Change default routing on an Cisco SG300 switch to allow for a router VLAN

[coxhaus]

I want to build a high speed router VLAN with one device the router so there is no slow downs from other devices in the same VLAN. Some devices get chatty. My switch is in layer 3 mode.

I just noticed a cannot change the default route on my SG300-28 switch. When I select it I cannot use the edit button. It is grayed out. Is there a simple way to do this? Am I missing something?

 

[oletuv]

coxhaus,

When you select the default route can you delete it? That is what I can do here on my SG300-10. I think you have to delete it and add a new default route with the wanted settings.

When you have it working, please share the details about configuring a high speed router VLAN.

Ole

 

[coxhaus]

I deleted my default route and added a new one. I moved the router to the new VLAN and lost interVLAN routing with the new VLAN. I had to create another access port to get on the internet. Now both my router and workstation are in the same VLAN I have internet access.

 

[oletuv]

Sounds a bit strange that you had to configure a new access port to get the routing working. Anyhow, glad you got it working.

Just so I understand how you did this - did you add a new VLAN interface with a separate IP address (e.g. 192.168.9.254) but no DHCP pool, defined the router address within the same subnet (e.g. 192.168.9.1), defined the default route on the switch to point to the new router IP address, and finally added a new static route on the router to point to the old router network (e.g. 192.168.0.1)?

Ole

 

[coxhaus]

I had to add an access port so I could access the router from a workstation to look for errors within the same VLAN because interVLAN routing was not working and I could only access the router from the same VLAN.

Yes, I did add an 192.168.9.254 IP address for the VLAN gateway. I changed my router IP address to 192.168.9.1. I first tried without a DHCP scope but added one just to see if it worked and something keyed off DHCP. No difference. I went back over everything studying studying studying. I found where the RV320 router did convert some ACLs incorrectly so I changed them. I deleted default route again and set it up one more time. I can now ping the router from one of the old VLANs. I can also ping 8.8.8.8 but web pages do not work so there seems to be an DNS problem. I hard coded some DNS entries and deleted the other DNS blocking in my router. Web pages seem to work.

I think it is working now. I will track down DNS and add my security DNS back. It was exciting as things did not work.

 

[oletuv]

I had to add an access port so I could access the router from a workstation to look for errors within the same VLAN because interVLAN routing was not working and I could only access the router from the same VLAN.

Yes I did I did add an 192.168.9.254 IP address for the VLAN gateway. I changed my router IP address to 192.168.9.1. I first tried without a DHCP scope but added one just to see if it worked and something keyed off DHCP. No difference. I went back over everything studying studying studying. I found where the RV320 router did convert some ACLs incorrectly so I changed them. I deleted default route again and set it up one more time. I can now ping the router from one of the old VLANs. I can also ping 8.8.8.8 but web pages do not work so there seems to be an DNS problem. I hard coded some DNS entries and deleted the other DNS blocking in my router. Web pages seem to work.

I think it is working now. I will track down DNS and add my security DNS back. It was exciting as things did not work.

That´s great. I like the idea of isolating the router in a separate VLAN. Any idea how QoS configuration on the SG300 switch will affect the routing? I´ve configured QoS to give high priority to video streaming (IPTV).

Ole

 

[coxhaus]

I have not tried QoS with this switch. I have not had good luck with QoS on small devices. So I try to stay away from QoS.

I found something you might be interested in. There is a setting for access port multicast TV VLAN under VLAN management on the SG300 switch.

The high speed VLAN should be faster since there are no slow downs from broadcasts or window elections for whatever. Plus the slow wireless devices are not slowing down the router as before. The router should be able to run full steam from all the other VLANs feeding it.

 

[oletuv]

I have not tried QoS with this switch. I have not had good luck with QoS on small devices. So I try to stay away from QoS.

I´ve tried to keep QoS simple by using the standard 802.1p and DSCP to Queue tables and set Strict Priority to level 3 and level 4 and WRR Priority to level 1 (67%) and level 2 (33%). IPTV is level 3 and will generally have the highest priority in my network since I don´t use VoIP. Hope it works, else I can always switch it off.

I found something you might be interested in. There is a setting for access port multicast TV VLAN under VLAN management.

Yes, I´ve already configured my IPTV access ports as Multicast TV VLANs. Great functionality which is not supported by the L2 SG200 switches.

The high speed VLAN should be faster since there are no slow downs from broadcasts or window elections for whatever. Plus the slow wireless devices are not slowing down the router as before. The router should be able to run full steam from all the other VLANs feeding it.

