Vlan not communicating through router 1

[adventrskr]

People my problem is that I have an old network I am working on and it currently has two vlans on it, vlan 1 and 100, one has a 22. network and the other has a 10. network. I want to remove the 22. network and yet have the 10. network communicate through the current 22. network defualt gateway on the 2600 router i have.

I have about 7 servers with 22. network ips and subnets and 1 router on this local network that is running all ospf on the network, with only one area.

the outcome i would like is this:

-no 22. network
-the same 22. network defualt gateway
-all switches on the 100 vlan and with 10. network ips
-all switch traffic communicating through the router to the outside world.
-all user machine IPS need to be on the 10. network.
-one vlan for the whole local switching fabric, local meaning this one location.

heres some more info:

for some reason the switches have a defualt gateway ip of the one router interface with a 22. network on it, there are other networks pointing to this interface thus the reason i dont want to change it, if possible.

The vlan structure is jacked and if i try to go just to say vlan 1 across the switching fabric i lose the rest of the network. There is about 12 switches with more being added and just the one local router, and about 100 user.

the reason for the need to change IPs or to keep the ips but just use one vlan is that about 100 more users will be added in about a month.

Thank you for your time.

 

[Cotton9]

Do you have two ethernet port on the 2600 or is the 10. and 22. configures on the same LAN port?

What make/model switches are you using?

Both 10. and 22. subnets can be configured on a single 2600 ethernet/LAN port:
interface f0/0
ip address 10.1.1.1 255.255.255.0 secondary
ip address 22.2.2.2 255.255.255.0
no shutdown

This could be the final router setup if needed. If you are not using VLANs on the router let me know an I can send you an sample interface config.

Can you post the ethernet interf configs for the 10. and 22. networks. That will help explain. Picture worth 1000+ words.

-----------------------------------------
You could setup a third vlan for temp manipulation of you network then remove it when all is well. The third vlan would be on a independent/private subnet and be visable on all routers/switches you need to touch untill complete. I am assuming you can not physically all the switches/routers you must 'adjust' in this project.

When moving all IP subnets to the same vlan you must watch VLAN tagging and assure the router can see both subnets all the time. As you move to one subnet one of the VLANs will be down untill the configuration changes are competed. The third VLAN will help assure you are doing well and can continue to the end and all will be working agian. Do all your work through the third VLAN then test everything. Should work.

Hope this helps.

 

[adventrskr]

Cotton9 Thanks you were a big help, now a couple points:
1. is the secondary ip locally important or will it propagate globally?
2. I do have physical access to all switches they are local to this location.
3. I am using vlans but i have to have two vlans with one having the 10 network and the other having the 22 network. I didnt do the initial install so for some reason i will have all my vlan 1 working to a point then it fails even though that vlan is active and showing on all switches.
4. when i do a vlan show, the trunking vlans dont show as a registerd port, i mean that port dont show on the vlan, why?
5. I created the secondary IP on the INT 0/0 if i have servers and users in my network can i use that secondary ip for my defualt gateway?
6. We have a lot of traffic pointing to the 22. network as a gateway from the outside world? how will the secondary effect incoming traffic?

Thanks I appreciete your time.

 

[Cotton9]

1. is the secondary ip locally important or will it propagate globally?
This is globally available to all. Look the same to a PC or WEB server as the primary. The except is DHCP server will not see it. All DHCP requests will go to the primary IP subnet. There may be a trick to make this work I just don’t know it.

2. I do have physical access to all switches they are local to this location.
As a backup look at the ‘reload in hh:mm:sec’ command to save some heartburn and frantic runs.

3. I am using vlans but i have to have two vlans with one having the 10 network and the other having the 22 network. I didnt do the initial install so for some reason i will have all my vlan 1 working to a point then it fails even though that vlan is active and showing on all switches.
The actual IP subnet is independent of the vlan number so all IP subnets can be on the same vlan and not interfere with one another except for the larger broadcast domain.

4. when i do a vlan show, the trunking vlans dont show as a registerd port, i mean that port dont show on the vlan, why?
Once you move all to one vlan trucking will not be needed. I haven’t figured out just what and does not show on trunk port when all is active. It seems to change for us even though all is working. If you are working on a layer-2 switch only put IP address on the primary VLAN and leave the other VLANS in ‘shutdown’. It just works that way -- so I just learned.

5. I created the secondary IP on the INT 0/0 if i have servers and users in my network can i use that secondary ip for my defualt gateway?
Each subnet will have to have it’s own gateway else they will not communicate across/through the router. That is the only way I know that IP will work. If you change the subnet mask to include both subnets then you effectively only have one subnet and not two.

6. We have a lot of traffic pointing to the 22. network as a gateway from the outside world? how will the secondary effect incoming traffic?
It all looks the same. Inside/outside worlds look the same, as if it were on a independent interface or sub-interface. The exception is the DHCP thing.

As you convert to a single VLAN you will most likely lose communications with one subnet until all are converted. Start at the outside edges and work you want to the root. Allways keep you self connected on the primary subnet and vlan so you don’t lose contact with the switch you are working on.

Depending on your layout you may have to schedule maintenance downtime to ‘just do it’.

Here is a sampel of a VLAN setup on one of our 3725 router but a 2600 series should be the same.

!
interface FastEthernet0/0
no ip address
no ip mroute-cache
speed 100
full-duplex
no keepalive
no cdp enable
!
interface FastEthernet0/0.115
description Data Interface
encapsulation dot1Q 115
ip address 10.10.115.1 255.255.255.0
ip helper-address 10.10.230.28
no cdp enable
!
interface FastEthernet0/0.715
description Voice Interface
encapsulation dot1Q 715
ip address 10.82.115.1 255.255.255.128
ip helper-address 10.10.230.28
no cdp enable

Hope someone out there can explain the trunk question you raised. We just started using trunk and are not that up on it. We do use 'Transparent' mode over 'vtp server' mode because we can not afford to have a rogue user plug in a illegal switch and disrupt everything.


Remember to test it before you put into production (if you can). I am not an authority on this just a network admin/manager/setup/designer like you. (yes, we have a lot of hats).

Let us know how it goes.

 

[adventrskr]

Yeah man I hear ya, what I plan on doing is changing the ip on vlan 100 to the ip from vlan 1 (vlan one was basically a place holder for me till i figured this out) and then see how the vlan works with the servers and such, I will let you know if it works out ok and what was finally done, thanks for all your help.