
- #7
To be able to pass traffic between these VLANs, you need to enable routing on your 4507. This should get you going. You also may want to specify a default route out of the network towards a corporate firewall or router (i.e. ip route 0.0.0.0 0.0.0.0 w.x.y.z)
router eigrp 1
network 10.0.0.0
no auto-summary
eigrp log-neighbor-changes
router eigrp 1
network 10.0.0.0
no auto-summary
eigrp log-neighbor-changes
- Thread starter
- #10
Routing is enabled,
Ok this is my running config
Switch#sh run
Building configuration...
Current configuration : 1890 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname Switch
!
!
vtp mode transparent
no ip subnet-zero
!
spanning-tree extend system-id
!
redundancy
mode rpr
main-cpu
auto-sync standard
!
!
vlan 2
name C1
!
vlan 3
name S1
!
vlan 4
name k1
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet3/1
!
interface GigabitEthernet3/24
!
interface GigabitEthernet4/1
!
interface GigabitEthernet4/6
!
interface GigabitEthernet5/1
!
interface GigabitEthernet5/6
!
interface Vlan1
ip address 10.16.50.1 255.255.0.0
!
interface Vlan2
ip address 10.2.50.2 255.255.0.0
!
interface Vlan3
ip address 10.1.50.1 255.255.0.0
!
interface Vlan4
ip address 128.1.50.1 255.255.0.0
!
router rip
network 10.0.0.0
network 128.0.0.0
!
ip classless
no ip http server
!
!
line con 0
stopbits 1
line vty 0 4
this is what I get when I do sh vlan
Switch#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1, Gi1/2, Gi3/1, Gi3/2
Gi3/3, Gi3/4, Gi3/5, Gi3/6
Gi3/7, Gi3/8, Gi3/9, Gi3/10
Gi3/11, Gi3/12, Gi3/13, Gi3/14
Gi3/15, Gi3/16, Gi3/17, Gi3/18
Gi3/19, Gi3/20, Gi3/21, Gi3/22
Gi3/23, Gi3/24, Gi4/1, Gi4/2
Gi4/3, Gi4/4, Gi4/5, Gi5/1
Gi5/2, Gi5/3, Gi5/4, Gi5/5
Gi5/6
2 C1 active
3 S1 active
4 k1 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Ok this is my running config
Switch#sh run
Building configuration...
Current configuration : 1890 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname Switch
!
!
vtp mode transparent
no ip subnet-zero
!
spanning-tree extend system-id
!
redundancy
mode rpr
main-cpu
auto-sync standard
!
!
vlan 2
name C1
!
vlan 3
name S1
!
vlan 4
name k1
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet3/1
!
interface GigabitEthernet3/24
!
interface GigabitEthernet4/1
!
interface GigabitEthernet4/6
!
interface GigabitEthernet5/1
!
interface GigabitEthernet5/6
!
interface Vlan1
ip address 10.16.50.1 255.255.0.0
!
interface Vlan2
ip address 10.2.50.2 255.255.0.0
!
interface Vlan3
ip address 10.1.50.1 255.255.0.0
!
interface Vlan4
ip address 128.1.50.1 255.255.0.0
!
router rip
network 10.0.0.0
network 128.0.0.0
!
ip classless
no ip http server
!
!
line con 0
stopbits 1
line vty 0 4
this is what I get when I do sh vlan
Switch#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1, Gi1/2, Gi3/1, Gi3/2
Gi3/3, Gi3/4, Gi3/5, Gi3/6
Gi3/7, Gi3/8, Gi3/9, Gi3/10
Gi3/11, Gi3/12, Gi3/13, Gi3/14
Gi3/15, Gi3/16, Gi3/17, Gi3/18
Gi3/19, Gi3/20, Gi3/21, Gi3/22
Gi3/23, Gi3/24, Gi4/1, Gi4/2
Gi4/3, Gi4/4, Gi4/5, Gi5/1
Gi5/2, Gi5/3, Gi5/4, Gi5/5
Gi5/6
2 C1 active
3 S1 active
4 k1 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
4 enet 100004 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Vlan 1 shoud be able to talk to your other networks. I don't see any ports assigned to any other vlan except vlan 1.
Have you tried assigning a port to vlan 2 then pinging between the interfaces?
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
Have you tried assigning a port to vlan 2 then pinging between the interfaces?
"I can picture a world without war. A world without hate. A world without fear. And I can picture us attacking that world, because they'd never expect it."
- Jack Handey, Deep Thoughts
In other words, what ipkonfig is trying to tell you is that the VLANs exist, now you just need to assign ports to them. I don't have a 4500 to mess around with, but it generally goes something like this on IOS-based switches:
Switch#conf t
Switch(config)#int g3/1 (or whatever)
Switch(config-if)#switchport access vlan 2
Connect a client to switchport 2, give them a 10.2.x.x address, point them at 10.2.50.2 for their default gateway, and off you go.
Switch#conf t
Switch(config)#int g3/1 (or whatever)
Switch(config-if)#switchport access vlan 2
Connect a client to switchport 2, give them a 10.2.x.x address, point them at 10.2.50.2 for their default gateway, and off you go.
- Thread starter
- #13
Same thing, but the 10.16 clients go into VLAN 1 and use 10.16.50.1 as the default gateway. By default, all ports are in VLAN 1. Now we're back to your original question -
"how do I allow the default network (10.16 on vlan1) talk to the other networks?"
Given that this switch has a route processor (Sup III I'm assuming) it should automatically route between the attached interfaces (The VLANs are the interfaces in this case). If you do a "show ip route", you should see routes to your VLAN networks. Plug a client in and give it a try.
"how do I allow the default network (10.16 on vlan1) talk to the other networks?"
Given that this switch has a route processor (Sup III I'm assuming) it should automatically route between the attached interfaces (The VLANs are the interfaces in this case). If you do a "show ip route", you should see routes to your VLAN networks. Plug a client in and give it a try.
If the client has a 10.16.x.x address, then they must be connected to a switchport that is assigned to Vlan 1. You would just change the switchport allocation, e.g.
Switch#conf t
Switch(config)#int g3/1 (or whatever)
Switch(config-if)#switchport access vlan 1
Just remember that the client's port Vlan assigment must match the IP subnet they are on. For example, if the client's IP address is 10.1.x.x, your config states that this is Vlan 3:
interface Vlan3
ip address 10.1.50.1 255.255.0.0
Therefore, that client must be plugged into a port that is a member of Vlan 3. Again, this is done using the switchport access Vlan X command.
Switch#conf t
Switch(config)#int g3/1 (or whatever)
Switch(config-if)#switchport access vlan 1
Just remember that the client's port Vlan assigment must match the IP subnet they are on. For example, if the client's IP address is 10.1.x.x, your config states that this is Vlan 3:
interface Vlan3
ip address 10.1.50.1 255.255.0.0
Therefore, that client must be plugged into a port that is a member of Vlan 3. Again, this is done using the switchport access Vlan X command.
- Status
