Enrutamiento InterVLAN
En esta entrada veremos cómo configurar enrutamiento interVLAN si no disponemos de un switch de capa 3. Tener un switch con múltiples VLAN configuradas, junto a un router que se encargue de enrutar los paquetes entre ellas. Como sabemos, las VLAN dividen los dominios de difusión, de forma que los dispositivos conectados a diferentes VLAN no tienen la oportunidad de comunicarse entre sí, a menos que un tercer dispositivo con capacidad de enrutamiento se configure entre ellas.
También conocido como Router on a Stick
Utilizaremos na topología rápida y sencilla, puesto que no es necesario mucho más para entenderlo. Un switch conectado a un router.
Éstos dispositivos tienen que poder comunicarse en el mismo lenguaje, de forma que nuestro switch de capa 2 necesitará entender 802.1Q y/o ISL, junto con el router.
A continuación los recortes de configuración pertinentes:
El switch:
switch#sh run
Building configuration...
[...]
vlan 25,51,200,305
[...]
interface FastEthernet0/4
description Connected to R4 F0/1
switchport trunk allowed vlan 25,51
switchport mode trunk
[...]
El router:
Router#sh run
Building configuration...
[...]
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.25
encapsulation dot1Q 25
ip address 25.25.25.25 255.255.255.0
!
interface FastEthernet0/1.51
encapsulation dot1Q 51
ip address 51.51.51.51 255.255.255.0
[...]
Como vemos, todo lo que necesitamos es un enlace trunk para mover el tráfico de todas las VLAN entre los dos dispositivos. EL router se encargará de enrutar (su trabajo) paquetes
Aquí su tabla de enrutamiento:
Router# sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
51.0.0.0/24 is subnetted, 1 subnets C
51.51.51.0 is directly connected, FastEthernet0/1.51
25.0.0.0/24 is subnetted, 1 subnets C
25.25.25.0 is directly connected, FastEthernet0/1.25
La interfaz trunk del router:
Router# sh interfaces fastEthernet 0/1
FastEthernet0/1 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:09, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31 packets input, 5886 bytes
Received 31 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
99 packets output, 22675 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
20 unknown protocol drops
20 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Router# sh interfaces fastEthernet 0/1.25
FastEthernet0/1.25 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
Internet address is 25.25.25.25/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 25.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Router# sh interfaces fastEthernet 0/1.51
FastEthernet0/1.51 is up, line protocol is up
Hardware is AmdFE, address is 000d.65dc.1f01 (bia 000d.65dc.1f01)
Internet address is 51.51.51.51/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 51. ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
La interfaz trunk del switch:
switch# sh int f0/4 sw
Name: Fa0/4 Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: 25,51
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
Y la configuración de VLANs:
switch# sh vlan bri
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/25 Fa0/26
25 VLAN0025 active
51 VLAN0051 active
200 VLAN0200 active Fa0/9
305 VLAN0305 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Puede que haga falta mencionar que un router no es un switch de capa 33, y nunca lo va a ser, con lo que debemos tener algo en cuenta. EL rendimiento y ancho de banda en la interfaz tagueada del router ha de dividirse y manejar el tráfico para tantas VLANs como lancemos a su través. Se va a incrementar la latencia, mucho.