How to configure Inter-VLAN routing on Cisco SG300?

A

andreymamontov2015-09-21 19:45:53

Cisco

andreymamontov, 2015-09-21 19:45:53

Please tell me how to configure Inter-VLAN routing on Cisco SG300?
There is a Cisco RV320 router, which also knows how to route traffic between vlans, which was previously done in the L2 pair with the SG200 switch.
Now there is a desire to use RV320 exclusively for Internet access, and SG300 to give tagging and traffic routing between vlan.
I would also like to take out DHCP and DNS on the SG300 (or maybe it’s not worth doing this? since even the process of manually assigning addresses is done on the SG300 through one place, which engineers of the small business cisco division have known about for a couple of years and don’t really stress about it).
And the last thing, after which I finally gave up, when everything seemed (!) to work, so that there was Internet in all subnets)
RV320 10.10.1.1 port 1 trunk
SG300 10.10.1.10 port 28 trunk
Workstation (from which I would like to have access to all vlans) port 25 access/general
VLAN 1-8
config-file-header
CiscoSG300
v1.4.1.3 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
no cdp appliance-tlv enable
spanning-tree loopback-guard
port jumbo-frame
vlan database
vlan 2-7
exit
gvrp enable
ip dhcp pool network forVLAN1
address low 10.10.1.100 high 10.10.1.254 255.255.255.0
domain-name lab.local
default-router 10.10.1.10
dns-server 10.10.1.1
exit
ip dhcp pool network forVLAN2
address low 10.10.2.100 high 10.1 255.255.255.0
domain-name lab.local
default-router 10.10.2.10
dns-server 10.10.1.1
exit
ip dhcp pool network forVLAN4
address low 10.10.4.100 high 10.10.4.254 255.255.255.0
domain-name lab.local
default-router 10.10. 4.10
dns-server 10.10.1.1
exit
ip dhcp pool network forVLAN5
address low 10.10.5.100 high 10.10.5.254 255.255.255.0
domain-name lab.local
default-router 10.10.5.10
dns-server 10.10.1.1
netbios-name-server 10.10.1.1
exit
ip dhcp pool network forVLAN6
address low 10.10.6.100 high 10.10.6.254 255.255.255.0
domain-name lab.local
default-router 10.10.6.10
dns-server 10.10.1.1
netbios-name-server 10.10.1.1
exit
ip dhcp pool network forVLAN7
address low 10.10.7.100 high 10.10.7.254 255.255.255.0
domain-name lab.local
default-router 10.10.7.10
dns-server 10.10.1.1
netbios-name-server 10.10.1.1
exit
ip dhcp pool network vorVLAN3
address low 10.10.3.100 high 10.10.3.254 255.255.255.0
domain-name lab.local
default-router 10.10.3.10
dns-server 10.10.1.1
netbios-name-server 10.10.1.1
exit
bonjour interface range vlan 1-7
hostname CiscoSG300
line console
exec-timeout 30
exit
line ssh
exec-timeout 0
exit
ip ssh server
snmp-server server
ip http timeout-policy 0 https-only
clock timezone " " +3
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server ntp1.stratum1.ru poll
sntp server ntp1.stratum2.ru poll
ip name-server 10.10.1.10
interface vlan 1
ip address 10.10.1.10 255.255.255.0
no ip address dhcp
interface vlan 2 ip address 10.10.2.10
255.255.255.0 interface
vlan 3 ip
address 10.10.3.10 255.255.255.0 6 ip address 10.10.6.10 255.255.255.0 interface vlan 7 ip address 10.10.7.10 255.255.255.0 interface gigabitethernet1 switchport trunk allowed vlan add 2-7 interface gigabitethernet2 switchport trunk allowed vlan add 2-7 interface gigabitethernet3 switchport trunk allowed vlan add 2-7 interface gigabitethernet4
switchport trunk allowed vlan add 2-7
interface gigabitethernet7
no macro auto persistent
interface gigabitethernet25
description Workstation
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 2-7 untagged
macro description desktop
macro auto smartport type desktop $max_hosts 10 $native_vlan 1
!
interface gigabitethernet26
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 2-7
macro description "ap "
macro auto smartport type ap $native_vlan 1
!
interface gigabitethernet27
description CiscoSG200
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 2-7
macro description "switch "
macro auto smartport type switch $native_vlan 1
!
interface gigabitethernet28
description CiscoRV320
storm-control broadcast enable
storm-control broadcast level 10
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 2-7
macro description "router "
!
exit
macro auto enabled
macro auto processing type host enabled
macro auto processing type ip_phone disabled
macro auto processing type ip_phone_desktop disabled macro
auto processing type router enabled
ip default-gateway 10.10.1.1
for some expertise, I would be grateful if someone just tells me how to do it right

