Trying to figure out how to split a connection...

Discussion in 'Networking' started by cpals, Feb 18, 2013.

  1. cpals

    cpals Diamond Member

    Joined:
    Mar 5, 2001
    Messages:
    4,494
    Likes Received:
    0
    So my core router/switch upgrade is going smoothly (thanks everyone for prior input), but I have a brain fart trying to figure out this last piece. I'm not sure if I'm over thinking it or what...

    Essentially, I'm trying to get our new router/switch connected to my MetroE providers device so I can slowly move over connections to my new core switch. Currently it's like this:

    CenturyLink Metro 1Gb --> Fiber to port on 6509

    I want something like this:

    MetroE Switch --> L2 Switch --> Port on 6509
    |------------ Port on new core switch

    My hiccup is on the 6509 it is currently setup as a trunk port passing multiple vlans which correlate into our different sites. I'm not sure if I need to set the ports on the L2 switch as 'switchport access mode' or in trunk mode? If it is trunk mode then I would have to create all of the vlans on the L2 switch so they all talk correctly, right?

    I don't know how the MetroE switch is configured, but I assume my ports would be something like this on the L2 switch:

    MetroE port -- switchport trunk allowed vlan all
    6509 port -- switchport trunk allowed vlan 2,3,4 (etc, all the sites I want on the 6509 still)
    new core -- switchport trunk allowed vlan 6,7,8 (the sites I've moved over)

    As I'm typing this out, I think I got it... as I'm moving a site over, I'll remove the vlan from the 6509 port on the L2 switch and add it to the new core switch port.

    I'll just have to make sure out the vlans are created on the L2 switch prior to introducing it into the mix.

    Edit:
    Oh and the reason why I'm having to split the connections myself is because CenturyLink won't give us another port on their device connected to the same 'cloud' while we transition or else that would have been optimal.
     
  2. Lithium381

    Lithium381 Lifer

    Joined:
    May 12, 2001
    Messages:
    12,465
    Likes Received:
    1

    On the port that connects to the Metro you can maybe to switchport mode access, and then on the ports that connect to your core switches, use switchport mode trunk and just make sure that the vlan your metro connects to is included, that way they'll both have access. Then you don't have to change the config on your 6509 at all. . .

    I hope i am understanding that correctly. I'm available on AIM if you want to bounce ideas; or post here and I'll keep an eye out. If you have some sort of diagram it might help too since i'm not sure your ascii formating went as you expected.
     
  3. drebo

    drebo Diamond Member

    Joined:
    Feb 24, 2006
    Messages:
    7,043
    Likes Received:
    0
    If the metro ethernet connection is coming through as VLAN tagged packets, you're going to want all 3 ports on the L2 switch as tagged ports (swi mo trunk).

    Otherwise, there's no way to direct the traffic to the appropriate switch.

    For instance, if Site A comes off the wire as VLAN 101, the L2 switch needs to know that and then needs to know which trunk port to send the packets out. Presumably, each of your core switches (old and new) need to access multiple sites off the wire, so both will need trunk ports.

    Then you'll just use (swi trunk allowed vlan ##) commands to allow or remove the appropriate VLANs from each core switch on the uplink, depending on which are supposed to be where.

    Or if you're using dynamic routing, you'd allow both switches to communicate to all sites over the wire on /29s or whatever and establish a fully meshed topology with each site. That way, as you move services from one switch to the other, it's seemless.

    All three ports need to be trunk ports, though.
     
  4. cpals

    cpals Diamond Member

    Joined:
    Mar 5, 2001
    Messages:
    4,494
    Likes Received:
    0
    Thanks. I think I pretty much got my answer... all of our sites are setup as a /30 going back to the 6509. As long as my new switch doesn't have any IPs setup on the VLANs yet I could essentially just trunk all the VLANs to both devices and then take down the interface on the 6509 and bring up the vlan interface on the other. I think I'm pretty confident, I'm just always double guessing myself.

    Picture since it was asked about earlier. https://www.dropbox.com/s/6fmf74dpvcjjox1/metroe.jpg
     
  5. cpals

    cpals Diamond Member

    Joined:
    Mar 5, 2001
    Messages:
    4,494
    Likes Received:
    0
    Finished reading your reply Drebo... I didn't set up the 6509 initially so I'm not sure why it's exactly done this way, may have something to do with because we're encrypting the connections? We have a VPN module in the 6509.

    Each site has a unique VLAN associated with it and inside the vlan is a /30 address for the site and the 6509.