It is not designed to handle this role the L3 functions on the switch are designed for it to route between VLANs locally and still connect to a router dedicated for the internet. You may be able to get it to function as an internet router, but your current network design is the recommended method. Here is an non-Dell document on L3 switches versus routers. http://www.dslreports.com/faq/13563
Ok that should reasonable since Layer 3 are set forth for creating inte-Vlan routing inside the lan network. Would it be possible to keep the Internet Router but take away the Cisco 2600 Default Gateway and use the Force10 as the Default Gateway in addition to the Vlan segment? Internet router for the internet is one there but why would we use a separate router as a default gateway and a layer 3 core switch.
Internet router
|
force10 Layer 3 as Default Gateway / Core Switch for Vlan routing.
You mean assign an ip address to one of the port on the S55 Force10 as the default gateway or set Force10 set ip default-gateway as 192.168.124.6.? Would this work if i connect the mpls to a sonicwall (nat public to internal) then use one of the sonicwall interface to connect to the core switch (S55 Force10).
interface GigabitEthernet0/4 description * Production * switchport access vlan 4
! interface Vlan1 description default no ip address !
interface Vlan99 description Internet ip address 192.168.121.126 255.255.255.128
!
interface Vlan2 description Server ip address 192.168.124.1 255.255.255.128 ip helper-address 192.168.124.10 ! interface Vlan3 description Voice ip address 192.168.124.129 255.255.255.128 ip helper-address 192.168.124.10 ! interface Vlan4 description Production ip address 192.168.125.1 255.255.255.128 ip helper-address 192.168.124.10
You have IP addresses on the VLAN interfaces, so use those IP addresses as the default gateway on each VLAN's clients. Then have a static route to the sonicwall to handle the Internet requests.
I see. I guess my confusion was that when a vlan set on the core switch, you only give the ip/subnet . Not sure where the default gateway is being provided from. I am assuming that the ip helper points to the dhcp server from Active Directory to distribute the gateway.
thanks Josh. Very helpful. I do have a question about the S55 FTO. i noticed that there's the top rack s55 and then the bottom chassis. if im not using 10gb switching, it simply would be a single switch with 48 ports correct?
what does it mean when you're doing 2x10Gig Lag. Is it possible to configure the core to taged vlan port number to the S55. Lets say i want the core S5000 port 4-6 to only allow Vlan 5 to one of the switch and 7-9 port to another switch vlan 10. I'm more familiar with the cisco command using switchport trunk. Does the S5000 core use the same command prefix? See attached.
You can remove your email from the previous post, so that it is not visible to everyone. The force 10 commands are similar to Cisco, but less so than the Powerconnect OS. On the Force10 you have to add VLANs to the port to create the trunk, unlike Cisco where all are allowed by default.
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 6th, 2014 15:00
Hi,
It is not designed to handle this role the L3 functions on the switch are designed for it to route between VLANs locally and still connect to a router dedicated for the internet. You may be able to get it to function as an internet router, but your current network design is the recommended method. Here is an non-Dell document on L3 switches versus routers. http://www.dslreports.com/faq/13563
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 6th, 2014 15:00
Yes, that would work. If you assign an IP address to one of the interfaces and have the clients point to that and then have a static route or a routing protocol that points to the router, that will work. If it is just a single switch or router than a static route is easier to do than setting up a whole routing protocol. Page 464 http://www.force10networks.com/CSPortal20/KnowledgeBase/DOCUMENTATION/CLIConfig/FTOS/S5000_9.1(1.0)_Config_02-28-2014.pdf
Then the switch will route between VLANs and any requests to the internet will get sent to the static route to the router.
andy817
1 Rookie
•
52 Posts
0
March 6th, 2014 15:00
Ok that should reasonable since Layer 3 are set forth for creating inte-Vlan routing inside the lan network. Would it be possible to keep the Internet Router but take away the Cisco 2600 Default Gateway and use the Force10 as the Default Gateway in addition to the Vlan segment? Internet router for the internet is one there but why would we use a separate router as a default gateway and a layer 3 core switch.
