Minggu, 06 Maret 2005

Switch to Router-on-a-Stick Communication

18.47    No comments

In January I described how I configured my Cisco 2651XM router to pass traffic between two VLANs on my Cisco 2950T-24 switch. I never assigned an IP for management purposes to the switch, since I always reached it via console cable. Today I decided to try upgrading the switch IOS, but that required applying a management IP to the switch.

My router had this configuration on the interface facing the switch:

interface FastEthernet0/1
 description Connection to gruden, Cisco switch
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.1
 encapsulation dot1Q 10
 ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/1.2
 encapsulation dot1Q 20
 ip address 172.27.20.1 255.255.255.0

I assumed that if I assigned a management IP to my switch with either a 10.10.10.0/24 or 172.27.20.0/24 address, the switch would be able to speak to the router. I assigned 10.10.10.100/24 to the switch. Because switches do not receive IPs on individual ports, I applied the IP to VLAN 1:

gruden(config)#int vlan1
gruden(config-if)#ip address 10.10.10.100 255.255.255.0
gruden(config-if)#no shutdown
gruden(config-if)#exit
gruden(config)#ip default-gateway 10.10.10.1
gruden(config-if)#end

Unfortunately, this did not work. I could not reach the router from the switch and vice-versa.

I decided to try assigned a new IP address directly to router interface fa0/1, and give the switch an IP in the same netblock:

gill(config)#int fa0/1
gill(config-if)#ip address 192.168.168.1 255.255.255.0
gill(config-if)#no shutdown 
gill(config-if)#end

Here's how I configured the switch:

gruden(config)#int vlan1
gruden(config-if)#ip address 192.168.168.2 255.255.255.0
gruden(config-if)#no shutdown
gruden(config-if)#exit
gruden(config)#ip default-gateway 192.168.168.1
gruden(config-if)#end

That did it. Now I can reach both devices. Apparently the switch can only communicate with the router when the address on the switch is outside of the VLANs in use. I believe Todd Lammle refers to this sort of setup as a management overlay network, where certain IPs are used solely for device management.

If anyone can comment on this design or suggest an alternative, I welcome feedback. I think the wrinkle in my setup involves the router having to pass traffic between VLANs 10 and 20.

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)