L3 switching/Intervlan switching question

[enzo288]

I have a client with two SBS servers on 2 different subnets (10.0.0.0 & 192.168.0.0) each w/ their own seperate Internet connection. I have decided to implement a L3 3560 SMI and a L2 2950 w/ a VLAN for each subnet. I have never done this before and I cannot find any good documentation on how to setup the static routing on the 3560 to route between the two subnets. There is also the question of the two Internet connections and only having the one switch that I can put a default route on. Due to this I am forced to use a DG of the internal int. of the firewall instead of the VLAN int. for the 10.0.0.0 subnet. Please help. Thanks in advance.

CCNA, CCDA, CCNP, CCDP, almost CCIE

 

[enzo288]

Anybody???????????

CCNA, CCDA, CCNP, CCDP, almost CCIE

 

[KiscoKid]

if you create layer 3 SVI's on the 3560 for each subnet you are interested in, you don't need static routes as the SVI's will be providing a connected route instead in your routing table.

The 2 Internet gateways makes things interesting. Are the 2 sets of users allowed to use each others gateways? If so, just a pair of equal cost default routes to each gateway will suffice.

If you don't want them to share the Internet gateway, you have a couple of options. Policy based routing or perhaps setting 2 VRFs on the switch and keep the routing seperate from each other.

 

[enzo288]

Would this then work with two default routes on the L3 switch and client machines obviously using their respective VLAN int as their DG. Also, this client does not have fiber so could I configure EtherChannel on a trunked port, I have never needed to do this but I am thinking that you can't configure this on a trunk port.

Current configuration : 5714 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname HBK_3560
!
enable password hawkeyes
!
no aaa new-model
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
description Secure Pipe
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/25
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/26
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/27
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/28
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/29
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/30
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/31
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/32
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/33
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/34
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/35
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/36
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/37
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/38
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/39
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/40
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/41
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/42
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/43
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/44
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/45
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/46
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/47
switchport access vlan2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/48
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 10.0.0.1 255.255.255.0
!
interface vlan3
ip address 10.0.1.1 255.255.255.0
!
interface Vlan4
ip address 192.168.0.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.3
ip route 0.0.0.0 0.0.0.0 192.168.0.3
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password hawkeyes
login
line vty 5 15
no login
!
!
end

HBK_3560#


Current configuration : 5714 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname HBK_2950
!
enable password hawkeyes
!
no aaa new-model
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
description Secure Pipe
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/25
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/26
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/27
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/28
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/29
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/30
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/31
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/32
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/33
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/34
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/35
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/36
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/37
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/38
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/39
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/40
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/41
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/42
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/43
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/44
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/45
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/46
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/47
switchport access vlan2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/48
switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
no ip address
!
interface Vlan3
ip address 10.0.1.2 255.255.255.0
!
ip classless
ip default-gateway 10.0.1.1
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
password hawkeyes
login
line vty 5 15
no login
!
!
end

Current configuration : 5714 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname HBK_3560
!
enable password hawkeyes
!
no aaa new-model
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
description Secure Pipe
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/25
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/26
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/27
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/28
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/29
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/30
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/31
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/32
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/33
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/34
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/35
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/36
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/37
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/38
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/39
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/40
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/41
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/42
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/43
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/44
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/45
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/46
switchport access vlan 2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/47
switchport access vlan2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/48
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
no ip address
!
interface Vlan2
ip address 10.0.0.1 255.255.255.0
!
interface vlan3
ip address 10.0.1.1 255.255.255.0
!
interface Vlan4
ip address 192.168.0.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.3
ip route 0.0.0.0 0.0.0.0 192.168.0.3
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password hawkeyes
login
line vty 5 15
no login
!
!
end



CCNA, CCDA, CCNP, CCDP, almost CCIE

 

[enzo288]

To get this to work, I needed to take off the existing default route on the 3560. I then needed to change the default gateway for each subnet to the IP address of the inside interface of each companies firewall. Normally the DG would be 10.0.0.1 and 192.168.0.1 which are the IPs of the VLAN interfaces, which would work with a single Internet connection. However I needed to change the DG for Internet access and then use a login script on each SBS server with a route add command i.e. route add -p 10.0.0.0 MASK 255.255.255.0 192.168.0.1. It was this route add that I overlooked and this is what tied everything together.

CCNA, CCDA, CCNP, CCDP, almost CCIE