1. Home
  2. Cisco Systems
  3. Many 802.1q tagged vlans, 1 Cisco 2621 router

Many 802.1q tagged vlans, 1 Cisco 2621 router

I am having a difficult time understanding what I need. Here is the network (yes I have installed a nm-1e into the 2621 to get 3 lan interfaces)

tagged vlans ---- fa0/0 #Cisco router# fa0/1 ---- tagged vlans | eth1/0 (internet)

Cisco eth 1/0 has 10.1.0.2/24 (default gateway is 10.1.0.1)

cisco fasteth0/0 has 10.2.0.1/24, physically there are about 45 tagged VLANs coming over this interface, hosts using the 10.2.0.0 subnet

cisco fasteth0/1 has 10.5.0.1/24, physically there are about 45 tagged VLANs coming over this interface, hosts using the 10.5.0.0 subnet

Basically I need to be able to get all 90 tagged vlans to be able to talk on to internet

I think I need to use bridge-group for this, will this config do what i need or do I need to add eth1/0 to the bridge-group 1 as well? Or something completely different?

int fa0/0 bridge-group 1 interface fa0/1 bridge-group 1 exit bridge 1 protocol ieee

Reply to
justin.krejci
Loading thread data ...

Let me clarify a couple of points too. The switches are NOT cisco (no ISL) but do support 802.1q tagging. I basically want the FE ports on the router to allow any traffic no matter want tagged VLAN they are coming from and all hosts and VLANs talking to FE0/0 are coming from the same IP subnet, and likewise all hosts and VLANs talking to FE0/1 are coming from their own subnet.

Is this possible? I have IOS Version 12.2(31) w/feature set IP/Plus. I don't need to have one VLAN to be able to talk to another VLAN, at least not right now, I am more in need of getting the VLANs to be able to talk to the internet. Ideally I would like to use different more capable switches, but that is not a possibility right now.

Reply to
justin.krejci

will need to configure subinterfaces, one for each VLAN you need. On each sub interface will set encapuslation to dot1q

for example:

interface ethernet 0/0.100 encapuslation dot1q 100

Just repeat the aboce for each VLAN needed, the subinterface number can be any number but I chose the same as the VLAN ID. the number at the end of the encapsulation command must be the VLAN ID.

Make sure that 801.q1 tagging is set on the port of the switch that the router is connected, setup switch VLANs.

MC

Reply to
MC

Thank you for the reply. I had already tried that but it did not work. Hosts on the VLAN were not able to talk to the IP address on the physical interface. The work around I have done is add 1,000 lines of config to the router (good thing from scripting languages like perl) to setup all of the sub interfaces (1 for each VLAN) and the DHCP server pools (1 for each VLAN). So I am just using a class C address block for each VLAN but since they are all NAT'ed I can use up as many as I want.

So I have a whole of lines that are similar to this

ip dhcp pool vlan149 network 10.5.149.0 255.255.255.0 default-router 10.5.149.1 dns-server X.X.X.X Y.Y.Y.Y

interface FastEthernet0/1.149 encapsulation dot1Q 149 ip address 10.5.149.1 255.255.255.0 no cdp enable

With the large config and only 32K of NVRAM I also had to enable config compression so it would all fit in NVRAM. This is done via this config line

service compress-config

Reply to
justin.krejci

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.