4 Replies Latest reply: Jan 4, 2012 8:53 AM by Keith Barker - CCIE RS/Security, CISSP RSS

    InterVlan Routing

    poison3000

      Hello Ladies and Gentlemen;

       

      Happy new year !!! wish you all the best guys ... I have a couple of questions regarding the InterVlan routing and hopefully I can get the dots connected with your help. so lets get into these questions!

       

       

      1. The router must have physical or logical connection to each VLAN so it can forward packets between them, this as it is quoted from " CCNP SWITCH 642-813 Official Certificate Guide" for David Huckby. the question here is about the case where I want to assign a physical interface per VLAN .. How can you get it done ? the sub-questions and notes I found about it is as follow:

       

      • a. When assigning one physical interface of a router to a vlan, you can’t get the Encapsulation command.
      • b. should I make the port of the switch as access since it’s going to be a dedicated for one vlan?

       

      • c. There is a command under the physical interface says: vlan-id  and the description says : Process VLAN-encapsulated packets with a specific VLAN ID. Any use of this in my case ?
      • d. Have you ever used this scenario in real life ? what are the disadvanatges other than " cabling complexity and more ports on router " ? and advantages if any ?

       

      2. Seconed question is about "Physical" ports:

      • can you please explain how a physical port would make InterVlan routing happen ? and contrasting it with SVI " logical" routing ?
      • should that physical port get connected to something ? to ge the interface up .. and enable intervlan routing ?

       

       

      I got more questions regarding other aspects, I will post about them once I can get over these thoughts ... So, thank you in advance and happy new year !!

        • 1. Re: InterVlan Routing
          Brian

          A router port is always a layer 3 port in that it has an IP address assigned to it, whether it be the main physical interface or subinterfaces as in the case of a router-on-a-stick (RoaS).  See below:

           

          interface FastEthernet0/0
          ip address 192.168.65.1 255.255.255.0
          duplex auto
          speed auto

           

          or


          interface FastEthernet0/0.10
          encapsulation dot1Q 10
          ip address 192.168.10.1 255.255.255.0
          !
          interface FastEthernet0/0.11
          encapsulation dot1Q 11
          ip address 192.168.11.1 255.255.255.0
          !
          interface FastEthernet0/0.12
          encapsulation dot1Q 12
          ip address 192.168.12.1 255.255.255.0

           

          You will find that you cannot assign an IP address to a subinterface until you change the encapsulation to either ISL or dot1q.  See below:


          GWR#conf t
          Enter configuration commands, one per line.  End with CNTL/Z.
          GWR(config)#int f0/0.13

           

          %LINK-5-CHANGED: Interface FastEthernet0/0.13, changed state to up

          %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.13, changed state to up

          GWR(config-subif)#ip add 192.168.13.1 255.255.255.0

           

          % Configuring IP routing on a LAN subinterface is only allowed if that
          subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
          or ISL vLAN.

           

          GWR(config-subif)#encapsulation dot1Q 13
          GWR(config-subif)#ip add 192.168.13.1 255.255.255.0
          GWR(config-subif)#

           

          As for the switch ports, yes they would be configured as Access ports where the PC or printer resides and Trunk for the port that connects to the router port configured as a RoaS (see below).

           

          interface FastEthernet0/1
          description <== TRUNK TO ROAS ==>
          switchport mode trunk
          !
          interface FastEthernet0/10
          description <== TO LAN SUBNET 192.168.10.0/24 ==>
          switchport access vlan 10
          switchport mode access
          !
          interface FastEthernet0/11
          description <== TO LAN SUBNET 192.168.11.0/24 ==>
          switchport access vlan 11
          switchport mode access
          !
          interface FastEthernet0/12
          description <== TO LAN SUBNET 192.168.12.0/24 ==>
          switchport access vlan 12
          switchport mode access
          !

           

          An SVI is logically the same as a physical port in that it is assigned an IP address and performs the layer 3 processing to route traffic.  You usually see these on Layer 3 switches and on Layer 2 switches for the management VLAN.

           

          Hope this helps.

           

          Brian

          • 2. Re: InterVlan Routing
            Keith Barker - CCIE RS/Security, CISSP

            Hello-

             

            These 3 videos on inter-VLAN routing address each of those questions.

             

            Cheers,

             

            Keith

             

             

             

             

             

             

            All of these are best viewed full screen, using YouTube's HD full screen option.

            • 3. Re: InterVlan Routing
              poison3000

              Hi Keith ;

               

              Great videos buddy ... apperently I had most of the information but as I was tired I couldnt connect the dots in a proper flow as your video did .. great stuff ..

               

              but regarding these two questions :

               

              • c. There is a command under the physical interface says: vlan-id  and the description says : Process VLAN-encapsulated packets with a specific VLAN ID. Any use of this in my case ? ( or any other case !!! )
              • d.  Have you ever used this scenario in real life ? what are the  disadvanatges other than " cabling complexity and more ports on router "  ? and advantages if any ?

               

              any comments on those ?

               

              other than that, I think I got good understanding of InterVlan routing .. hopefully

              • 4. Re: InterVlan Routing
                Keith Barker - CCIE RS/Security, CISSP

                poison3000 wrote:

                 

                Hi Keith ;

                 

                Great videos buddy ... apperently I had most of the information but as I was tired I couldnt connect the dots in a proper flow as your video did .. great stuff ..

                 

                but regarding these two questions :

                 

                • c. There is a command under the physical interface says: vlan-id  and the description says : Process VLAN-encapsulated packets with a specific VLAN ID. Any use of this in my case ? ( or any other case !!! )
                • d.  Have you ever used this scenario in real life ? what are the  disadvanatges other than " cabling complexity and more ports on router "  ? and advantages if any ?

                 

                any comments on those ?

                 

                other than that, I think I got good understanding of InterVlan routing .. hopefully

                 

                Hello poison3000-

                 

                Here is what the docs have to say: about the "vlan-id" command on the physical interface.

                 

                Usage Guidelines

                This command allows you to enable IEEE 802.1Q VLAN encapsulation for a specific VLAN on an Ethernet interface without associating the VLAN with a subinterface. Configuring 802.1Q VLANs on the main interface without using up subinterfaces increases the number of VLANs that can be configured on a router to 4000 VLANs per interface.

                You can configure a VLAN on a main interface and at the same time configure VLANs on subinterfaces of the same interface. However, you cannot configure a specific VLAN on the main interface and on a subinterface at the same time.

                 

                I have never used it there in a production environment. 

                 

                The benefits of sub-interfaces in the case of intervlan routing, is less physical switch and router interfaces are used ($), and there is less cabling involved.

                 

                Cheers,

                 

                Keith Barker