Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

VLAN Dunce requires a little help!

Dakers
Occasional Visitor

VLAN Dunce requires a little help!

Hi All,

Firstly I apologise in advance for my limited knowledge. I've only touched on networks in the past (other than plug it in and let it work!), so this is all fresh to me, along with all the other bits I'm trying to grapple with day-to-day ;-)

We've got two 3400cl's that we're going to be using to replace our link between two sites. With the setup we've got at the moment, we've got DHCP leakage to the other site, so we wanted to vlan off each site. We're also having a seperate VoIP network put in, that we needed to link across the two sites.

We asked the company doing our VoIP installation to configure the 3400cl's, as we don't have the level of knowledge in-house.

Even with my very very rudimentary knowledge, I'm not entirely convinced as to the config that they were going to use. I've attached both of the configs as one text file. I was more concerned when the vlan's weren't labelled the same both sides, something I've fixed now, but it just seemed like a basic mistake, and I'm now worried how valid everything else is.

I'm really after someone to step me through what the bits do, and sense-check it for me. I'm the kind of person that learns best by seeing working examples and figuring it out from there.

One thing that stood out was that the QOS priority seemed different on each switch?
Also, I'd love to understand what each port is going to be doing, so I know what to plug in where. I can't seem to get my head round the tagged/untagged/trunking thing that seems to be going on!

I'm sure that this is all very simple to you guys, but any simple steps you could give would enhance my knowledge many times over.

Thanks in advance
2 REPLIES
Matt Hobbs
Honored Contributor

Re: VLAN Dunce requires a little help!

Hi Dakers,

That configuration you attached does raise a few good questions.

1. Do you want layer-2 connectivity between these two sites? With the configuration attached, this is what you will be achieving. For VOIP I would probably recommend you do keep layer-2 connectivity between the sites, at least for the voice VLAN.

2. For the tagged/untagged/trunking confusion, basically where you connect your PC's and other end-nodes they will be untagged in only one VLAN. Switch to switch links will be tagged as they need to carry more than one VLAN - this inserts a 'tag' at the front of each packet so the other switch knows which VLAN it belonged to. For trunks, this is only necessary when you want to aggregate two or more ports together for higher bandwidth. From your configuration it seems that there was some confusion there (single port trunk configured) and that's not unexpected because tagging is what Cisco call trunking. There is no need for that trunk in your configuration, although technically it's not a problem either.

3. The 'ip helper-address' in VLAN1 and VLAN3 is not required since it is in the same layer-2 broadcast domain.

4. As you suspected, the QoS configuration is not consistent. You want your voice VLAN on priority 7 on both switches, for your other VLANs I would probably leave them at the default (no-override).

5. RIP is configured on VLAN1 on one switch and not the other. If you plan on using layer-2 for all VLANs between the 2 sites RIP is not required.

6. "Station Close" does not have any member ports for VLAN 3.

7. Going back to question 1, what do you want your default gateways to be for your clients? If using layer-2 you only need one of the switches with 'ip routing' enabled. If you want traffic between the sites to be routed (apart from the voice traffic which I would recommend stay flat as long as you have a gigabit link between the sites), then you will need to configure different IP subnet ranges and enabled RIP or OSPF between the two. If you do have a gigabit link, then chances are there is going to be enough bandwidth there to leave it completely layer-2 between the sites and only have one of them enabled as the router.

Matt
Dakers
Occasional Visitor

Re: VLAN Dunce requires a little help!

Thanks for the comprehensive reply Matt, it's much appreciated!

I think perhaps it might be easier to explain the context of what was originally requested of the configuration. So it might make sense of the configuration we've currently got.

The sites are only a few hundred metres apart. We want to ensure that no excessive broadcast traffic goes between the two sites.
The 155.250.164.0-155.250.165.254 network is the Albany Gate network, and 172.26.128.0 - 172.26.129.254 is the Station Close network.
The VOIP network will be physically separate at both sites, only converging at the switches to transit between sites.

Currently we have some 155.x.x.x addresses being assigned via the DHCP server at the Station Close site, which is something we want to prevent in future.

The default gateway for the 172 network is 172.26.128.2, which is another port on a 3400cl currently housed here in Albany Gate.
The default gateway for the 155 network is 155.250.164.3, which is a router connecting us to the rest of the corporate network. It forwards everything apart for requests for 155.250.164 & .165, 172.26.128 &.129, and 10.164.x.x (which is a private network we're deploying here) back to 155.250.164.2, which is the 3400cl in Albany Gate, currently connecting the two sites.

Does that make things a little clearer, or just muddy the waters further?