Using a Cisco Router to route VLAN traffic on a M5300-52G-POE+ switch

Hello fjamieson

 

Welcome to the community!

 

 

M5300-52G-PoE+ is capable of Layer3 static routing at wire-speed without any software license upgrade (as is), so unless you want to use RIP or OSPF, I don't really see why we would use a Cisco router for inter-VLAN traffic? Not only that could add complexity to your routing configuration, but also best practice is to offload the router with local, line-rate routing when possible. Please let me know, the community will help you configure your VLANs and routing.

 

We would need to know a few more things::

• On each VLAN, where is the DHCP server? Do you need to use the switch for it, or do you want to use your Cisco router, or do you have SBS server or else somewhere with DHCP services?
• If we enable routing on the switch, which IP interface will you assign to each routing VLAN?
• Which port on the switch will be connected to your router? 
• Which IP address will be reserved on your router so that the switch can connect to the internet using it?

 

For now, assuming VLAN 1 is also the management network for the switch.

 

We create following VLANs on your switch, with each time one DHCP server configured for it from the switch local DHCP Pool:

VLAN 1                Default                  192.168.10.0/24   Gateway/IP Routing interface 192.168.10.1

VLAN 2                Phone traffic           192.168.20.0/24   Gateway/IP Routing interface 192.168.20.1

 

 

We can create one Internet VLAN for convenience on the switch, should you have service policies later, shapping or differentiated services :

VLAN 50                 Internet VLAN (that will be used by VLAN 1, 2)    Interface 192.168.102.50 / 255.255.255.0

 

We assume your Cisco router provides can provide 192.168.102.1 internet gateway with NAT on it (192.168.102.0/24), as well as DNS services to the network.

 

One default route will be created on the switch for any traffic outside VLAN 1 and VLAN 2 and pointing to that 192.168.102.1 gateway via Internet VLAN 50.

We assume the switch is connected to the network where the Cisco router resides via Port 1 and that the Cisco router will reserve 192.168.102.50 IP address for the switch.

 

 

On your Cisco router, we need to set up following static routes back to the switch:  

Destination network	Next hop address	Distance
192.168.10.0/24	192.168.1.50	2
192.168.20.0/24	192.168.1.50	2

 

 

 Then assuming you have normal users on Port 2-24 and IP Phones on Ports 25-48:

 

vlan database
vlan 2,50
vlan name 2 "phone traffic"
vlan name 50 "internet"
vlan routing 1 1 
vlan routing 2 2 
vlan routing 50 3 
exit
ip name server 192.168.102.1
ip route 0.0.0.0 0.0.0.0 192.168.102.1 253
interface 1/0/1
description 'Internet Gateway'
vlan pvid 50
vlan participation exclude 1
vlan participation include 50
ip mtu 1500
exit
interface 1/0/2-1/0/24
description 'Normal Users'
vlan pvid 1
vlan participation include 20
vlan tagging 20
ip mtu 1500
exit
interface 1/0/25-1/0/48
description 'IP Phones'
vlan pvid 20
vlan participation include 20
exit
interface vlan 1
routing
ip address 192.168.10.1 255.255.255.0
exit
interface vlan 20
routing
ip address 192.168.20.1 255.255.255.0
exit
interface vlan 50
routing
ip address 192.168.102.50 255.255.255.0
exit
ip name source-interface vlan 50
service dhcp
ip dhcp pool "default"
lease 28 0 0
dns-server 192.168.102.1
default-router 192.168.10.1
network 192.168.10.0 255.255.255.0
netbios-node-type b-node
exit
ip dhcp pool "phones"
lease 0 8 0
dns-server 192.168.102.1
default-router 192.168.20.1
network 192.168.20.0 255.255.255.0
netbios-node-type b-node
exit 

 

Obviously, this is only for routing. Differentiated services for QoS, traffic shaping, inter-VLAN security, Multicast strategies, there's lot of additional possibilities. But let us know if this helps your installation!

 

Regards,