Re: [nsp] Re(2): Native VLAN?

From: Nash Darukhanawalla (ndarukha@cisco.com)
Date: Fri Feb 08 2002 - 12:32:45 EST

Next message: Steve Francis: "Re: [nsp] 6500 Native or Hybrid ( was [nsp] Cat 6500... what is really possible together...)"
Previous message: Stephen Sprunk: "Re: [nsp] Cat 6500... what is really possible together..."
In reply to: Angelo De Guzman: "[nsp] Re(2): Native VLAN?"
Next in thread: Rich Sena: "Re: [nsp] Re(2): Native VLAN?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

So forgetting that you have a switch connecting two vlans, imagine that you
have a hub to which two devices are connected. One has IP address
192.168.21.1 /24 and the second has IP 197.77.77.1 /24.
These two devices will not communicate without a layer 3 device which can
route between these two networks.

So you cannot achieve connectivity by simply putting devices in the same
vlan. You need to match L3 addresses as well.

From your sample config:
********************************************
Catalyst6509A
interface Vlan 21
ip address 192.168.21.1 255.255.255.0

Catalyst6509B
interface Vlan 21
ip address 197.77.77.1 255.255.255.0
**********************************************

Since you have vlan interfaces configured, you have a routing blade (MSFC)
installed. You can configure these MSFCs to router between vlans and
configure HSRP and remove 7206 routers from the network (if 7206 are only
being used as gateways.)

Sample config would be something line this:

Cat 6509A ( MSFC --- Which is a router)
-----------------------------------------------------------
interface vlan 21
ip address 192.168.21.1 255.255.255.0
standby 1 priority 110 preempt
standby 1 ip 192.168.21.3

Cat6509B (MSFC)
---------------------------
interface vlan 21
ip address 192.168.21.2 255.255.255.0
standby 1 priority 100 preempt
standby 1 ip 192.168.21.3

And configure the end stations for default gateway IP address 192.168.21.3

Since MSFC in cat6509A has a higher priority, it will be the active router
for vlan 21. If this router fails, MSFC in cat6509B will take over.

For more details on VLANs and how they are configured, refer to:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_6_3/confg_gd/vlans.htm

For details on HSRP:
http://www.cisco.com/warp/public/619/index.shtml

-- Nash

At 03:40 PM 2/8/2002 +0800, Angelo De Guzman wrote:
>Thanks for the reply! 8-)
>
> I have a follow up question regarding these native
>VLAN.I have a client who has two 6509 and the connection
>in between the two is through a trunk port. What keeps
>me wondering is that each VLAN 1 one on both switch has
>a different ip network.
>
>Set-up:
>
> Cisco_ 3640
> / \
> / \
> / \
> / \
> / \
> 7206_Old 7206_New
> | 192.168.21.2 |
> | |
> | |
> Catalyst6509A --(trunk)-------Catalyst6509B
>
>
>
>
>Sample Config:
>
>Catalyst6509A
>
>interface Vlan 21
> ip address 192.168.21.1 255.255.255.0
>
>Catalyst6509B
>
>interface Vlan 21
> ip address 197.77.77.1 255.255.255.0
>
> Why dont I get errors on these? Like conflict vlan
>id or something weird..(just guessing). I also notice
>that when I try to ping from Catalyst6509A the ip
>address 197.77.77.1 it goes around the network first.
>Meaning the next hop is from another router.
>(I assumed that it would be one hop away because
>of the trunk connection!!!)
> Now this is the tricky part, I wanted to implement
>HSRP. Since 192.168.21.2 is the default gateway it
>would be the virtual ip address for the HSRP. Is this
>possible? Especially with VLAN 21 of Catalyst 6509
>belongs to a different network. (i'm thinking of
>assigning 197.77.77.0 to a different vlan and re-assigning
>Vlan 21 0f Cat__B to 192.168.1.x). What is important for
>me to achieve right now, is for users in the Catalyst 6509A
>would be able to access the 3640 router even if 7206_Old is down.
>TIA,
>Angelo
>Nash Darukhanawalla (2/8/02 9:58 AM):
> >Angelo,
> >
> >A trunk port configured with 802.1Q tagging can receive both tagged and
> >untagged traffic. By default, the switch forwards untagged traffic with the
> >native VLAN configured for the port. The native VLAN is VLAN 1 by default
> >or is the vlan that the port was a member of before it was configured as a
> >trunk.
> >
> >If a packet has a VLAN ID the same as the outgoing port native VLAN ID, the
> >packet is transmitted untagged; otherwise, the switch transmits the packet
> >with a dot1q tag.
> >
> >"encapsulation isl 1 native" essentially configures VLAN 1 that is sending
> >and receiving untagged traffic on the trunk port.
> >
> >We do not care about the native vlan when encapsulation is isl because all
> >packets are tagged. But that's not the case with dot1q encap and so native
> >vlan should match at both the ends of the link.
> >
> >-- Nash
> >
> >
> >At 09:24 AM 2/8/2002 +0800, Angelo De Guzman wrote:
> >>Hi To All,
> >> I'm using 2948G-L3.
> >> interface port-channel 1.1
> >> encapsulation isl 1 native
> >> What does it mean when the native command is added? Please enlighten
> me on
> >>this matter!
> >>TIA,
> >>Angelo
> >

Next message: Steve Francis: "Re: [nsp] 6500 Native or Hybrid ( was [nsp] Cat 6500... what is really possible together...)"
Previous message: Stephen Sprunk: "Re: [nsp] Cat 6500... what is really possible together..."
In reply to: Angelo De Guzman: "[nsp] Re(2): Native VLAN?"
Next in thread: Rich Sena: "Re: [nsp] Re(2): Native VLAN?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:04 EDT