Skip to main content
Network Engineering

Return to Answer

Post Timeline

added 45 characters in body
Source Link
Zac67
Zac67
  • 92.2k
  • 4
  • 76
  • 144

That's not how VLANs work.

Think of a port-based VLANsVLAN, using access ports, as a dedicated, separate switch. Traffic between VLANs requires a router (or L3 switch) connected to those VLANs.

Tagged VLANs allow a physical port to link multiple VLANs at the same time. Tagging requires the link-partners to share the exact same configuration. Switches use trunk ports, routers andor hosts use subinterfaces. Each subinterface connects to a specific VLAN.

So, whatever you connect on port FastEthernet0/22 needs to handle VLAN tagging. Short of that, it can't talk on any VLAN.

Catalyst switch support layer-3 switching = routing between subnets. For that you need to

  • activate routing
  • configure a switch virtual interface (SVI) with an IP address on each VLAN
  • configure the corresponding hosts to use the SVI within their VLAN as (default) gateway
  • if there are more VLANs/subnets that the L3 switch isn't connected to, you need to configure routing using either static routes or a protocol like OSPF
  • if you don't want certain end nodes or subnets to talk to each other, you can use ACLs to control traffic

That's not how VLANs work.

Think of a port-based VLANs, using access ports, as a dedicated, separate switch. Traffic between VLANs requires a router (or L3 switch) connected to those VLANs.

Tagged VLANs allow a physical port to link multiple VLANs at the same time. Tagging requires the link-partners to share the exact same configuration. Switches use trunk ports, routers and hosts use subinterfaces.

So, whatever you connect on port FastEthernet0/22 needs to handle VLAN tagging. Short of that, it can't talk on any VLAN.

Catalyst switch support layer-3 switching = routing between subnets. For that you need to

  • activate routing
  • configure a switch virtual interface (SVI) with an IP address on each VLAN
  • configure the corresponding hosts to use the SVI within their VLAN as (default) gateway
  • if there are more VLANs/subnets that the L3 switch isn't connected to, you need to configure routing using either static routes or a protocol like OSPF
  • if you don't want certain end nodes or subnets to talk to each other, you can use ACLs to control traffic

That's not how VLANs work.

Think of a port-based VLAN, using access ports, as a dedicated, separate switch. Traffic between VLANs requires a router (or L3 switch) connected to those VLANs.

Tagged VLANs allow a physical port to link multiple VLANs at the same time. Tagging requires the link-partners to share the exact same configuration. Switches use trunk ports, routers or hosts use subinterfaces. Each subinterface connects to a specific VLAN.

So, whatever you connect on port FastEthernet0/22 needs to handle VLAN tagging. Short of that, it can't talk on any VLAN.

Catalyst switch support layer-3 switching = routing between subnets. For that you need to

  • activate routing
  • configure a switch virtual interface (SVI) with an IP address on each VLAN
  • configure the corresponding hosts to use the SVI within their VLAN as (default) gateway
  • if there are more VLANs/subnets that the L3 switch isn't connected to, you need to configure routing using either static routes or a protocol like OSPF
  • if you don't want certain end nodes or subnets to talk to each other, you can use ACLs to control traffic
Source Link
Zac67
Zac67
  • 92.2k
  • 4
  • 76
  • 144

That's not how VLANs work.

Think of a port-based VLANs, using access ports, as a dedicated, separate switch. Traffic between VLANs requires a router (or L3 switch) connected to those VLANs.

Tagged VLANs allow a physical port to link multiple VLANs at the same time. Tagging requires the link-partners to share the exact same configuration. Switches use trunk ports, routers and hosts use subinterfaces.

So, whatever you connect on port FastEthernet0/22 needs to handle VLAN tagging. Short of that, it can't talk on any VLAN.

Catalyst switch support layer-3 switching = routing between subnets. For that you need to

  • activate routing
  • configure a switch virtual interface (SVI) with an IP address on each VLAN
  • configure the corresponding hosts to use the SVI within their VLAN as (default) gateway
  • if there are more VLANs/subnets that the L3 switch isn't connected to, you need to configure routing using either static routes or a protocol like OSPF
  • if you don't want certain end nodes or subnets to talk to each other, you can use ACLs to control traffic