Search this Blog

Thursday, October 7, 2010

IP phones for remote site 6500 to 3750 over 10mpbs EES10-what is the best way to configure the remote site to allow vlans?

We have a Cisco 6500 at our main site that is running CatOS and has a MSFC2 L3 module. The 6500 is the VTP server for all local 3750 switches which are vtp clients. On the local 3750 switches the iphones use vlan 20 and data is vlan 10. This all works fine for our main campus where all switches are connected back to the 6500 via 1gbps fiber.

We are now adding a remote site which will be connected via a 10mbps fiber circuit (provided by a telco). We only have a 3750 at the new site, the current configuration (implemented last week) is the L3 routing is carried out on the 6500, i.e the WAN link is currently part of the remote sites subnet and broadcast domain - which is less than ideal!

What is the recommended way to properly configure both switches to enable us to vlan the data and voice for remote sites. At present the new site has both voice and data on the same vlan (40) the gateway address for this vlan is the interface on the 6500 (which is conneted to the NTE of the telco), the interface on the 6500 is also in vlan 40 making this port part of the remote sites broadcast domain.

So what is the best way to configure the remote site to allow vlans, or should we not really be doing this configuration.

You can't have a L3 routed port with CatOS. So you do this instead -

1) choose a subnet for the point to point link between the sites eg. 192.168.5.0 255.255.255.252
2) on the 6500 create a new vlan purely for this link ie. the only port in this vlan on the 6500 is the one that connects to the 3750
3) on the 6500 create a L3 SVI for that vlan-SVI = Switched Virtual Interface ie.

int vlan
ip address x.x.x.x

So when i say create a vlan in point 2) i mean create a vlan in the vlan database ie. a vlan at L2. You then need to configure a L3 interface for that vlan ie. an SVI.

No it doesn't matter that the 3750 is not getting vlan info with VTP because the vlan info on the 6500 is irrelevant to the 3750. As you correctly say the 3750 would now be acting as a L3 device so the vlans in the branch site would be created on the 3750 and routed on the 3750. The only common vlan to both sites would be vlan 20 from my example.

And yes again you are correct when you say the clients in the local vlans on the 3750 will have their default-gateways set to their respective L3 vlan interface IP addresses on the 3750.

As for the native vlan mismatch easiest thing to do is configure the 3750 as the 2nd option i suggested. Just to be clear though the link between the 6500 and the 3750 should not be a trunk link, it should be an access link with both ports at either end allocated to vlan 20. So on 3750 -

1) create vlan 20
2) create an SVI for vlan 20
3) allocate the port on the 3750 to be in vlan 20.
Again, the only port on the 3750 in vlan 20 should be the port connecting to the 6500. And don't forget to enable ip routing on the 3750 ie.
3750(config)# ip routing
4) allocate the port on the 6500 that connects to the 3750 into that vlan
5) on the 3750 you can either do the same as above or just create a L3 routed port so - (apologies if CatOS command not entirely accurate, i'm a little rusty on CatOS now !)
on the switch -
6500# set vlan 20
6500# set vlan 20 2/1 <---- where port 2/1 is the one connected to the 3750
on the MSFC –
int vlan 20
ip address 192.168.5.1 255.255.255.252
no shut
then on the 3750 -
int gi0/1
no switchport
ip address 192.168.5.2 255.255.255.252
or as i say create a vlan 20 + L3 SVI and allocate port into vlan 20, either will work.Then as you only have IP Base on 3750 you will need statics. As you say a default-route on the 3750 pointing to 192.168.5.1 would work fine. On the 6500 you would need to have a route for each subnet so i suggest you allocate a block to the new site that can be summarised with one route statement.As for VTP, well -

1) it won't be a trunk and you don't need a trunk
2) you will have different vlans at the other site anyway.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

No comments :

Post a Comment

 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */