Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPROUTE for only 1 vlan?

Status
Not open for further replies.
meneerB

meneerB

IS-IT--Management
Oct 4, 2005
311
NL
BD6808, Extremeware Version 7.7.4.1, FULL L3

Hi,
On our backbone we use about 20 vlans for internal trafic.

We also have an internet connection, directly connected to our firewall. The firewall does the routing, because the connection to the internet is no L3 device.
(the L2 switch is provided by the internetcompany, and has a fiberuplink to them)

What I want to do is remove the routing from the firewall and let the Blackdiamond do this.
But only for 1 vlan: the vlan where the firewall and the internet switch is in.
The reason for this is, that Im then able to connect a second -seperate- firewall to the internet link, in the same vlan.

The vlan shouldn't have IP Forwarding enabled for other vlans, but should route to the internetswitch.

Is this possible...?

Thank!!
 
Sort by date Sort by votes
Your description's difficult to follow - you want only one subnet to have internet access? And what's the reason for a second firewall?
I'm unsure why you wouldn't want the BD to handle all routing...it's a very capable L3 device, more than a firewall is.
 
Upvote 0 Downvote
ok, like this:
we have one L2 ethernetswitch, with a fiberuplink to our provider.

the current fw is directly connected and does the routing.

we want to add a test subnet/vlan with its own fw.

so, now the first fw cannot do the routing anymore.

I would like to create an isolated subnet on the BD, which does the routing for the 2 fw's.

but naturaly routing should only work for these 2 fw's going to the switch.

is this possible without accesslists, in which I can make errors and maybe unkown open pathways to the internal nets?
 
Upvote 0 Downvote
hi all,
anyone?
the titel should be 'routing between 2 vlans', and only those 2.
thanks!
 
Upvote 0 Downvote
How many vlans do you have with ipforwarding enabled?

If none are you can easily enable ipforwarding on both vlans and add IP's to forward between them.

If you have other vlans with ipforwarding you will have to create new VR's but Extremeware doesn't support the creation of a new Vr
 
Upvote 0 Downvote
clip,

I think I missed your post.
almost all vlans have ipforwarding.

I now will use a spare L3 switch for the 'external lan'.

thanks
 
Upvote 0 Downvote
Enable internal vlanrouting(IPF) on your BD and point a static
default route to your FW.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SambaLotto
  • Locked
  • Question
thread569-1629950 This is the sa
Replies
0
Views
146
SambaLotto
SambaLotto
Kynetica
  • Locked
  • Question
Networking solution for global events
Replies
0
Views
107
Kynetica
Kynetica
D4rthB4n3
  • Locked
  • Question
VLAN cant ping
Replies
1
Views
68
oclaudiox
oclaudiox
RINGINnBLINGIN
  • Locked
  • Question
cannot see to other vlan on switch
Replies
1
Views
88
w33mhz
w33mhz
mirkovic
  • Locked
  • Question
Ask for the solution with repetitive rebooting
Replies
0
Views
111
mirkovic
mirkovic

Part and Inventory Search

Sponsor

Back
Top