if you only have a Meraki switch and have VLANS do you need to setup OSPF
Solved! Go to solution.
You would need something to talk OSPF with first. Otherwise, it does nothing.
So I would have to create interfaces under the Routing and DHCP page on Dashboard for all the VLANS to talk?
Correct.
I guess to clarify is I only have a Switch and work on small business and looking to separate some of the computers and and servers for control. Do i need to even setup OSPF if everything is direct connected to the switch?
No OSPF is required.
Just re-iterating what @PhilipDAth said, if all endpoints are connecting to the switch, and you don't have any sprawling or dynamically changing network, you don't need OSPF.
Simply setup the VLAN interfaces for inter-vlan routing and static routes for anything traffic you need to send elsewhere.
all depends on how the switches are setup, if the switches are connected through a layer 3 link they you will need VLAN (subnets) in each side of L3 link to be advertised to each other to be reachable, so you will need some routing (static or OSPF), if the switches are connected with L2 trunk then you don't need OSPF
no other switches. Just one switch
If its a closed setup , you can use the switch as a router, by setting up SVI's as explained above.
But if you need routing somewhere else, aka, for example "the internet", then you have a router/firewall, that most likely does NAT/PAT towards your ISP.
You have two options.
1: Create a layer 3 network between that router and your switch, and create static routes on your router that tells your router to route the packets for the newly created networks towards your switch (and a 0.0.0.0 route on your switch that points towards your router/firewall).
2: OR, you use your router for all layer 3, and only use layer 2 vlans on your switch (this is the "normal option" in smaller networks).
This will of course require you to create these networks (L3) on your router / firewall, and have a dot1q trunk (a port with more vlans) on the connection between your router/firewall and your switch.
Both ways gives your network segmentation. But usually having proper segments with an ACL between them is done on the firewall (the switch CAN do ACLs , but its not , ehhh, "as nice looking" as on the firewall).
Does this help ?
If you cannot configure your upstream firewall/router, then there is nothing you can do that will make this work in a proper way.