Thursday, February 10, 2011

Inter-VLAN routing


Traditional Inter-VLAN
- Separate links are needed for individual VLANs. In the example above, VLAN 10 and VLAN 20 are created. Thus 2 separate fastethernet links are needed to connected to the router.

Configuration on Router2
interface fa0/0
ip address 192.168.10.1 255.255.255.128
no shut
interface fa0/1
ip address 192.168.10.129 255.255.255.128
no shut

Configuration on Switch
=> connection to PC4
interface fa0/10
switchport access vlan 10

=> connection to PC5
interface fa0/20
switchport access vlan 20

=> connection to router2 interface fa0/0
interface fa0/23
switchport access vlan 10

=> connection to router2 interface fa0/1
interface fa0/24
switchport access vlan 20

Router-on-a-stick
- No separate links are needed for individual VLANs. Sub-interfaces are created to connect the Vlans, but ports on switch will need to be set to trunk mode in order for multiple vlans to pass through.

Configuration on Router0
interface fa0/0
no shut
=>good practice to set the sub-interface number to be same as the VLAN id for ease of identification
interface fa0/0.10
encapsulation dot1q 10
ip address 192.168.20.1 255.255.255.128
no shut
interface fa0/1.20
encapsulation dot1q 10
ip address 192.168.20.129 255.255.255.128
no shut

Configuration on Switch
Set the interface connecting to the end device such as client PC to be on the respective VLAN
switchport access vlan 10

Set the interface connecting to another intermediary device such as Router or Switch  to be on Trunk mode to enable multiple VLANs to pass through.
switchport mode trunk

**Make sure all the VLAN are created on all the switch if VLAN Trunking Protocol are not configured

Switch-based Inter-VLAN (L3 switch)
- Layer 3 switch allowed one to use the switch as a Layer 3 device to route traffic between different VLANs

Configuration on Multilayer Switch
ip routing  => to enable L3 function routing on switch
interface VLAN 10   => gateway for VLAN 10
ip address 192.168.30.1 255.255.255.128
no shut
interface VLAN 20   => gateway for VLAN 20
ip address 192.168.30.129 255.255.255.128
no shut
interface fa0/1   => connected to switch for VLAN 10
switchport access vlan 10

interface fa0/2   => connected to switch for VLAN 20
switchport access vlan 20


Configuration on Switch
Set the interface connecting to the device to be on the respective VLAN
switchport access vlan 10