University of Jordan

Faculty of Engineering & Technology

Computer Engineering Department
Advance Networks Laboratory 0907529
Exp.4 Inter-VLAN Routing

Objectives

1. Describe the three primary options for enabling inter-VLAN routing.

2. Configure traditional inter-VLAN routing.
3. Configure router-on-a-stick inter-VLAN routing.
4. Configure inter-VLAN routing using Layer 3 switching.
5. Troubleshoot common inter-VLAN connectivity issues.

1. Introducing inter-VLAN routing:

Now that you know how to configure VLANs on a network switch, the next step is to allow
devices connected to the various VLANs to communicate with each other. In a previous
experiment, you learned that each VLAN is a unique broadcast domain, so computers on separate
VLANs are, by default, not able to communicate. There is a way to permit these end stations to
communicate; it is called inter-VLAN routing. In this experiment, you will learn what inter-
VLAN routing is and some of the different ways to accomplish inter-VLAN routing on a
network.

Traditional inter-VLAN routing

Traditionally, LAN routing has used routers with multiple physical interfaces. Each interface
needed to be connected to a separate network and configured for a different subnet.
In a traditional network that uses multiple VLANs to segment the network traffic into logical
broadcast domains, routing is performed by connecting different physical router interfaces to
different physical switch ports. The switch ports connect to the router in access mode; in access
mode, different static VLANs are assigned to each port interface. Each switch interface would be
assigned to a different static VLAN. Each router interface can then accept traffic from the VLAN
associated with the switch interface that it is connected to, and traffic can be routed to the other
VLANs connected to the other interfaces.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 1 of 9

As you can see in the figure above:

1. PC1 on VLAN10 is communicating with PC3 on VLAN30 through router R1.

2. PC1 and PC3 are on different VLANs and have IP addresses on different subnets.
3. Router R1 has a separate interface configured for each of the VLANs.
4. PC1 sends unicast traffic destined for PC3 to switch S2 on VLAN10, where it is then
forwarded out the trunk interface to switch S1.
5. Switch S1 then forwards the unicast traffic to router R1 on interface F0/0.
6. The router routes the unicast traffic through to its interface F0/1, which is connected to
VLAN30.
7. The router forwards the unicast traffic to switch S1 on VLAN 30.
8. Switch S1 then forwards the unicast traffic to switch S2 through the trunk link, after which
switch S2 can then forward the unicast traffic to PC3 on VLAN30.

In this example, the router was configured with two separate physical interfaces to interact with
the different VLANs and perform the routing.

Router-on-a-stick inter-VLAN routing

Traditional inter-VLAN routing requires multiple physical interfaces on both the router and the
switch. However, not all inter-VLAN routing configurations require multiple physical interfaces.
Some router software permits configuring router interfaces as trunk links. This opens up new
possibilities for inter-VLAN routing.
"Router-on-a-stick" is a type of router configuration in which a single physical interface routes
traffic between multiple VLANs on a network. As you can see in the figure, the router is
connected to switch S1 using a single, physical network connection.
The router interface is configured to operate as a trunk link and is connected to a switch port
configured in trunk mode. The router performs the inter-VLAN routing by accepting VLAN
tagged traffic on the trunk interface coming from the adjacent switch and internally routing
between the VLANs using subinterfaces. The router then forwards the routed traffic-VLAN
tagged for the destination VLAN-out the same physical interface.
Subinterfaces are multiple virtual interfaces, associated with one physical interface. These
subinterfaces are configured in software on a router that is independently configured with an IP
address and VLAN assignment to operate on a specific VLAN. Subinterfaces are configured for
different subnets corresponding to their VLAN assignment to facilitate logical routing before the
data frames are VLAN tagged and sent back out the physical interface.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 2 of 9

As you can see in the figure above:

1. PC1 on VLAN10 is communicating with PC3 on VLAN30 through router R1 using a single,
physical router interface.
2. PC1 sends its unicast traffic to switch S2.
3. Switch S2 then tags the unicast traffic as originating on VLAN10 and forwards the unicast
traffic out its trunk link to switch S1.
4. Switch S1 forwards the tagged traffic out the other trunk interface on port F0/5 to the interface
on router R1.
5. Router R1 accepts the tagged unicast traffic on VLAN10 and routes it to VLAN30 using its
configured subinterfaces.
6. The unicast traffic is tagged with VLAN30 as it is sent out the router interface to switch S1.
7. Switch S1 forwards the tagged unicast traffic out the other trunk link to switch S2.
8. Switch S2 removes the VLAN tag of the unicast frame and forwards the frame out to PC3 on
port F0/6.

Switched based inter-VLAN routing

The router-on-a-stick implementation of inter-VLAN routing requires only one physical interface
on a router and one interface on a switch, simplifying the cabling of the router. However, in other
implementations of inter-VLAN routing, a dedicated router is not required.
Multilayer switches can perform Layer 2 and Layer 3 functions, replacing the need for dedicated
routers to perform basic routing on a network.

