Router On A Stick

I am trying to configure subinterfaces on a 2620XM but when I try to assign an IP address to each subint I get the message:

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

I have dot1q configured on the trunk coming from the switch the router is connected to:

interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk

I am using CBT Nugs and Jeremy did not run into this or go over it.

Any ideas?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

rwwest7

boostinbadger wrote: »

I am trying to configure subinterfaces on a 2620XM but when I try to assign an IP address to each subint I get the message:

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

I have dot1q configured on the trunk coming from the switch the router is connected to:

interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk

I am using CBT Nugs and Jeremy did not run into this or go over it.

Any ideas?

You can't assign an IP address to a trunked interface, only to the subinterface. Should be something like this:

conf t
interface fa 0/4.10
encapsulation dot1q 10
ip address x.x.x.x

thenjduke

interface fastethernet 0/0.100
encapsulation dot1q 100
ip address 192.168.100.1 255.255.255

Got to put that encapsulation dot1q and vlan

alan2308

To expand a little further, you need a subinterface for each VLAN on the router. The subinterface number can be anything you like, but using the VLAN number seems to be the most popular. You also need to specify the native vlan.

So if you have VLAN's 1, 100 and 200 and assuming VLAN 1 is still the native vlan:

interface fastethernet 0/0
no shutdown
interface fastethernet 0/0.1
encapsulation dot1q 1 native
ip address 192.168.1.1 255.255.255.0
interface fastethernet 0/0.100
encapsulation dot1q 100
ip address 192.168.100.1 255.255.255.0
interface fastethernet 0/0.200
encapsulation dot1q 200
ip address 192.168.200.1 255.255.255.0

boostinbadger

I don't have the IP address set to the trunk on the switch. I do have it set on the router's FA 0/0.

Attached is the toplogy.

CBTtopo.JPG

boostinbadger

Thanks Allen2308. Thats it! Instead of assigning the IP address of 192.168.1.2 for vlan 1 to fa 0/0 and be the native, I had to set it to fa 0/0.1 (which is weird bc 0.1 and 0.10 are the same unless you are in Ciscoland).

Here is what it needed to look like:

interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 192.168.1.2 255.255.255.0
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0

Aldur

as others have mentioned here, you need to put 802.1q encapsulation on the sub interface of fa0/0 interface on the router before you can put an IP addy on the sub interface.

chmorin

boostinbadger wrote: »

Thanks Allen2308. Thats it! Instead of assigning the IP address of 192.168.1.2 for vlan 1 to fa 0/0 and be the native, I had to set it to fa 0/0.1 (which is weird bc 0.1 and 0.10 are the same unless you are in Ciscoland).

Here is what it needed to look like:

interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
ip address 192.168.1.2 255.255.255.0
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0

It actually does not have to be fa0/0.1 you just need to have a subinterface for your native vlan, and one for all other vlans for inter-vlan routing to work properly.

boostinbadger

chmorin wrote: »

It actually does not have to be fa0/0.1 you just need to have a subinterface for your native vlan, and one for all other vlans for inter-vlan routing to work properly.

I know, just wanted it match up nice.

boostinbadger

boostinbadger wrote: »

I am using CBT Nugs and Jeremy did not run into this or go over it.

Jeremy did go over it. My apologies to him and CBT Nugs

Selfmade

My friend, you have to enable the encapsulation before you add an ip address to the subinterface.

This isn't in the topology, but for the sake of conversation, let's say you had a VLAN 75 that was called Management, and you intend for the Management VLAN to be your native VLAN.

You would add these commands in there

interface FastEthernet0/0.75
encapsulation dot1Q 75 native
ip address 192.168.75.1 255.255.255.0

Notice the bolded item there, native?

that indicates that it is the native vlan.

Don't forget that buddy, also as a best practice, for security reasons Cisco recommends that you change the vlan from it's default of 1 to anything else.

Hope that helps

ZZOmega

I learned a lot from this problem here, good advice everyone! Also, I'm new here, so I decided to flaunt my newbie-ness and ask you all this question:

In the topology shown above, by assuming/implementing any of the correct configurations posted here, wouldn't communication between S1 and R1 be limited to only outside traffic coming from R1 and stopping at S1? In other words, F0/1 of S1 is not a trunking port(as shown in boostinbadger's diagram), therefore it cannot communicate VLAN information. Finally, wouldn't configuring R2 instead of R1 as the "stick" router increase traffic, creating bandwidth issues on the links between S1 and R2? Any interVLAN communication has to travel those segments, and configuring it on the side rather than having it centralized seems pretty inefficient to me.

Would there be no communication at all, or just native VLAN members who are able to access the cloud?

Note: I've been studying for the CCNA (640-802, not the ICNDs) for about a week now, go easy on me! :P

alan2308

ZZOmega wrote: »

In the topology shown above, by assuming/implementing any of the correct configurations posted here, wouldn't communication between S1 and R1 be limited to only outside traffic coming from R1 and stopping at S1? In other words, F0/1 of S1 is not a trunking port(as shown in boostinbadger's diagram), therefore it cannot communicate VLAN information. Finally, wouldn't configuring R2 instead of R1 as the "stick" router increase traffic, creating bandwidth issues on the links between S1 and R2? Any interVLAN communication has to travel those segments, and configuring it on the side rather than having it centralized seems pretty inefficient to me.

First, I don't think we ever established which router the OP was intending to do the ROAS duties, but if it were to be R1, then the link between R1 and S1 would need to be a trunk, and the link between S3 and R2 wouldn't.

Which ever router is serving as the ROAS will see a huge increase in traffic on the link between it and the switch (ie, all traffic leaving its VLAN). But I don't think the increase in traffic would be different for R1 as the ROAS than it would be for R2 as the ROAS.

Though I will admit that I wasn't ever concerned with the exact topology, I was just interpreting the error message and giving a generalized description of how to proceed. The problem was clearly on the router.

Would there be no communication at all, or just native VLAN members who are able to access the cloud?

If the switch port is configured as an access port and the router port is configured as a trunk port, then no communication would happen at all.

But above all, welcome to the forum. We'll go easy until you demonstrate enough knowledge that we shouldn't.