1. Traditional method – use multiple switchports and router interfaces to route between VLANs.
After both IP addresses are assigned to each of the physical interfaces, the router is capable of performing routing.
2. Widely used method – use one router interface and one switchport, create a trunk line that runs to the router and then use logical subinterfaces to act as separate router interfaces. This method is called “router on a stick.”
Subinterfaces are software-based virtual interfaces that are assigned to physical interfaces. Each subinterface is configured with its own IP address, subnet mask, and unique VLAN assignment, allowing a single physical interface to simultaneously be part of multiple logical networks. This is useful when performing inter-VLAN routing on networks with multiple VLANs and few router physical interfaces.
3. Some switches can perform Layer 3 functions, replacing the need for dedicated routers to perform basic routing on a network. Multilayer switches are capable of performing inter-VLAN routing.
Configuration
1. Gain access to sub-interface
a. int fa0/0.10
- note fa0/0 represents your physical interface
- .10 represents the VLAN number, you can use any number but it is standard to choose the VLAN number for clarity.
2. Configure trunk encapsulation
a. encapsulation dot1q vlan 10
- the specific vlan on this sub-interface must be configured
3. Configure IP address and subnet
a. ip address 192.168.1.1 255.255.255.0
4. Repeat for all VLANs
5. Turn sub-interfaces on
a. int fa0/0
b. no shut
- Notice the no shut command is issued at the physical interface and not the sub-interface.
Pro’s and Con’s to Traditional Method
Pro’s
- Full bandwidth for one VLAN
Con’s
- Higher cost, more physical interfaces
- More expensive routers to support many interfaces
- Wasting switchports
- Added complexity
Note: When configuring trunk line on switchport you must use switchport mode trunk, routers do not support DTP.
Troubleshooting
1) Router/Switch configuration issues
One of the most common inter-VLAN router configuration errors is to connect the physical router interface to the wrong switch port, placing it on the incorrect VLAN and preventing it from reaching the other VLANs
On switch : Incorrect VLAN Assignment (check with show interface <interface-id> switchport)
SW-4500#sh int GigabitEthernet6/8 switchport
Name: Gi6/8
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
...
Operational private-vlan: none
Trunking VLANs Enabled: 97,168
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none
2) IP Addressing issues
Each interface, or subinterface, needs to be assigned an IP address that corresponds to the subnet for which it is connected. This permits devices on the VLAN to communicate with the router interface and enable the routing of traffic to other VLANs connected to the router.
Samples:
1) There is a native VLAN mismatch on the trunk link.
2) The wrong IP address is configured on a particular subinterface on interface F0/0 on router R1.
3) Trunking is not enabled on interface F0/5 of switch S1.
4) The TCP/IP settings on PC1 or PC3 are wrong.
5) Interface F0/11 or F0/6 is assigned to the wrong VLAN on switch S1.
6) The encapsulation command is missing on one of the subinterfaces of F0/0 on router R1.
7) Interface VLAN 1 is not configured as a subinterface on interface F0/0 of router R1.
| The IP address of each subinterface must be the default gateway address for each VLAN subnet |
No comments :
Post a Comment