Inter-VLAN Routing Operation What is Inter-VLAN routing? Layer 2 switches cannot forward traffic between VLANs without the assistance of a router. Inter-VLAN routing is a process for forwarding network traffic from one VLAN to another, using a router.005 In the good old days when there. Were no layer three routers, or layer three.
VLANs are used to segment switched networks. Layer 2 switches, such as the Catalyst 2960 Series, can be configured by a network professional with over 4,000 VLANs. However, Layer 2 switches have very limited IPv4 and IPv6 functionality and cannot perform the routing function of routers. While Layer 2 switches are gaining more IP functionality, such as the ability to perform static routing, these switches do not support dynamic routing. With the large number of VLANs possible on these switches, static routing is insufficient.
A VLAN is a broadcast domain, so computers on separate VLANs are unable to communicate without the intervention of a routing device. Any device that supports Layer 3 routing, such as a router or a multilayer switch, can be used to perform the necessary routing functionality. Regardless of the device used, the process of forwarding network traffic from one VLAN to another VLAN using routing is known as inter-VLAN routing.
Legacy Inter-VLAN Routing
Historically, the first solution for inter-VLAN routing relied on routers with multiple physical interfaces. Each interface had to be connected to a separate network and configured with a distinct subnet.
In this legacy approach, inter-VLAN routing is performed by connecting different physical router interfaces to different physical switch ports. The switch ports connected to the router are placed in access mode and each physical interface is assigned to a different VLAN. Each router interface can then accept traffic from the VLAN associated with the switch interface that it is connected to, and traffic can be routed to the other VLANs connected to the other interfaces.
Click the Play button in the figure to view an animation of legacy inter-VLAN routing.
As seen in the animation:
1. PC1 on VLAN 10 is communicating with PC3 on VLAN 30 through router R1.
2. PC1 and PC3 are on different VLANs and have IP addresses on different subnets.
3. Router R1 has a separate interface configured for each of the VLANs.
4. PC1 sends unicast traffic destined for PC3 to switch S2 on VLAN 10, where it is then forwarded out the trunk interface to switch S1.
5. Switch S1 then forwards the unicast traffic through its interface F0/3 to interface G0/0 on router R1.
6. The router routes the unicast traffic through its interface G0/1, which is connected to VLAN 30.
7. The router forwards the unicast traffic to switch S1 on VLAN 30.
8. Switch S1 then forwards the unicast traffic to switch S2 through the active trunk link, after which switch S2 can then forward the unicast traffic to PC3 on VLAN 30.
In this example, the router was configured with two separate physical interfaces to interact with the different VLANs and perform the routing.
Note: This method of inter-VLAN routing is not efficient and is generally no longer implemented in switched networks. It is shown in this course for explanation purposes only.
Router-on-a-Stick Inter-VLAN Routing
![Configure legacy inter-vlan routing number Configure legacy inter-vlan routing number](http://blog.umy.ac.id/rizaprimadi/files/2014/11/tes5.png)
While legacy inter-VLAN routing requires multiple physical interfaces on both the router and the switch, a more common, present-day implementation of inter-VLAN routing does not. Instead, some router software permits configuring a router interface as a trunk link, meaning only one physical interface is required on the router and the switch to route packets between multiple VLANs.
‘Router-on-a-stick’ is a type of router configuration in which a single physical interface routes traffic between multiple VLANs on a network. As seen in the figure, the router is connected to switch S1 using a single, physical network connection (a trunk).
The router interface is configured to operate as a trunk link and is connected to a switch port that is configured in trunk mode. The router performs inter-VLAN routing by accepting VLAN-tagged traffic on the trunk interface coming from the adjacent switch, and then internally routing between the VLANs using subinterfaces. The router then forwards the routed traffic, VLAN-tagged for the destination VLAN, out the same physical interface as it used to receive the traffic.
Subinterfaces are software-based virtual interfaces, associated with a single physical interface. Subinterfaces are configured in software on a router and each subinterface is independently configured with an IP address and VLAN assignment. Subinterfaces are configured for different subnets corresponding to their VLAN assignment to facilitate logical routing. After a routing decision is made based on the destination VLAN, the data frames are VLAN-tagged and sent back out the physical interface.
Click the Play button in the figure to view an animation of how a router-on-a-stick performs its routing function.
As seen in the animation:
1. PC1 on VLAN 10 is communicating with PC3 on VLAN 30 through router R1 using a single, physical router interface.
2. PC1 sends its unicast traffic to switch S2.
3. Switch S2 then tags the unicast traffic as originating on VLAN 10 and forwards the unicast traffic out its trunk link to switch S1.
