InterVLAN Routing
In this post we will see how to configure interVLAN routing if we do not have a Layer-3 switch. Having a switch with many VLANs configured, plus a router that will take care of routing packets to and from these. As we all know, VLANs split broadcast domains, so devices sitting in different VLANs do not have the chance to communicate with each other, unless a third device with routing capabilities is set up in the middle.
AKA Router on a Stick
Quick and dirty topology because not much else is needed to understand this but a router connected to a switch.
These devices of course have to be able to speak the same language, so our layer-2 switch will need to understand 802.1Q and/or ISL, and so the router.
Below config relevant snippets:
The switch :
switch#sh run
Building configuration...
[...]
vlan 25,51,200,305
[...]
interface FastEthernet0/4
description Connected to R4 F0/1
switchport trunk allowed vlan 25,51
switchport mode trunk
[...]
The router :
Router#sh run
Building configuration...
[...]
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.25
encapsulation dot1Q 25
ip address 25.25.25.25 255.255.255.0
!
interface FastEthernet0/1.51
encapsulation dot1Q 51
ip address 51.51.51.51 255.255.255.0
[...]
As we can see, all we need is a trunk link to move all the VLANs traffic between the 2 devices. The router will take care of routing (its job) packets.
Here we have our router’s routing table:
Router# sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
51.0.0.0/24 is subnetted, 1 subnets C
51.51.51.0 is directly connected, FastEthernet0/1.51
25.0.0.0/24 is subnetted, 1 subnets C
25.25.25.0 is directly connected, FastEthernet0/1.25
Router’s trunk interface
Router# sh interfaces fastEthernet 0/1
FastEthernet0/1 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:09, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31 packets input, 5886 bytes
Received 31 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
99 packets output, 22675 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
20 unknown protocol drops
20 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Router# sh interfaces fastEthernet 0/1.25
FastEthernet0/1.25 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
Internet address is 25.25.25.25/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 25.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Router# sh interfaces fastEthernet 0/1.51
FastEthernet0/1.51 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
Internet address is 51.51.51.51/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 51. ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Switch’s trunk interface:
switch# sh int f0/4 sw
Name: Fa0/4 Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: 25,51
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
And VLANs config:
switch# sh vlan bri
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/25 Fa0/26
25 VLAN0025 active
51 VLAN0051 active
200 VLAN0200 active Fa0/9
305 VLAN0305 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Not to mention that a router it is not a Layer-3 switch, and it will never be, so we have to account something really important. Bandwidth and performance in the router tagged interface has to divide to handle traffic for as many VLANs as we forward throughout it. That will for sure increase latency a lot.