1. Home
  2. Cisco Systems
  3. 871W: Routing between VLANs

871W: Routing between VLANs

I have an 871W.

I have a switch supporting:

VLAN 10 - general machines (10.0.*.*) VLAN 20 - special machines (10.1.*.*)

This is connected to an 871W router via a trunk line.

The router has:

-FastEthernet 0 defined as trunk line to the switch.

-Vlan 10 defined as bridge-group 10, no ip address

-BVI 10 defined with 10.0.0.2 (router's ip address)

-Dialer-1 defined to link to the ISP via PPPoE

-FastEthernet4 defined as the PPPoE output to a modem.

-DotRadio interfaces defined as bridge-group 10 and vlan 10.

and I have a : bridge irb bridge 10 protocol ieee bridge 10 route ip

So far, the router works fine to connect the wi-fi to the lan, and both to the internet, all within the confines of Vlan-10.

I would like the router to be given a new 10.1.0.2 interface and be able to route packets between the 10.0 subnet (VLAN 10) and 10.1 subnet (vlan

20) with each vlan served by the same trunk line.

goal: allow a machine in vlan 10 to talk to a machine on vlan 20 (I used to use switchport multi on the switch to allow specific machines such access, and all machines were in same subnet).

Aka: packets from 10.0.0.20 travel as vlan 10 from the switch , via the trunk line to the router, then get routed to 10.1.0.5, encapsulated as VLAN 20 traveling back through the trunk line to the destination on the switch.

How do I do that ?

-what interface gets the 10.1.0.2 IP ? a new BVI one ? the vlan 20 ?

-how do I link this interface so that packets get routed at IP level ?

Or is the only way to use a separate ethernet interface, give that the ip address ? And in such a case, is the routing automatic or must I tie the interface to the bridge group, or must I add specific "IP route" commands ?

I note that the "Dialer 1" interface has no explicit attachement to the bridge group or VLAN. I assume that the router automatically makes all dialer interfaces available for routing.

I've seen examples where non-trunk ethernet interfaces were each given IPs in different subnets, but have not seen instances of trunk lines supporting different subnets in different vlans.

Reply to
JF Mezei
Loading thread data ...

JF Mezei schrieb:

If you have the VLAN 20 interface up with an ip address of 10.1.0.2 your router *will* route between any local VLANs. If you cannot get the VLAN20 interface up you may need to add it to the VLAN database. Depends on IOS version. If you wan't to route/NAT/PAT from VLAN20 to internet through the Dialer interface you may want to add the VLAN20 subnet to the access list defining the NAT rule.

Reply to
Uli Link

Well, it appears I may have gotten a show stopper here.

router2#show vtp status VTP Version : 2 Configuration Revision : 0 Maximum VLANs supported locally : 6 Number of existing VLANs : 6 VTP Operating Mode : Transparent VTP Domain Name : vaxination.ca VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x4A 0x89 0x26 0xBE 0x1F 0x1E 0x3C 0x08 Configuration last modified by 10.1.0.2 at 11-29-09 12:43:02

Because there are 5 default VLANS (1 and 1002-1005) which one cannot remove or disable, this seems to imply that the 871 router has a limit of 1 VLAN.

And this is why, after a whole night of trial and error, I could never get my trunk line to carry the second VLAN, and it took me a whoile to realise that VTP MODE CLIENT would revert to TRANSPARENT because the "network" carries more vlans than this baby router can accept.

Cisco is rather stupid to have such a small limit on a router with trunking capabilities.

I guess the only use of the trunk line between the router and switch would be to send remove management commands from the switch to the router since it can't carry traffic for VLANS that the router refuse to accept because of its stupid small limit of 1 customer defined vlan.

Is there a way to disable/remove those default VLANs ?

Reply to
JF Mezei

No, but you can use 12.4(11)XJ4 or upgrade to the Advanced IP IOS. The 1 VLAN limit was once documented for Advsecurity on the 870 platform. I have 3 VLANs working on a 876. Don't expect decent inter VLAN routing speed. But it works.

Reply to
Uli Link

Set the VTP Mode to server (or client if another switch is used to create the vlans). Transparent mode passes VTP information through the device without applying it to the device.

Curtis

JF Mezei wrote:

Reply to
Curtis Starnes

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.