I want all three of these networks on the same interface, to share the same interface.
Is this Possible to do?
They all will be sharing the e0/0 interface.
The 10.x Network will be Eth0/0.1
172.16 network will be 0/0.2 and 192.168.1.x will be 0/0.3
Do I have to leave the E0 interface unnumbered or what?
Setting up the VLAN on the switch is the easy part, but I will be implementing ACL's on the router to prevent certain VLAN communication, but would I apply that ACL to the interface as a whole, or would I apply it to the sub interfaces?
Yes, unnumbered. And yes, if you want to put ACLs on that are not affecting all three networks, you will need to put them on the subinterfaces. You will also need to trunk this interface to a switch to be able to have actual access ports, although i'm sure you were already up to speed there.
interface ethernet0/0.1 encapsulation dot1q 10 ip address 10.0.0.1 255.0.0.0
interface ethernet0/0.2 encapsulation dot1q 172 ip address 172.16.0.1 255.255.0.0
interface ethernet0/0.3 encapsulation dot1q 192 ip address 192.168.1.0 255.255.255.0
If you plug ethernet0/0 into a switch port that has trunking enabled then untagged traffic from the switch in the native VLAN (if any) will be received by the router on ethernet0/0. Tagged traffic coming from the switch in VLAN 10 will be received by ethernet0/0.1 Tagged traffic coming from the switch in VLAN 172 will be received by ethernet0/0.2 Tagged traffic coming from the switch in VLAN 192 will be received by ethernet0/0.3
Similarly, traffic coming from the router on ethernet0/0 (if any) will be untagged and will go into the native VLAN. Traffic coming from the router on ethernet0/0.1 will have a VLAN tag of 10 and will go into VLAN 10. And so on.
If one of the three VLANs that you are using is the native VLAN then you need to put the corresponding IP address on the main interface. For instance, if you're using native VLAN 10 for your 10.x traffic then you would want to put the 10.x IP address on ethernet0/0 and you would not even want to have a sub-interface with "encapsulation dot1q 10".
If you have no native VLAN or have no plans for using the native VLAN then you would not want an IP address on the main ethernet0/0 interface.
The ACLs go on the sub-interfaces. If you're using a native VLAN then the ACL for that VLAN would, of course, go on the main interface.
Switch port setup for the above config might be along the lines of:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.