As you can see in the figure above:

1. PC1 on VLAN10 is communicating with PC3 on VLAN30 through switch S1 using VLAN
interfaces configured for each VLAN.
2. PC1 sends its unicast traffic to switch S2.
3. Switch S2 tags the unicast traffic as originating on VLAN10 as it forwards the unicast traffic
out its trunk link to switch S1.
4. Switch S1 removes the VLAN tag and forwards the unicast traffic to the VLAN10 interface.
5. Switch S1 routes the unicast traffic to its VLAN30 interface.
6. Switch S1 then retags the unicast traffic with VLAN30 and forwards it out the trunk link back
to switch S2.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 3 of 9

7. Switch S2 removes the VLAN tag of the unicast frame and forwards the frame out to PC3 on
port F0/6.

To enable a multilayer switch to perform routing functions, the multilayer switch must have IP
routing enabled.
Multilayer switching is more scalable than any other inter-VLAN routing implementation. This is
because routers have a limited number of available ports to connect to networks. Additionally, for
interfaces that are configured as a trunk line, limited amounts of traffic can be accommodated on
that line at one time.
With a multilayer switch, traffic is routed internal to the switch device, which means packets are
not filtered down a single trunk line to obtain new VLAN-tagging information. A multilayer
switch does not, however, completely replace the functionality of a router. Routers support a
significant number of additional features, such as the ability to implement greater security
controls. Rather, a multilayer switch can be thought of as a Layer 2 device that is upgraded to
have some routing capabilities.

2. Configuring Inter-VLAN Routing

In this section, you will learn how to configure a Cisco IOS router for inter-VLAN routing, as
well as review the commands needed to configure a switch to support inter-VLAN routing.

Configuring traditional inter-VLAN routing

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 4 of 9

Routing Table and verification:

Configuring router-on-a-stick inter-VLAN routing

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 5 of 9

Routing Table and verification:

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 6 of 9

Configure inter-VLAN routing using Layer 3 switching

 Enable routing on the switch with the ip routing command

Switch(config)#ip routing

 Configure VLANs
Switch(config)#vlan 10
Switch(config-vlan)#vlan 11

 Configure the VLAN interfaces with the IP address

Switch#configure terminal
Switch(config)#interface vlan 10
Switch(config-if)#ip address 192.168.10.1 255.255.255.0
Switch(config-if)#no shutdown

Repeat this process for all VLANs

 Configure the access interfaces with the associated VLAN
Switch(config)#interface fastEthernet 0/10
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit

Repeat this process for all switch ports

3. Inter-VLAN Configuration Issues

There are several common switch misconfigurations that can arise when configuring routing
between multiple VLANs.
When using the traditional routing model for inter-VLAN routing, ensure that the switch ports
that connect to the router interfaces are configured with the correct VLANs. If a switch port is not
configured for the correct VLAN, devices configured on that VLAN cannot connect to the router
interface; therefore, those devices are unable to send data to the other VLANs.

As shown in the Figure topology below, PC1 and router R1 interface G0/0 are configured to be
on the same logical subnet, as indicated by their IP address assignment. However, the switch port
F0/4 that connects to router R1 interface G0/0 has not been configured and remains in the default
VLAN. Because router R1 is on a different VLAN than PC1, they are unable to communicate. To
correct this problem, execute the switchport access vlan 10 interface configuration mode
command on switch port F0/4 on switch S1. When the switch port is configured for the correct
VLAN, PC1 can communicate with router R1 interface G0/0, which allows it to access the other
VLANs connected to router R1.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 7 of 9

The following Figure topology shows the router-on-a-stick routing model. However,
interface F0/5 on switch S1 is not configured as a trunk and is left in the default VLAN for the
port. As a result, the router is unable to route between VLANs because each of its configured
subinterfaces is unable to send or receive VLAN-tagged traffic.

To correct this problem, issue the switchport mode trunk interface configuration mode
command on switch port F0/5 on S1. This converts the interface to a trunk port, allowing a trunk
to be established between R1 and S1. When the trunk is successfully established, devices
connected to each of the VLANs are able to communicate with the subinterface assigned to their
VLAN, thus enabling inter-VLAN routing.

The Figure topology below shows the trunk link between S1 and S2 is down. Because there is no
redundant connection or path between the devices, all devices connected to S2 are unable to reach
router R1. As a result, all devices connected to S2 are unable to route to other VLANs through
R1. To reduce the risk of a failed inter-switch link disrupting inter-VLAN routing, redundant
links and alternate paths should be accounted for within the network design.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 8 of 9

With router-on-a-stick configurations, a common problem is assigning the wrong VLAN ID to
the subinterface as shown in the Figure below. Router R1 has been configured with the
wrong VLAN on subinterface G0/0.10, preventing devices configured on VLAN 10 from
communicating with subinterface G0/0.10. This subsequently prevents those devices
from being able to send data to other VLANs on the network. Using the show interface
and the show running-config commands can be useful in troubleshooting this issue.

To correct this problem, configure subinterface G0/0.10 to be on the correct VLAN using the
encapsulation dot1q 10 subinterface configuration mode command. When the subinterface has
been assigned to the correct VLAN, it is accessible by devices on that VLAN and the router can
perform inter-VLAN routing. With proper verification, router configuration problems are quickly
addressed, allowing inter-VLAN routing to function properly.

Procedure:

You can find the lab problem sheet and the packet tracer activities on the lab website.

Reference:

CCNA Routing and Switching - Cisco Networking Academy.

Prepared By: Eng.Alaa Arabiyat, Eng.Rawan Aljamal Page 9 of 9