VLAN – VLAN with Mixture of Managed/Unmanaged Switches

I've got a setup in my house as a test to try and figure this stuff out, but i've hit a bit of an end point. Here is a picture of my network setup.
enter image description here

So i have my internet provided by Virgin Media, which comes through into a 16 port unmanaged switch, our of that into a Desktop PC which uses DHCP to pick up an address from the Virgin router. I also have another cable going down to the garage which has a managed Dell Switch and a managed Cisco router.

From my Desktop PC, i can ping 192.168.1.253 (dell) and 192.168.1.254 (cisco) and the gateway of the Desktop PC is 192.168.1.1 (virgin). If i was to change my gateway to 192.168.1.254 (cisco) then i can now ping 192.168.200.254 (VLAN 200) as well as the rest of the network. Which is great, so i know i can get across the subnet which is exactly what i'm after.

The problem then starts if i want to have a machine on the 200 VLAN. So, i change my IP Config of the Desktop to…

IP: 192.168.200.50
Sub: 255.255.255.0
GW: 192.168.200.254

I now can't ping a thing, getting destination host unreachable across the board. So that leads me to think it isn't working!

Here are the configs for the Switch and the Router.

Dell Switch
http://pastebin.com/iun8WKne

Cisco Router
http://pastebin.com/6VE8yQ4r

I think i've covered everything here…

Best Answer

The reason that this doesn't work is that your desktop isn't actually in vlan 200. You changed the IP address of the desktop to be on the 192.168.200.0/24 subnet but that's at layer 3.

Looking at the layer 2 topology, your PC is connected to a dumb switch which is hooked into a vlan 1 port on the managed switch. Because of this, regardless of what your IP address is the traffic coming from your desktop is hitting the switch on vlan 1.

Going back to layer 3 a bit, your default gateway 192.168.200.254 isn't in vlan 1 it's in vlan 200 because it's assigned to a router sub-interface which is watching for traffic tagged vlan 200. Therefore the PC's default gateway is unreachable at layer 2 and you get the infamous "Destination host unreachable" error.

For you to add a host in vlan 200, you need to plug it into a totally new port on the Dell managed switch and assign that port to vlan 200, as well as giving it an IP address in the 192.168.200.0/24 subnet.

On a related note, if you want traffic from vlan 200 to reach the outside internet you will need to create static routes on both the virgin media router and the Cisco router telling them about the other networks.

On the Cisco router you need to add ip route 0.0.0.0 0.0.0.0 192.168.1.1 to tell it to forward any traffic with a destination network it doesn't know about to virgin media. On the virgin media router you need the equivalent of ip route 192.168.200.0 255.255.255.0 192.168.1.254 so that the virgin media router knows where to send traffic coming back from the internet destined for vlan 200.

Best Answer

Related Solutions

VLAN that mimics unmanaged desktop switch

Switch Redundancy – Switch Redundancy with Dell N2000 Series Switches

Related Topic