Hi
I know that is not the normal configuration for Vlan topics ,also for the ip subnetting and router functions but sometimes I have to deal with situations of configuracion out of the ordinary finding a solution getting to the limit the features of the devices)
So I'm going with this one
I'm working in the multicompany enviroment and there are some conditions
-Each enterprise is different from the other one (there are 3 companies A-Router A, B- Router B and C- Router C located in two buildings )
-All the companies will share the same internet bandwith (same ISP)
-Each enterprise has the own range of IP-Public (I mean each company has a range of IP -public to manage.)
Having this in mind I got two Omniswitch 6400 (one in each building- the are connected ) and I want to know if I'm right ,or do I have to change something or I'm fully wrong with this one)
I attach a Draft with My idea is
1- to create a Public Vlan 1 containing all the ip-publics and from there distribute to other companies (companies A and B , C in the other switch(building))
2-The company A (where the Router A is) will be a private Vlan 2 ( here they are private IP)
3-This company A has a branch in the other switch that will be Vlan 3 ( here they are private IP)
For the companies B and C I think there are not any problem because they have the own routers and they are not affected for any Vlan segmentation(it's a clean layer 2 switching)
For the companie A -the router A (here the big deal) :
Will be posible to the users in the VLan 2 and 3 to go to internet take the Router A ( the users will have the default gateway the router A and also a Rip virtual interface will be enable in the 6400 to allow the users in the Vlan 3 to take the router)
Will be possible to have ping between Vlan 2 and 3 (vreating Rip interfaces)
Is it possible to implement ,some special characteristics to take into account,
Thanks
Public and private VLAN
-
alonso.garcia
- Member
- Posts: 16
- Joined: 10 Feb 2010 14:04
Public and private VLAN
You do not have the required permissions to view the files attached to this post.
Re: Public and private VLAN
hello
I see on your design external routers, you can use routing on 6400
If you enforce all ip interface on R-A,
come from R-B via layer2 only to R-A
it will work.
R-A have all info how to route (because route are local here)
Make a static route to go to your ISP and it will work.
You will have to play with ACL to prevent customer A to customer C etc.
I think you will need to have a interco vlan between isp and r-a (best practice). and then have vlan 10 11 12 with on each public ip for your respective customer.
I see on your design external routers, you can use routing on 6400
If you enforce all ip interface on R-A,
come from R-B via layer2 only to R-A
it will work.
R-A have all info how to route (because route are local here)
Make a static route to go to your ISP and it will work.
You will have to play with ACL to prevent customer A to customer C etc.
I think you will need to have a interco vlan between isp and r-a (best practice). and then have vlan 10 11 12 with on each public ip for your respective customer.
You do not have the required permissions to view the files attached to this post.
-
alonso.garcia
- Member
- Posts: 16
- Joined: 10 Feb 2010 14:04
Re: Public and private VLAN
Hello Thanks for your answer with you I've confirmed what I was thinking
just one detail and it's about routing posibilities of the 6400
The 6400 could route between two Ip wit the range 200.113.193.78/28 and 10.51.1.4 /24 ??
As i always have seen routing with the subnetting schema
Thanks
just one detail and it's about routing posibilities of the 6400
The 6400 could route between two Ip wit the range 200.113.193.78/28 and 10.51.1.4 /24 ??
As i always have seen routing with the subnetting schema
Thanks
Re: Public and private VLAN
yes you can route between all subnets types.