Seems logical. I´m looking forward to try it out when I have my home network up and running in April/May.

Ole

 

[coxhaus]

I can tell internet web pages are snappier now. This is an upgrade for my network.

 

[oletuv]

I can tell internet web pages are snappier now. This is an upgrade for my network.

Thanks for sharing.

Ole

 

[coxhaus]

I am looking at my L3 switch and router today. I noticed on RV320 router I have a static routing statement for 192.168.9.0 pointing to 192.168.9.254. I wonder if I had to have this because my default VLAN is still 1 which is 192.168.0.254. When I changed my RV320 router IP address from 192.168.0.1 to 192.168.9.1 I did not change the default VLAN because I did not want the traffic from all the other devices on the router VLAN as their default VLAN is 1 also. I have another SG200 switch and 3 WP321 wireless units which all have VLAN 1 as their default VLAN.

So now I have a static routing statement for all VLANs defined on the L3 switch in the RV320 router.

 

[oletuv]

I am looking at my L3 switch and router today. I noticed on RV320 router I have a static routing statement for 192.168.9.0 pointing to 192.168.9.254. I wonder if I had to have this because my default VLAN is still 1 which is 192.168.0.254. When I changed my RV320 router IP address from 192.168.0.1 to 192.168.9.1 I did not change the default VLAN because I did not want the traffic from all the other devices on the router VLAN as their default VLAN is 1 also. I have another SG200 switch and 3 WP321 wireless units which all have VLAN 1 as their default VLAN.

So now I have a static routing statement for all VLANs defined on the L3 switch in the RV320 router.

coxhaus,

Did you change the static route statement for the 192.168.9.0 subnet?

So that I fully understand your current routing configuration, could you please show the static route statements on the router and also the default route statement on the SG300 switch?

Ole

 

[coxhaus]

OK. Here you go. I guess you see I did not really use 9 for the new VLAN. I used 10 instead but for clarity I stayed with your example.

PS
You don't see any routing for VLAN3 as there is not currently an active port in VLAN3.

 

[coxhaus]

Here is the default VLAN. I could not add it to the above post. I used the default VLAN as VLAN 1 for all my network devices. As I remember the default VLAN will catch all untagged traffic which I do not want in the router VLAN to slow it down.

 

[coxhaus]

I just pulled out the static entry 192.168.10.0 in the router out as it is directly connected. Everything seems to still work. I guess maybe I added it when the ACLs in the router did not convert to the new LAN IP network.

Here is the new routing table after removable. I think it looks better.

 

[oletuv]

OK. Here you go. I guess you see I did not really use 9 for the new VLAN. I used 10 instead but for clarity I stayed with your example.

PS
You don't see and routing for VLAN3 as there is not currently an active port in VLAN3.

Thanks coxhaus, now I have a good reference if I´d want to change the router VLAN in my configuration also.

What I was most keen to see was the default gateway IP of the static routes on the router, 192.168.10.254 (the address of the router VLAN) or 192.168.0.254 (the address of the default VLAN).

The second 192.168.10.0 static route without a default gateway and with Hop Count 0, is that something that is auto configured on the RV320? Could you also please explain the reason for setting Hop Count to 2 and not 1.

Ole

 

[coxhaus]

It turns out hop count 2 was a mistake as it should have been 1. But it turns out I don't even need the statement now as I have removed the whole statement altogether. Check the new routing table above.

You know I may have added the statement when I tested VLAN 10 before moving the router over to it.

 

[oletuv]

It turns out hop count 2 was a mistake as it should have been 1. But it turns out I don't even need the statement now as I have removed the whole statement altogether. Check the new routing table above.

You know I may have added the statement when I tested VLAN 10 before moving the router over to it.

Ah OK, but per the routing table above you still use Hop Count 2 for the 192.168.0.0, 192.168.2.0 and 192.168.3.0 route statements. Should those be Hop Count 1 as well?

Ole

 

[coxhaus]

All fixed. I set them to hop count 1.

 

[oletuv]

All fixed. I set them to hop count 1.

Looks good, coxhaus

Regarding the default gateway for the static routes on the router, is it a must to to have it set to the IP address of the router VLAN, e.g. 192.168.10.254 in your configuration, or could the IP address of the default VLAN, e.g. 192.168.0.254, also be used?

I suppose you have the router connected to a VLAN 10 access port on the SG300 switch?

Ole