Layer 3 Routing on a 3550..

Hi Everyone,

I've got a nice router in a rack (2801) that I want to replace with a Layer 3 switch (3550). This way I can bring the router home and play with it in my labs. For now, it's twiddling thumbs as all it's doing is routing between the two FastEthernet ports...

interface FastEthernet0/0 (isp ip)
ip address 209.x.x.146 255.255.255.252
!
interface FastEthernet0/1 (my two class c's)
ip address 74.x.x.1 255.255.254.0
!
ip route 0.0.0.0 0.0.0.0 209.x.x.145

That's it. No other interfaces: Peak traffic: 3-6mb/s

Do you forsee any problems by replacing this with a 3550? I've just started the CCNP SWITCH studies so I'm trying to learn... I've actually come up with a config for the 3550 so I can't wait to try it.

Correct me if I'm wrong... The command "ip routing" would only effect Layer 3 routing - that is, between an SVI and let say, a port that I've setup with "no swithport" and assigned an IP, correct? I hope that made sense...

Thank you everyone!

I'm having fun with this stuff...

Your friend,
Paul

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

ColbyG

Is the 2801 NATing or doing any VPN stuff?

stuh84

You need "ip routing" enabled to use any form of routing at all, even between ones designated as Layer 3 ports. That's my understanding anyway.

By the looks of it though, that would work fine, given you aren't doing anything taxing between the two. As Colby said, if you are doing anything else then maybe not, but if you are only doing a tiny bit of routing...

I'll let other people confirm, but I can't see an issue with that.

networker050184

If you just started studying for the SWITCH why not use the 3550 for study instead? Seems like you don't have a good grasp with them anyway.

ptlinva

No NAT'ing, no VPN'ing.

In fact, I only put it there to have one in the rack so I could play with it. However, I now want to bring it home and put in my home lab. <big cheesy grin>

BTW, I won the 3550 48-port on Ebay today for $125 at T886 CISCO CATALYST 3550 WS-C3550-48-SMI SWITCH - eBay (item 200504856085 end time Aug-10-10 14:36:40 PDT)

Thank you for responding to my question!
Your friend,
-paul

ptlinva

Good Question stuh84!

I actually have (1) 3550 now.. but you are right in that I could really use a 2nd one for my studies. I'm checking to see if the person that I won one from today on Ebay has a 2nd one.

To answer your question, I'm also studying - at the same time - for my CCNA Voice and the 2801 seems to be a much better fit for this track that some of the other routers I'm using.

Therefore, put up a 3550 and bring home a 2801... YEAH BUDDY! <big grin>

Thanks for asking a good question...
-paul

pitviper

I'd be pissed if you worked for me and replaced a nice shiny 2800 with an old 3550... I'm just sayin'

ptlinva

Thanks again stuh84 for the insight...

Okay, here's what I plan on doing... Probably not best practice to have private and public IPs on the same switch, but let me know what you think..

Port 1 - assigned "no switchport" and assigned IP from ISP
All traffic "ip routing" through this port.

Port 2-12 - Firewall and other machines with "live" IPs from my 2 Class C's
VLAN 100

Port 13-36 - Machines with Private IPs
VLAN 200

Rest of the ports - management/future use - VLAN 300

QUESTION: If I don't assign an IP to vlan 200 (with the private IPs) and have all servers use the firewall's private IP as the default gateway, what impact will the "ip routing" command have on my private network? I'm hoping none...

Thanks and let me know what you think about having public/private IPs on the same switch.. does this create a security vunerability?

Thanks again stuh84!

ptlinva

PitViper -Too Funny!!! LOL

Yeah, it's all my equipment. I have a rack of servers in a data center in Northern, VA doing some webhosting/colocation stuff.

However, having a 2801 in my home lab is a bit more important to me than have something shiny in my cabinet up north.

still laughing... thanks, i needed that!

DevilWAH

ptlinva wrote: »

Thanks again stuh84 for the insight...

Okay, here's what I plan on doing... Probably not best practice to have private and public IPs on the same switch, but let me know what you think..

whats wrong with that? as long as you manage the vlans correctly then it secure.

ptlinva

Excellent DevilWAH! That's what I wanted to hear!

Thanks to EVERYONE! The people on here are the GREATEST!