[c-nsp] L3 vs. L2 trunk connections to a 6509 core. Easyrouter-head question.

Mon Apr 14 15:03:09 EDT 2008

Core router sh run and sho ip route:

6509_core_router#sho confi
Using 3720 out of 522200 bytes
!
version 12.1
!

.... some items removed ......

hostname 6509_core_router
!
boot system bootflash:c6msfc2-pk2sv-mz.121-27b.E3.bin
boot bootldr bootflash:c6msfc2-boot-mz.121-27b.E3.bin

ip subnet-zero
no ip source-route
no ip gratuitous-arps
!
!
no ip domain-lookup
!
interface Vlan1
 description DATA
 ip address 172.16.0.1 255.255.240.0
!
interface Vlan8
 description GA Floor 8
 ip address 10.16.8.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
!
interface Vlan9
 description GA Floor 9
 ip address 10.16.9.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
!
interface Vlan10
 description GA Floor 10
 ip address 10.16.10.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
!
interface Vlan11
 description GA Floor 11
 ip address 10.16.11.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
 shutdown
!
interface Vlan12
 description GA Floor 12
 ip address 10.16.12.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
!
interface Vlan14
 description GA Floor 14
 ip address 10.16.14.1 255.255.255.0
 ip helper-address 172.16.3.41
 ip helper-address 172.16.3.48
!
interface Vlan100
 description VoIP Network
 ip address 10.1.10.1 255.255.255.0
 ip helper-address 172.16.3.41
!
interface Vlan200
 no ip address
!
interface Vlan480
 ip address 172.16.80.2 255.255.255.224
!
router eigrp 100
 network 10.0.0.0
 network 172.16.0.0
 no auto-summary
 no eigrp log-neighbor-changes
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.80.1
ip route 172.16.16.0 255.255.240.0 172.16.0.3
ip route 192.168.68.0 255.255.255.0 10.1.10.14
no ip http server
!
!
end

6509_core_router#sho ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is 172.16.80.1 to network 0.0.0.0

     172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
S       172.16.16.0/20 [1/0] via 172.16.0.3
C       172.16.0.0/20 is directly connected, Vlan1
C       172.16.80.0/27 is directly connected, Vlan480
     10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
C       10.1.10.0/24 is directly connected, Vlan100
C       10.16.10.0/24 is directly connected, Vlan10
C       10.16.8.0/24 is directly connected, Vlan8
C       10.16.9.0/24 is directly connected, Vlan9
C       10.16.14.0/24 is directly connected, Vlan14
C       10.16.12.0/24 is directly connected, Vlan12
D       10.3.252.0/30 [90/2170112] via 172.16.0.3, 2d05h, Vlan1
S    192.168.68.0/24 [1/0] via 10.1.10.14
S*   0.0.0.0/0 [1/0] via 172.16.80.1

-----Original Message-----
From: Mike Louis [mailto:MLouis at nwnit.com] 
Sent: Monday, April 14, 2008 1:17 PM
To: Grant Moerschel; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
Easyrouter-head question.

Can you post your relevant configs from both sides 6500 and 3560?

-----Original Message-----
From: Grant Moerschel [mailto:gm at wavegard.com]
Sent: Monday, April 14, 2008 1:15 PM
To: Mike Louis; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
Easyrouter-head question.

The only SVI configured on the 3560 is the VLAN1 interface. Is this
incorrect?  My assumption was that the V1 SVI, a default route for V1,
and "no ip routing" was all that was needed but when I did that I
couldn't talk with the other VLANs on the switch.  I may have overlooked
something.

Given my description of the 3560 (routing on, one SVI for VLAN1, one
trunk to the core), do you think that the local V8 traffic on the 3560
is being routed via VLAN1 in contrast to being tagged and forwarded as
VLAN8 via the trunk to the core?

-----Original Message-----
From: Mike Louis [mailto:MLouis at nwnit.com]
Sent: Monday, April 14, 2008 12:11 PM
To: Grant Moerschel; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] L3 vs. L2 trunk connections to a 6509 core.
Easyrouter-head question.

If you are going to use the 3560 as a L2 switch you can disable ip
routing. You will need to define a management interface and
default-gateway for the management vlan on the switch only. All VLANs
including management will be L2 only. Do not configure VLAN SVI if you
only want to use the 3560 as a layer 3 switch. Did you configure EIGRP
on the 3560 as well? If so that may be why you are getting routing
information via VLAN 3 to the 6509.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Grant Moerschel
Sent: Monday, April 14, 2008 11:45 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] L3 vs. L2 trunk connections to a 6509 core. Easy
router-head question.

I am trying to determine what is normal here.  This is the situation. I
have a 6509 Sup1a/MSFC2 running the latest CatOS/IOS for that hardware.
I run EIGRP. I have several VLANs on the core and use VTP.  When I trunk
a 2950 L2 switch to the core I specify VTP on the 2950. No problem. All
VLANs show up on the 2950.  For our eighth floor, for example, I trunk
V1, V8, and V100 and clear all other VLANs from the trunk. V100 is for
Voice and V8 is for most PCs for Data.  My assumption is that if an
access port is "switchport access vlan 8" and the PC is plugged in to
that port, he's on V8. To get off that broadcast network to some other
destination, he hits the gateway which is the L3 interface on the core
6509 MSFC2.  I get all this.

Here's the question.  If my access switch is a 3560 which is a Layer 3
switch, it seems that I have to have it participate in EIGRP to make it
work.  But this does not make sense because for this application I still
have a single trunk to the core from the 3560. If I trunk V1, V10, and
V100 from the 3560 to the 6509, doesn't communication just go down the
trunk to the 6509 L3 gateway?  For example, if my PC is on a 3560 V10
port and needs to hit something on V8, shouldn't the 3560 forward the
frame down the trunk to the 6509 which'll route onto V8, up V8's trunk
to that access switch and forward it out to the destination?   If I look
at my routes on the 3560, they all say "to get to V10 you must go
through the 6509 V1 layer 3 interface" (I hope that makes sense).

Should I turn off "ip routing" on the 3560 in order to mimic the setup
of the 2950 <----> 6509 trunk link?  What am I missing?

Thanks

~~~~
Grant P. Moerschel
WaveGard, Inc.
gm -at- wavegard -dot- com
~~~~

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Note: This message and any attachments is intended solely for the use of
the individual or entity to which it is addressed and may contain
information that is non-public, proprietary, legally privileged,
confidential, and/or exempt from disclosure.  If you are not the
intended recipient, you are hereby notified that any use, dissemination,
distribution, or copying of this communication is strictly prohibited.
If you have received this communication in error, please notify the
original sender immediately by telephone or return email and destroy or
delete this message along with any attachments immediately.