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

Karroplan, 2015-09-22
@Karroplan

sg300 is by default configured as an L2 switch out of the box.
From gui enable L3 - administration->system settings and there is a button System mode: L2 / L3
From CLI in exec mode - set system mode router

A

andreymamontov, 2015-09-22
@andreymamontov

Now it seems to finally work, and even DHCP on the switch began to issue addresses.
As a result, it is not clear whether the Internet will be in all vlans, incl. in trunk ports (receives the correct address, vlan and Internet access through the port)?
The router, being the default gateway, simply redirects, the rest of the inter-vlan routing is switched?
What is the correct way to register static routes on the router, given the specifics of the interface, that not all recommended routes can be applied.
Does the router need to know about existing VLANs or at least subnets? (it is clear that rather no than yes, but the cisco support forum has a user with a cisco nameplate, there is such an opinion
Any advice would be appreciated
*10.10.1.254 - router
10.10.1.1 - switch
config-file-header
CiscoSG300
v1.4.1.3 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator excluded
@
no cdp appliance-tlv enable
port jumbo -frame
vlan database
vlan 10,20,30,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya______
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________ ip
dhcp server
ip dhcp pool network hosts
address low 10.10.10.100 high 10.10.10.150 255.255.255.255.255.255 .
.local
default-router 10.10.10.1
time-server 91.226.136.138
dns-server 77.88.8.8
exit
ip dhcp pool network native
address low 10.10.1.100 high 10.10.1.150 255.255.255.0
domain-name lab.local
default-router 10.10.1.1
time-server 91.226.136.138
dns-server 77.88.8.8
exit
ip dhcp pool network VMkernel
address low 10.10.30.100 high 10.10.30.150 255.255.255.0
domain-name lab.local
default-router 10.10.30.1
time-server 91.226.136.138
dns-server 77.88.8.8
exit
ip dhcp pool network Vmnetwork
address low 10.10.20.20 255.255.255.0 20.150
default-router 10.10.20.1
time-server 91,226,136,138
dns-server 77.88.8.8
exit
bonjour interface range vlan 1
hostname CiscoSG300
line console
exec-timeout 0
exit
line ssh
exec-timeout 0
exit
username cisco password encrypted privilege 5b58010b3ffce92d970c08997a8a65de62a4ffa0 15
ip ssh server
ip http timeout-policy 0 https-only
clock timezone " " +3
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server ntp1.stratum1.ru poll
sntp server ntp1.stratum2.ru poll
ip name-server 77.88.8.8
!
interface vlan 1
ip address 10.10.1.1 255.255.255.0
no ip address dhcp
!
interface vlan 10
name Hosts
ip address 10.10.10.1 255.255.255.0
!
interface vlan 20
name VMnetwork
ip address 10.10.20.1 255.255.255.0
!
interface vlan 30
name VMkernel
ip address 10.10.30.1 255.255.255.0
!
interface vlan 40
name Instance
ip address 10.10.40.1 255.255.255.0
!
interface gigabitethernet1
spanning-tree portfast
switchport mode access
switchport access vlan 10
!
interface gigabitethernet2
spanning-tree portfast
switchport mode access
switchport access vlan 10
!
interface gigabitethernet3
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
switchport mode access
switchport access vlan 10
macro description host
macro auto smartport dynamic_type unknown
!
interface gigabitethernet4
spanning-tree portfast
switchport mode access
switchport access vlan 10
!
interface gigabitethernet5
spanning-tree portfast
switchport mode access
switchport access vlan 10
!
interface gigabitethernet6
spanning-tree portfast
switchport mode access
switchport access vlan 10
!
interface gigabitethernet22
spanning-tree portfast
switchport mode access
switchport access vlan 20
!
interface gigabitethernet23
spanning-tree portfast
switchport mode access
switchport access vlan 30
!
interface gigabitethernet24
spanning-tree portfast
switchport mode access
switchport access vlan 40
!
interface gigabitethernet27
gvrp enable
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 10,20,30,40
macro description switch
macro auto smartport type switch $native_vlan 1
!
interface gigabitethernet28
gvrp enable
storm-control broadcast enable
storm-control broadcast level 10
spanning-tree link-type point-to-point
switchport mode access
macro description "router "
!next command is internal.
macro auto smartport dynamic_type router
!
exit
macro auto enabled
macro auto processing type host enabled
macro auto processing type ip_phone disabled
macro auto processing type ip_phone_desktop disabled
macro auto processing type router enabled
ip default-gateway 10.10.1.254