aennis
(Snyper82)
1
I know that VLAN ROUTING is a layer3 thing, but unfortunately I have a layer2 p2p between cities. My network is currently flat, I’m changing that (I hope) but I’m stuck between two cities.
How, without changing the p2p link but with purchasing equipment, would I let each building know about the VLAN buddies in the other building?
hmm, an example?
VLAN 10, 20, and 30 are for desktops, servers, and others respectfully.
In each building I have servers, desktops, and others - between each building I have layer2, in each building I have layer3.
3 Spice ups
johndod
(Caur)
2
Stick an IP address on both ends (like a /30 or /29) and route over it. If the switches that this link is connected to are layer 3, you put an IP address on the port it is connected to on both sides.
EX: City 1 - 10.10.10.1 255.255.255.252 : City 2 - 10.10.10.2 255.255.255.252
City 1 add routes to City 2
City 2 add routes to City 1
1 Spice up
aennis
(Snyper82)
3
Instead of 3 VLANs, do 6 (3 in each building)? and then just add routes to each?
Robert5205
(Robert5205)
4
If you use your L2 connection between sites as a trunk, your vlans will exist in both sites. Vlans are an L2 construct, and will pass over the L2 without an issue.
If you want to change your L2 connection to an L3 connection, you can put a router (or L3 switch) at each end and create a two-device LAN.
It sounds to me like you don’t quite understand it. Layer 3 will routing always takes place over a layer 2 link. There is no such thing as a layer 3 link (except via layer 2). If you have the need to pass multiple VLANs over this layer 2 link that’s easily accomplished in multiple ways, even a Q-in-Q tunnel would do.
1 Spice up
mark6030
(mark9586)
6
I was thinking the same thing… If it really is a Layer 2 link then just make each end a trunk port.
Actually Q-in-Q allows multiple VLANs to be tunnelled over an access port.
mark6030
(mark9586)
8
Yes but switchport mode trunk is many fewer commands!
1 Spice up
Likely the carrier transports on a different VLAN for each customer (ours does) so it may not pass the 802.11q tags properly.
Don’t forget MPLS links, they can be layer 2.
aennis
(Snyper82)
11
Man I feel dumb.
OK, trunking it is, derp.
aennis
(Snyper82)
12
The equipment (ISPs stuff) throughout the link is all layer2 only… that is what makes it a layer 2 link (100+ miles)
I don’t know how large your environment is, but I’ll throw this out there just in case. If there are hundreds & hundreds of devices in either location, you may want to consider routing between sites so that you decrease the size of the broadcast domains. Again, just something to consider. I don’t know what bandwidth this circuit will be, but if you have devices on either end sending broadcast traffic across constantly it could become congested.
The other thing to consider is what I call “hair-pinning”. You’re probably only going to have a core router/switch on 1 side which means traffic at site B could “hair-pin” to A & back in order to communicate with another device in a different subnet. Not necessarily a problem, but something to consider. Hope that makes sense.
mark6030
(mark9586)
14
Way to miss the gag Steven :-p
f2015
(kiddycody)
15
Create appropriate vlans on the switches.
Add Vlan Subinterfaces on the router.
Add routing if required.
In Some routers like fortigate you can seggregate the ports and use it as a separate interface. so if you are creating some vlans like vlan 10 with ip subnet 10.10.10.0 you can directly connect between the vlan interface of the switch to the router interface with IP address like may be… 10.10.10.1 (as your default gateway)
