Table of Contents Link to heading

• Inter-VLAN Routing
• Legacy Method
• Router-on-a-Stick Method
  • Configuration
  • Verification
• Switch Virtual Interface (SVI) Method
  • Configuration
• Layer 3 Switches
• Routed Interface
  • Configuration
• Common Inter-VLAN Routing Issues

Inter-VLAN Routing Link to heading

VLANs are used to segment switched Layer 2 networks for a variety of reasons. Regardless of the reason, hosts in one VLAN cannot communicate with hosts in another VLAN unless there is a router or a multilayer switch (MLS - switch with Layer-3/Routing capabilities) to provide routing services.

There are three Inter-VLAN routing options:

1. Legacy - (no longer implemented), uses multiple physical interfaces on a router, one for each VLAN.
   • It does not scale well.
2. Router-on-a-Stick - (implemented by routers), creates multiple subinterfaces of one singular network interface.
   • This is an acceptable solution for a small- to medium-sized network.
3. Switch Virtual Interface (SVI) - (implemented by L3 switches), makes use of L3 capabilities on multilayer switches to route between VLANs.
   • This is the most scalable solution for medium to large organizations.

Legacy Method Link to heading

• The router interfaces served as the default gateways to the local hosts on the VLAN subnet.
• Routers have a limited number of physical ports and wasting them like this is not appropriate.

Router-on-a-Stick Method Link to heading

• The switch connecting to the router must have its link configured as trunk.
• The router’s interface is configured with subinterfaces, each of which links to a specific VLAN. The encapsulation method (dot1q) must be specified on the subinterface.
  • Each VLAN requires a subinterface.
  • Each subinterface is a virtual interface on the router, defined in software.
  • Each subinterface is given its own IP Address on the network it is representing, with the subinterface being tagged to be for a specific VLAN.
  • The IP address acts as the default gateway for the VLAN.
• Router-on-a-Stick does not scale beyond 50 VLANs.

1. When VLAN-tagged traffic enters the router’s interface, it is forwarded to the VLAN subinterface.
2. After this, the routing process occurs and determines where to send it to get to the destination.
3. If the exit interface is another 802.1Q subinterface, it is tagged with the new VLAN and sent back out the physical interface.

Configuration Link to heading

1. Turn the switch port connected to the router into a trunk port.
2. Bring the interface connected to the switch online using the no shutdown command on the interface.
3. Go into the subinterface for the VLAN using the interface interface_#.subinterface_# command.
   • The subinterface number is recommended to be the same as the VLAN ID.
   • E.g. if the interface is G0/0/0 and the VLAN ID is 10, it will be interface g0/0/0.10.
4. Encapsulate the subinterface with the appropriate VLAN tag using the encapsulation dot1q vlan_# command.
5. Configure IP address and subnet mask that serve as the default gateway for the identified VLAN using the ip address IP_# subnet_mask command.

Verification Link to heading

• Pinging the VLANs default gateway from a device in the VLAN is always a good start. Afterwards, pinging devices in another VLAN.
• The following commands can also be used to identify whether it has been correctly configured:
  • show ip route
  • show ip interface brief
  • show interfaces
  • show interfaces trunk

Switch Virtual Interface (SVI) Method Link to heading

SVIs are generally configured for a VLAN for the following reasons:

• Allow traffic to be routed between VLANs by providing a default gateway for the VLAN.
• Provide fallback bridging (if required for non-routable protocols).
• Provide L3 IP connectivity to the switch.
• Support bridging configuration and routing protocol.
• Access Layer - ‘Routed Access’ Configuration (in lieu of Spanning Tree).

Advantages of SVIs include:

• Much faster than Router-on-a-Stick, because everything is hardware-switched and routed.
• No need for external links from the switch to the router for routing.
• Not limited to one link. L2 EtherChannels can be used between the switches to get more bandwidth.
• Latency is much lower because it does not need to leave the switch.

Configuration Link to heading

1. Configure the specific VLANs required as normal using the vlan vlan_# command.
2. Configure either a trunk port (routing to a L3 switch) or an access port (routing to a L2 switch) for the VLAN that requires an SVI.
   • If choosing an access port, the router will form an adjacency only over the VLAN defined in that access port.
   • If choosing a trunk port, you can use dot1q encapsulation on subinterfaces to form adjacencies over multiple VLANs.
3. Enter the SVI configuration mode using the interface vlan vlan_# command.
   • This command automatically brings the given vlan interface online.
4. Provide the SVI with an IP address from the VLAN IP range that serves as the default gateway for the devices on that VLAN.
5. Set up the multilayer switch to be a L3 device (performning L2 IP routing instead of L2 LAN switching) to enable inter-VAN routing using the global configuration command ip routing.
   • Without this configuration, the multilayer switch will not be able to route traffic, even if the SVI has been configured correctly.

Layer 3 Switches Link to heading

• L3 switches use hardware-based switching to achieve a higher packet processing rate than a router.
• L2-only switches can also make use of SVIs, which is typically used in a management VLAN.
• Unlike L2 switches, L3 switches understand the network PDU and can route appropriately.
• L3 switches are not enabled to perform routing by default. Therefore, routing must be enabled using the ip routing global configuration command.
• There are two different L3 interfaces on L3 switches: SVI, which is used for Inter-VLAN routing, and Routed Interface.

Routed Interface Link to heading

• Each link between a L3 device is considered its own network and thus has its own IP address and can participate in dynamic routing protocols.
  • A /30 subnet provides only two usable IP addresses and perfect use of such point-to-point connections.
• Routed interfaces therefore neither run STP nor support subinterfaces.
• An enabled switchport refers to a L2 interface is changed to a L3 interface.
• By changing a L2 interface to a L3 interface, all configuration specific to L2 on this interface is deleted.
• If routing between VLANS, this interface also needs to be configured as trunk.

Configuration Link to heading

Common Inter-VLAN Routing Issues Link to heading

There are several common reasons for Inter VLAN routing issues. Ensure to check the physical layer first, for example, if cables have been connected to the correct port.