Inter-VLAN routing (Interface, Subinterface) - routing between VLANs
The inter-VLAN routing is needed once you have a vlan network infrastructure implemented because users need to exchange information from one network to another.
It is important to remember that each VLAN is a single broadcast domain. Therefore, by default, computers in separate VLANs can not communicate.
There is a way to enable end stations to communicate with them, this way is called inter-VLAN routing.
Inter-VLAN routing is a process that allows you to forward network traffic from one VLAN to another using a router. VLANs are associated with unique IP subnets in the network. This subnet configuration facilitates the process of routing in a multi-VLAN.
Traditionally, the routing of the LAN using routers with multiple physical interfaces. You need to connect each to a separate network interface and configure it to a different subnet.
In a traditional network that uses multiple VLANs to segment network traffic into logical broadcast domains, routing is done by connecting different physical interfaces on the router to different physical ports on the switch. The switch ports are connected to the router in access mode, in this way, various static VLANs are assigned to each interface port. Each switch interface would be assigned to a different static VLAN. Each router interface can then accept traffic from the VLAN associated with the switch interface that is connected and traffic can be routed to other VLANs connected to other interfaces.
The traditional inter-VLAN routing requires multiple physical interfaces on the router and the switch. However, not all inter-VLAN routing configurations require multiple physical interfaces.
Some router software allows to configure the router interfaces as trunks. This opens new possibilities for routing between VLANs. "router-on-a-stick" is a type of router configuration in which a single physical interface routes traffic between multiple VLANs on a network.
The router interface is configured to function as trunk and is connected to a switch port configured in trunking mode. The router performs routing between VLANs to accept traffic from VLAN tagging on the interface from the adjacent switch trunk and internally route between VLANs, using subinterfaces. The router then forwards the VLAN routing traffic for VLAN tagged target by the same physical interface.
The subinterfaces are multiple virtual interfaces associated with a physical interface. These interfaces are configured in software on a router configured independently with an IP address and VLAN assignment to work on a specific VLAN. The subinterfaces are configured for different subnets that correspond to the VLAN assignment, to facilitate routing logic before the VLAN tag data frames and forward for the physical interface. Learn more about interfaces and subinterfaces to the next topic.
Some switches can perform Layer 3 functions, which replaces the need for dedicated routers for basic routing in a network. Multilayer switches can perform routing between VLANs.
To enable a multi-layer switch for routing functions, you must configure the VLAN on the switch interfaces with corresponding IP addresses that match the subnet to which the VLAN is associated to the network. Multilayer switch must also have IP routing enabled.
The syntax for the subinterface is always the physical interface, in this case f0 / 0, followed by a dot and a number of subinterface. The subinterface number is configurable, but is usually associated to reflect the number of VLANs.
Before assigning an IP address to a subinterface, the subinterface must be configured to operate in a specific VLAN using the command "encapsulation dot1q VLAN ID". In the example, the subinterface is assigned to Fa0/0.10 VLAN10. Once assigned to the VLAN, the command "ip address 172.16.10.1 255.255.255.0" assign the proper IP for the VLAN subinterface.
Router#configure terminal
Router(config)# interface f0/0.10
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# ip address 172.16.10.1 255.255.255.0
Router(config-subif)# no shutdown
Unlike a typical physical interface, subinterfaces are not enabled with the command "no shutdown" in the level so the subinterface configuration of Cisco IOS software. However, when the physical interface is enabled with the command "no shutdown", all configured subinterfaces are enabled. Similarly, if the physical interface is disabled, all subinterfaces are disabled.
One advantage of using a trunk is that it reduces the number of switch ports and router. Not only does this save money but also reduces the complexity of the configuration. As a result, the focus of the subinterface on the router can be extended to a much higher number of VLANs that a configuration with a physical interface VLAN design.
Subinterfaces allow you to extend the router to accommodate more VLAN than allowed by the physical interfaces. The Inter-VLAN routing in large environments with many VLANs can be accommodated better if you use a single physical interface with many subinterfaces.
When using subinterfaces for inter-VLAN routing, traffic is being routed competing for bandwidth on the single physical interface. In a busy network, this can cause a bottleneck in communication.
The use of subinterfaces for inter-VLAN routing, results in a less complex physical configuration using separate physical interfaces, because the number of physical network cables that connect the router to the switch is lower. With fewer cables, less confusion about where the cable is connected to the switch. Because VLANs are interconnected by trunks on a single link, it is easier to solve the problem of physical connections.
On the other hand, the use of subinterfaces to a trunk port, results in a more complex configuration software, which can be difficult to troubleshoot if problems arise. In the model router-on-a-stick is used only accommodate a single interface for all VLANs.
If a routed VLAN have problems with other VLANs, you can not simply trace the cable to see if it is plugged into the correct port. It is necessary to verify the switch port is configured to be a trunk and the VLAN is not being filtered in any of the trunk before you reach the router interface. It is also necessary to check if the router subinterface is configured to use the ID of the VLAN and IP address is correct.
It is important to remember that each VLAN is a single broadcast domain. Therefore, by default, computers in separate VLANs can not communicate.
There is a way to enable end stations to communicate with them, this way is called inter-VLAN routing.
Inter-VLAN routing is a process that allows you to forward network traffic from one VLAN to another using a router. VLANs are associated with unique IP subnets in the network. This subnet configuration facilitates the process of routing in a multi-VLAN.
Traditionally, the routing of the LAN using routers with multiple physical interfaces. You need to connect each to a separate network interface and configure it to a different subnet.
