Switching – Inter-vlan routing


This article will be focused in explaining the basic principles of inter-vlan routing. This is a mechanism that provides communication between different VLANs. Because each VLAN has its own broadcast domain, devices from separate VLANs cannot communicate with each other. As the same suggest, inter-VLAN routing is made by connecting a router to a switched network. The router acts as a the point of contact between two or more VLANs. I will try to explain all the elements that make up inter-vlan routing and also I will show you how to configure it. What you have to remember so far is that inter-vlan routing is a mechanism used to forward traffic from on VLAN to another.
Older implementations of inter-vlan routing required that a router would have one physical interface for each VLAN. Newer implementations like “router-on-a-stick” can use one physical interface for all VLANs. “Router-on-a-stick” added a new features in which a router can have multiple subinterfaces for each physical interface. A router configured with subinterfaces can receive tagged traffic coming from a trunk link. The router must be connected to a switch port set in the trunk mode. Subinterfaces are configured in software and act like real interfaces(each one must have an IP and subnet mask configured). Basically, traffic is sent and received through one physical interface and the router makes its decisions based on the subinterface configuration and tagged traffic coming from the trunk link. The router acts somehow like a switch between subinterfaces. As I’ve told you previously, each subinterface must have an IP configured that is part of a specified VLAN subnet. The subinterface IP will act as the gateway for switches that make up a particular VLAN.
If you’ve read all my networking articles you now by now how to configure interfaces on a router. The limitation of the older implementation of inter-vlan routing was that with each new VLAN added, the router would have to provide a dedicated physical interface. Using the new inter-vlan routing design, a physical interface can be part of several VLANs while subinterfaces are assigned separately for each VLAN. A subinterface configuration looks similar to a physical interface configuration, you have to specify an IP address and subnet mask. The physical interface must be connected to a trunk port this is why when configuring subinterfaces, you will have to specify the encapsulation type for each VLAN. I will show you in a moment how to configure subinterfaces. The benefit of using subinterfaces is visible from the start, the cost is reduced because you use only one physical interface for many VLANs. Of course, subinterface configuration is more complex than physical interface configuration and the speed is reduced since all subinterfaces use the speed of one physical interface.
I will show you now how to configure inter-vlan routing without using subinterfaces, in order to see the difference between these two technologies. Assuming that you’ve already configured VLANs on the switches connected to the router, I will jump directly to the router configuration (if you didn’t configured VLANs, check out an earlier networking post). Let’s take the following topology:

Vlan topology
There are three VLANs created here, VLAN 10, 20 and 30. On the switch side you’d have to create VLANs and then assign switch ports to the appropriate VLAN. On the router side, on each physical interface, you would have to assign an IP configuration (IP and mask) according to the VLAN configuration. Because these subnets are directly connected there is no more configuration required. Verify your configuration using the show running-config and show ip route commands. Remember from this example that each switch is connected to one different physical port on the router.
   The Router-on-a-stick design would look like this:
Router on a stick
Port F0/1 (the middle switch) will be configured as a trunk link and it will carry tagged frames from all VLANs (10, 20 and 30). The router will receive the frames on it’s physical port for one VLAN using a subinterface and it will forward traffic on the same physical port for another VLAN using a different subinterface. After configuring VLANs and setting F0/1 port as a trunk, on the router side you will have to take the following steps:
1. enter the global configuration mode.
2. select the desired physical interface, for example interface fast0/1 and type no shutdown.
3. enter each subinterface, configure the encapsulation type for each VLAN and set the IP configuration.
This is how inter-vlan routing configuration would look like:
Router on a stick configuration
To enter a subinterface type interface [physical interface id].[subinterface number]. I recommend you use the same subinterface number as the VLAN ID. For example, interface FastEthernet 0/1.10 for VLAN 10. Next, specify the encapsulation type for each VLAN (encapsulation dot1Q 10, where 10 is the VLAN ID). In the end add the IP configuration (ip address 192.168.1.1 255.255.255.0). After this step is complete, verify your configuration and use ping and tracert commands to test the communication between devices from different VLANs.
   I think I’ve covered all the main aspects of inter-vlan routing. If you think there is more to add please leave a comment or post a question. I hope you will find this article interesting, and stay tuned because more will come. I wish you all the best folks.

 

Advertisements

3 thoughts on “Switching – Inter-vlan routing

  1. Hi,

    What is the point of having VLANS if you enable inter vlan routing?

    By allowing inter VLAN routing don't you lose one of the main benefits of having VLANS? And don't you also end up with the possibility of overworking the router?

    Like

    Reply
  2. I understand what you're saying and for a while I thought the same as you. Imagine the following scenario: You have a department with 200 computers all connected in one VLAN and 5 servers connected to another VLAN. You would probably don't want all the traffic that flows between the computers to be received also by the servers. You would only want the traffic that is destined for the servers to be received by them. Imagine what would happen if the servers were overwhelmed by broadcasting traffic from all devices. This is the main principle for using inter-vlan routing, to forward only desired traffic from one VLAN to another. What do you think?

    Like

    Reply
  3. I think you benefit is a smaller broadcast domain and also, the more important thing, you can add ACL on your router to decide what traffic you would like to let go through your router.
    Also you can do kinda QoS decisions on the VLAN, like prior your VLAN and let your college stuck in the queue 😉

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s