4. Switch S1 forwards the tagged traffic out the other trunk interface on port F0/3 to the interface on router R1.
5. Router R1 accepts the tagged unicast traffic on VLAN 10 and routes it to VLAN 30 using its configured subinterfaces.
6. The unicast traffic is tagged with VLAN 30 as it is sent out the router interface to switch S1.
7. Switch S1 forwards the tagged unicast traffic out the other trunk link to switch S2.
8. Switch S2 removes the VLAN tag of the unicast frame and forwards the frame out to PC3 on port F0/23.
Note: The router-on-a-stick method of inter-VLAN routing does not scale beyond 50 VLANs.
Multilayer Switch Inter-VLAN Routing
The router-on-a-stick implementation of inter-VLAN routing requires only one physical interface on a router and one interface on a switch, simplifying the cabling of the router. However, in other implementations of inter-VLAN routing, a dedicated router is not required.
Multilayer switches can perform Layer 2 and Layer 3 functions, replacing the need for dedicated routers to perform basic routing on a network. Multilayer switches support dynamic routing and inter-VLAN routing.
Click the Play button in the figure to see an animation of how switch-based inter-VLAN routing occurs.
As seen in the animation:
1. PC1 on VLAN 10 is communicating with PC3 on VLAN 30 through switch S1 using VLAN interfaces configured for each VLAN.
2. PC1 sends its unicast traffic to switch S2.
3. Switch S2 tags the unicast traffic as originating on VLAN 10 as it forwards the unicast traffic out its trunk link to switch S1.
4. Switch S1 removes the VLAN tag and forwards the unicast traffic to the VLAN 10 interface.
5. Switch S1 routes the unicast traffic to its VLAN 30 interface.
6. Switch S1 then retags the unicast traffic with VLAN 30 and forwards it out the trunk link back to switch S2.
7. Switch S2 removes the VLAN tag of the unicast frame and forwards the frame out to PC3 on port F0/23.
To enable a multilayer switch to perform routing functions, the multilayer switch must have IP routing enabled.
Multilayer switching is more scalable than any other inter-VLAN routing implementation. This is because routers have a limited number of available ports to connect to networks. Additionally, for interfaces that are configured as a trunk line, limited amounts of traffic can be accommodated on that line at one time.
With a multilayer switch, traffic is routed internal to the switch device, which means packets are not filtered down a single trunk line to obtain new VLAN-tagging information. A multilayer switch does not, however, completely replace the functionality of a router. Routers support a significant number of additional features, such as the ability to implement greater security controls. Rather, a multilayer switch can be thought of as a Layer 2 device that is upgraded to have some routing capabilities.
Note: In this course, configuring inter-VLAN routing on a switch is restricted to configuring static routes on a 2960 switch, which is the only routing functionality supported on the 2960 switches. The 2960 switch supports up to 16 static routes (including user-configured routes and the default route) and any directly connected routes and default routes for the management interface; the 2960 switch can have an IP address assigned to each switch virtual interface (SVI). To enable the routing functionality on the 2960 switch, the sdm prefer lanbase-routing global configuration command must be entered and the router must be reloaded. For a full-featured, relatively inexpensive multilayer switch, the Cisco Catalyst 3560 Series switches support the EIGRP, OSPF, and BGP routing protocols.
A step by step guide to configure Inter-VLAN Routing on the Cisco router or layer 3 switches. Basically, on a VLAN, no host can communicate with hosts within other VLANs. It means only hosts that are members of the same VLAN can communicate with each other. So if you want your VLANs hosts can communicate with each other, you must configure inter-VLAN routing using a router or a layer 3 switch. Here we completely demonstrate the Inter-VLAN configuration using a Cisco router and a layer 3 switch.
The router you are using for Inter-VLAN routing must be compatible and support Inter-Switch Link (ISL) which is a Cisco Systems proprietary protocol, and IEEE 802.1q frame format for routing on the Fast Ethernet interfaces. In Inter-VLAN the physical Fast Ethernet interface of the router is divided into sub-Interfaces for each VLAN. You can set IP address for each sub-Interface in order to route between VLANs.
How to Create VLAN on Cisco Switches?
Let’s configure it on the below Inter-VLAN routing Lab. Download the Packet Tracer Inter-VLAN routing Lab for CCNA or create your own Lab.
1. First of all, create two VLAN in the switch and named VLAN A and VLAN B with the following command.
2. OK, the VLANs A and B are created successfully. Now check them with “show vlan” command.
3. You see the result in the screenshot, the VLANs are ready for assigning switch ports to them.
Assigning Switch Ports for VLANs
In this section, the switch ports are divide and assign to VLANs. Before configuring Inter-VLAN routing, a host in a VLAN can only communicate within its own VLAN and not reach to other VLANs. So let’s configure it.