Internet router
|
force10 Layer 3 as Default Gateway / Core Switch for Vlan routing.
would this work with the force10?
andy817
1 Rookie
•
52 Posts
0
March 7th, 2014 07:00
You mean assign an ip address to one of the port on the S55 Force10 as the default gateway or set Force10 set ip default-gateway as 192.168.124.6.? Would this work if i connect the mpls to a sonicwall (nat public to internal) then use one of the sonicwall interface to connect to the core switch (S55 Force10).
As for the vlan stuff as follows:
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id
spanning-tree vlan 1-11 priority 8192
!
vlan internal allocation policy ascending
!
vlan 99
name internet
!
vlan 2
name Server
!
vlan 3
name Voice
!
vlan 4
name Production
!
vlan 10
name QA_RD
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet0/1
description * Internet *
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet0/2
description * Server *
switchport access vlan 2
!
interface GigabitEthernet0/3
description * voice*
switchport access vlan
!
interface GigabitEthernet0/4
description * Production *
switchport access vlan 4
!
interface Vlan1
description default
no ip address
!
interface Vlan99
description Internet
ip address 192.168.121.126 255.255.255.128
!
interface Vlan2
description Server
ip address 192.168.124.1 255.255.255.128
ip helper-address 192.168.124.10
!
interface Vlan3
description Voice
ip address 192.168.124.129 255.255.255.128
ip helper-address 192.168.124.10
!
interface Vlan4
description Production
ip address 192.168.125.1 255.255.255.128
ip helper-address 192.168.124.10
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 7th, 2014 07:00
You have IP addresses on the VLAN interfaces, so use those IP addresses as the default gateway on each VLAN's clients. Then have a static route to the sonicwall to handle the Internet requests.
andy817
1 Rookie
•
52 Posts
0
March 7th, 2014 08:00
I see. I guess my confusion was that when a vlan set on the core switch, you only give the ip/subnet . Not sure where the default gateway is being provided from. I am assuming that the ip helper points to the dhcp server from Active Directory to distribute the gateway.
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 7th, 2014 08:00
If the clients are getting their IP addresses from DHCP, then yes that is telling them what the default gateway should be.
andy817
1 Rookie
•
52 Posts
0
March 12th, 2014 11:00
thanks Josh. Very helpful. I do have a question about the S55 FTO. i noticed that there's the top rack s55 and then the bottom chassis. if im not using 10gb switching, it simply would be a single switch with 48 ports correct?
andy817
1 Rookie
•
52 Posts
0
March 12th, 2014 11:00
oops not the S55...i meant the S5000. If im not using 10GB uplink, there's no need to get all that correct?![]()
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 12th, 2014 11:00
That is right, you shouldn't need the extra modules.
andy817
1 Rookie
•
52 Posts
0
March 12th, 2014 13:00
what does it mean when you're doing 2x10Gig Lag. Is it possible to configure the core to taged vlan port number to the S55. Lets say i want the core S5000 port 4-6 to only allow Vlan 5 to one of the switch and 7-9 port to another switch vlan 10. I'm more familiar with the cisco command using switchport trunk. Does the S5000 core use the same command prefix? See attached.
andy817
1 Rookie
•
52 Posts
0
March 12th, 2014 13:00
see attached.
1 Attachment
Capture.JPG
andy817
1 Rookie
•
52 Posts
0
March 12th, 2014 14:00
remove
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 12th, 2014 14:00
The
attached file is not showing up. Can you email it to me? xxxx@dell.com
DELL-Josh Cr
Moderator
•
9.5K Posts
0
March 12th, 2014 15:00
You can remove your email from the previous post, so that it is not visible to everyone. The force 10 commands are similar to Cisco, but less so than the Powerconnect OS. On the Force10 you have to add VLANs to the port to create the trunk, unlike Cisco where all are allowed by default.
Page 530
https://www.force10networks.com/CSPortal20/KnowledgeBase/DOCUMENTATION/CLIConfig/FTOS/S5000_9.1(1.0)_CLI_02-28-2014.pdf
interface vlan tagged