Options
Routing between Vlans on layer 2 switch and Cisco router
Hi I'm quite new to networking and need some help with a home configuration...
I have an 8 port TP-Link SG3210 layer 2 802.1Q tag capable switch and a Huawei NE40E router.
I set up 3 Vlans on the switch and assign ports to each.
I want to make computers on each Vlan 'see' each other.
Can I set up a single port on the switch as a trunk port out to the Cisco 1901, and use the Cisco to route between the Vlans?
Or do I have to have output ports on the switch, which are assigned to each of the 3 Vlans, connected to the router before the router can route between the Vlans?
I have an 8 port TP-Link SG3210 layer 2 802.1Q tag capable switch and a Huawei NE40E router.
I set up 3 Vlans on the switch and assign ports to each.
I want to make computers on each Vlan 'see' each other.
Can I set up a single port on the switch as a trunk port out to the Cisco 1901, and use the Cisco to route between the Vlans?
Or do I have to have output ports on the switch, which are assigned to each of the 3 Vlans, connected to the router before the router can route between the Vlans?
Comments
-
Options
OfWolfAndMan
Member Posts: 923 ■■■■□□□□□□
It would work. You would configure subinterfaces on the router for each vlan you are running. You would specify the subinterface, then the subnet, and the vlan number. Here's the configs for the 1801-
Let's assume you have your switch attached to Fa0/0 on your router:
(Make sure you have your vlans enabled on the switch before configuring)
#interface f0/0.1
#encapsulation dot1q [vlan #]
#ip address [ip address] [subnet mask]
#interface f0/0.2
#encapsulation dot1q [vlan #]
#ip address [ip address] [subnet mask]
#interface f0/0.3
#encapsulation dot1q [vlan #]
#ip address [ip address] [subnet mask]
#wr
For security purposes on the switch side, I would recommend allowing only vlans being used as well. The order for these doesn't matter, as long as you specify proper subnets for each vlan. So for example, you could do 192.168.2.0 255.255.255.0 subnet for vlan 20, so you'd input #ip address 192.168.2.1 255.255.255.0 for the IP. Your computers connected to that vlan will be leased (Assuming you have dhcp enabled and a scope set on the switch) an ip address in that range.:study:Reading: Lab Books, Ansible Documentation, Python Cookbook 2018 Goals: More Ansible/Python work for Automation, IPSpace Automation Course [X], Build Jenkins Framework for Network Automation [] -
Options
arrogantbastard
Member Posts: 61 ■■□□□□□□□□
You could do it either way, although the more efficient way in terms of reduced cabling is the single one obviously. You can setup a trunk port on your switch (So the frames are tagged with their corresponding vlans) and then setup subinterfaces on the router with 802.1q encapsulation enabled and an appropriate ip for the vlan network. That's router on a stick. Or you cansetup an access port for each vlan and plug it into a router port configured regularly with an ip appropriate for the vlan it is connected to.
Edit: beat to it -
Options
Deathmage
Banned Posts: 2,496
Hi I'm quite new to networking and need some help with a home configuration...
I have an 8 port TP-Link SG3210 layer 2 802.1Q tag capable switch and a Huawei NE40E router.
I set up 3 Vlans on the switch and assign ports to each.
I want to make computers on each Vlan 'see' each other.
Can I set up a single port on the switch as a trunk port out to the Cisco 1801, and use the Cisco to route between the Vlans?
Or do I have to have output ports on the switch, which are assigned to each of the 3 Vlans, connected to the router before the router can route between the Vlans?
I used the exact same switch at home to connect my router to my HP Procurve via fiber and then to my cisco lab on a different vlan since vlaning with Procurves are so simple it's nutso. The CLi commands for the TP-link are quite different from Cisco commands but if you find the user manual for the switch you can figure it out in like 45 minutes or so. I like the TP-link switches because there really good for security, some-what better than HP-Procurve's IMHO.