1. Try to assign switch ports for each VLANs with the following commands.
2. Now the port FastEthernet 0/2 and FastEthernet 0/5 are members of VLAN 2 which named VLAN-A. Go to set the PC3 and PC2 to VLAN-B.
3. Let’s assign a range of ports to a VLAN using “interface range” command.
Note: The interface range command can assign a range of interfaces to a VLAN. Read more about basic VLAN configuration on “Configure VLAN on Cisco Switches Using Cisco Packet Tracer” post.
4. Now we have just done the basic VLAN configuration like creating VLAN and assigning switch ports to VLANs. Let’s enable Trunking mode on the switch port to the router and then configure Inter-VLAN routing on the router.
Configure Trunking Ports on Switch
With the command “switch port mode trunk” you can configure trunking on the FastEthernet 0/1 port of the SW1. The VLAN Trunking Protocol (VTP) let the VLANs transmit theirs traffics over a physical line simultaneously. Read more about VTPon Wikipedia website.
1. Just navigate to FastEthernet 0/1 interface and type “switchport mode trunk“the press enter to enable trunking on Fa0/1 interface line.
2. Now the VLANs can transmit traffic over the FastEthernet 0/1 without any problems.
Note: Try to enable trunking mode only to interface between to switch or router devices. It’s not necessary to enable it on the interface of the switch to PC.
Configure Inter-VLAN Routing on Cisco Router
Finally, the lab is ready to configure Inter-VLAN routing. If you test the PCs, they can ping with each other within a VLAN but not with other VLANs. So in order to communicate they need routing. Not network routing protocols such as Static routing or dynamic routing like RIP, and OSPF. Just need Inter-VLAN Routing which you simply configure according to below step by step Inter-VLAN routing guide.
1. Try to assign an IP address to the router and enable the interface you want to configure inter-VLAN routing.
2. Good, the IP 192.168.10.1 with the subnet mask of 255.255.255.248 is assigned for physical FastEthernet 0/0 interface.
Note: We need to have subinterface for each VLANs on the router. The subinterface is a virtual interface card that inter-VLAN doing routing using them.
3. Now try to create a subinterface for each VLAN with interface command and assign IP address from the different network for each VLAN. In this case, I have subnetted the 192.168.10.0/24 IP address to 3 networks.
4. See the result with “do show ip interface brief” from sub-interface area.
The virtual sub-interface FastEthernet0/0.2 has created and it has the 192.168.10.9 IP address. This sub-interface act as a default gateway for VLAN-A with an address of 192.168.10.8/29.
5. Do the same to create a sub-interface for VLAN-B also.
6. Everything is fine, but you see the error with red colour! It is because we forgot to set the encapsulation dot1Q command. Before assigning an IP address to a sub-interface, you should set IEEE 802.1q with encapsulation command.
Finally, all VLANs hosts can communicate with each other. That’s all you need to configure Inter-VLAN routing on your corporate network. Download the complete Lab of Inter-VLAN routing Cisco Packet Tracer Lab. Follow the below steps if you want to configure inter-VLAN on Layer 3 Switches or troubleshooting inter-VLAN on routers and switches.
Configure Inter-VLAN Using Layer 3 Switches
Work the same, just need a Cisco Layer 3 switch. To configure Inter-VLAN on a Layer 3 switch, you must assign an IP address to VLANs instead of sub-interfaces. Assigning an IP address to VLAN is easy, only read the “Assigning IP address to VLAN” section at the end of this articles.
To configure Inter-VLAN routing using layer 3 switches, you don’t need router anymore. All configuration has done within the layer 3 switch.
Troubleshooting and Assigning IP address to VLANs
As this post is related to configure Inter-VLAN routing, so we must do some more about VLAN configuration such as assigning IP address to VLANs, controlling VLANs remotely with Telnet, and some essential troubleshooting commands.
How to Assign an IP address to VLANs?
In order to assign an IP address to a VLAN, simply go to VLAN and set the IP address like assigning IP address to an interface of a router.
Check it with “do show ip interface brief” command, whether the default VLAN 1 has gotten the IP address of 192.168.10.4/29 or not.
Yes, that’s fine. This can help you remotely configure VLANs through the internet or network.
Troubleshooting Inter-VLAN Routing
To see the VLANs on a switch, type the “show vlan” command. This command will list all created VLANs within a switch.
The “show interface trunk” command shows encapsulation and trunking status.
The “show interfaces fastEthernet 0/1 switchport” display the status of a specific switch port. See the result on the screenshot.
OK, I think it’s enough for Configuring Inter-VLAN routing. I hope you find this configure Inter-VLAN routing article’s helpful and if you have any problem or question regarding this article, ask us through the comment section.