In a traditional network that uses multiple VLANs to segment network traffic into logical broadcast domains, routing is done by connecting different physical interfaces on the router to different physical ports on the switch. The switch ports are connected to the router in access mode, in this way, various static VLANs are assigned to each interface port. Each switch interface would be assigned to a different static VLAN. Each router interface can then accept traffic from the VLAN associated with the switch interface that is connected and traffic can be routed to other VLANs connected to other interfaces.
The traditional inter-VLAN routing requires multiple physical interfaces on the router and the switch. However, not all inter-VLAN routing configurations require multiple physical interfaces.
Some router software allows to configure the router interfaces as trunks. This opens new possibilities for routing between VLANs. "router-on-a-stick" is a type of router configuration in which a single physical interface routes traffic between multiple VLANs on a network.
Inter-VLAN routing, subinterfaces (Router on a Stick)
The router interface is configured to function as trunk and is connected to a switch port configured in trunking mode. The router performs routing between VLANs to accept traffic from VLAN tagging on the interface from the adjacent switch trunk and internally route between VLANs, using subinterfaces. The router then forwards the VLAN routing traffic for VLAN tagged target by the same physical interface.
The subinterfaces are multiple virtual interfaces associated with a physical interface. These interfaces are configured in software on a router configured independently with an IP address and VLAN assignment to work on a specific VLAN. The subinterfaces are configured for different subnets that correspond to the VLAN assignment, to facilitate routing logic before the VLAN tag data frames and forward for the physical interface. Learn more about interfaces and subinterfaces to the next topic.
Some switches can perform Layer 3 functions, which replaces the need for dedicated routers for basic routing in a network. Multilayer switches can perform routing between VLANs.
To enable a multi-layer switch for routing functions, you must configure the VLAN on the switch interfaces with corresponding IP addresses that match the subnet to which the VLAN is associated to the network. Multilayer switch must also have IP routing enabled.
Interfaces and subinterfaces
Traditional routing requires routers that have multiple physical interfaces to facilitate inter vlan routing. The router performs routing by connecting each of its physical interfaces to a single VLAN. In addition, each interface is configured with an IP address for the subnet associated with the VLAN connected to it. When you configure IP addresses on physical interfaces, network devices connected to each VLAN can communicate with the router using the physical interface connected to the same VLAN. In this configuration, network devices can use the router as a gateway to access devices in other VLANs.Configure the subinterface
The configuration of the router subinterfaces is similar to the configuration of physical interfaces, except that it is necessary to create the subinterface and assign a VLAN.The syntax for the subinterface is always the physical interface, in this case f0 / 0, followed by a dot and a number of subinterface. The subinterface number is configurable, but is usually associated to reflect the number of VLANs.
Before assigning an IP address to a subinterface, the subinterface must be configured to operate in a specific VLAN using the command "encapsulation dot1q VLAN ID". In the example, the subinterface is assigned to Fa0/0.10 VLAN10. Once assigned to the VLAN, the command "ip address 172.16.10.1 255.255.255.0" assign the proper IP for the VLAN subinterface.
Router#configure terminal
Router(config)# interface f0/0.10
Router(config-subif)# encapsulation dot1q 10
Router(config-subif)# ip address 172.16.10.1 255.255.255.0
Router(config-subif)# no shutdown
Unlike a typical physical interface, subinterfaces are not enabled with the command "no shutdown" in the level so the subinterface configuration of Cisco IOS software. However, when the physical interface is enabled with the command "no shutdown", all configured subinterfaces are enabled. Similarly, if the physical interface is disabled, all subinterfaces are disabled.
One advantage of using a trunk is that it reduces the number of switch ports and router. Not only does this save money but also reduces the complexity of the configuration. As a result, the focus of the subinterface on the router can be extended to a much higher number of VLANs that a configuration with a physical interface VLAN design.
Port Limits
The physical interfaces are configured for a VLAN interface on the network. In networks with many VLANs can not use a single router for inter VLAN routing on. The routers are physically limited to avoid containing a large number of physical interfaces.Subinterfaces allow you to extend the router to accommodate more VLAN than allowed by the physical interfaces. The Inter-VLAN routing in large environments with many VLANs can be accommodated better if you use a single physical interface with many subinterfaces.
Performance
Because there is no contention for bandwidth on separate physical interfaces, physical interfaces have better performance when compared with the use of subinterfaces. The traffic for each VLAN connected have access to the full bandwidth of the physical interface of the router connected to that VLAN.When using subinterfaces for inter-VLAN routing, traffic is being routed competing for bandwidth on the single physical interface. In a busy network, this can cause a bottleneck in communication.
Access ports and trunk ports
The connection of the physical interfaces for inter-VLAN routing requires the switch ports are configured as access ports. The subinterfaces require the switch port is configured as a trunk port so that it can accept traffic tagged in the VLAN trunk. By using subinterfaces, many VLANs can be routed on a single trunk, instead of using a single physical interface for each VLAN.The use of subinterfaces for inter-VLAN routing, results in a less complex physical configuration using separate physical interfaces, because the number of physical network cables that connect the router to the switch is lower. With fewer cables, less confusion about where the cable is connected to the switch. Because VLANs are interconnected by trunks on a single link, it is easier to solve the problem of physical connections.
On the other hand, the use of subinterfaces to a trunk port, results in a more complex configuration software, which can be difficult to troubleshoot if problems arise. In the model router-on-a-stick is used only accommodate a single interface for all VLANs.
If a routed VLAN have problems with other VLANs, you can not simply trace the cable to see if it is plugged into the correct port. It is necessary to verify the switch port is configured to be a trunk and the VLAN is not being filtered in any of the trunk before you reach the router interface. It is also necessary to check if the router subinterface is configured to use the ID of the VLAN and IP address is correct.
0 Comments:
Post a Comment