New to VLANs, help.

[CANIndiana]

Ok, I have 5 Dell PowerConnect 6248 Layer 3 switches. I have two of them set up as 192.168.0.x, one set up as 192.168.1.x, and and 2 that need to be set up as 192.168.2.x and a spare.

I've given each of the switches and IP address on the necessary subnet.

Port 1 on each switch is set as a trunk port and assigned to a VLAN. Each switch has a VLAN set up. S1 is VLAN10, S2 is VLAN20 and S3 and 4 are VLAN30.

The hard part for me and where I need help is getting the switches to talk to each other. Right now I have two of the switches on my desk and if I give my test machines a static IP and put them on the same VLAN they talk to each other. So far so good there. What I need to know how to do is set up routing on the switches so that computers in one VLAN such as VLAN10 can communicate with VLAN30 for example.

I had ordered the Layer 3 switches so all the routing would be handled at the switches but I don't see any good guides on how to set this stuff up. FWIW I'm using the web interface to do all this too.

Thanks in advance!

 

[VinceWhirlwind]

You need to sit down and write down your design before trying to fiddle with them. You need to ask yourself what your VLANs are actually for - there's no good reason to have the same VLAN across multiple Layer2 switches and even less reason if they are Layer3 switches.

Your config above shows that you have your PCs' default GW on the same switch for both VLANs. Makes me wonder how your other switches are configured, so the most important thing to decide is how your routing is going to work.

To me it's a no-brainer
Configure Switch1 to be your "core" with 5 VLANs and the default GW address for each vlan.
You then configure (non-trunk!) "uplink ports" with one VLAN on each for each of your 4 other switches, and the rest of your "core" can have the rest of its ports in the 5th VLAN.
On your other 4 switches, you disable routing and give it an IP address in its own VLAN (for management, nothing else), and configure all its ports to be in its own VLAN.

 

[CANIndiana]

Vince,

That's more or less what I thought I needed to do, except well I've never done this before and I have no idea what's going on so I'm just trying to figure it out as I go and get it to work.

 

[burtsbees]

In a collapsed core like that, you should have only one L3 switch like Vince stated. However, Vince's idea does not allow for multiple vlans on the same floors...

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[VinceWhirlwind]

No, I don't allow that....it's nice and simple, though.

 

[VinceWhirlwind]

We can talk through adding extra VLANs to floors after he gets it working to this point, though.

I really think the most important thing is design - if you know 100% what outcome it is you want, then you just have to sit down and fiddle with your switch until you get there.
But if you don't know what you want, you're just going to end up with some random setup which somebody is going to have a good laugh at some time down the track when they have to get somebody in to fix something.

I had a classic one like that yesterday - IBM had setup some system on a site and they'd updated <something?> and the whole thing had broken - they wanted somebody to get onto the switches and figure out why they weren't working. I found the classic random config you get sometimes:

interface f0/12
sw acc vlan 7
sw trunk nat vlan 7
sw tr vlan allowed 7
....+ a bit of other random crap

as well as the facing non-cisco switch being configured as a .1q trunk with vlan 8 as the untagged VLAN instead of 7, creating a vlan mismatch.

AND (there's more!) the site design doco showed this particular segment as being in VLAN 9.

All this crappy config & doco wasn't the reason it was broken, but it prevented the IBM guys from understanding what the hell was meant to be going on so they could fix whatever it was they broke.