Monday, 17 December 2018

All the methods of Inter-Vlan Routing configuration



When you want to establish communication between different VLANs you will need a device that can do routing. You could use an external router with separate physical gateways or sub-interface (router on stick) method but it’s also possible to use a multilayer switch. 
The router must have a physical or logical connection to each VLAN so that it can forward packets between VLANs.

Let’s see the first method router with separate physical gateways:-

Topology:
Goal:

  • configure the topology as per our diagram  and  the assign the IP addresses.
  • create VLAN 101 sales and VLAN 102 marketing and assign the interfaces to their VLAN as per the diagram



Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Router(config)#interface fastEthernet 0/1
Router(config-if)#ip address 192.168.20.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Router#show ip interface brief
Interface               IP-Address       OK? Method    Status    Protocol

FastEthernet0/0    192.168.10.1    YES manual     up        up
FastEthernet         192.168.20.1    YES manual     up        up

Switch(config)#vlan 101
Switch(config-vlan)#name sales
Switch(config-vlan)#exit

Switch(config)#vlan 102
Switch(config-vlan)#name marketing
Switch(config-vlan)#exit

Switch(config)#interface range fastEthernet 0/1-2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 101
Switch(config-if-range)#exit

Switch(config)#interface range fastEthernet 0/3-4
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 102

Switch(config-if-range)#exit



Switch(config)#interface fastEthernet 0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 101
Switch(config-if)#exit

Switch(config)#interface fastEthernet 0/6
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 102

Switch(config-if)#exit

FROM HOST 1

lets see from HOST 4
FROM HOST 4




A router on stick can be used to route between VLANs using either ISL or IEEE 801.1Q as the trunking protocol. its requires sub-interface for each respective VLAN.

NOTE: whatever is your VLAN number its should be exact on sub-interface.

Let see the configuration using sub-interface (router on stick)

Topology:-


Goal:


  • configure the topology as per the diagram and assign the IP addresses 
  • configure VLAN 101 and VLAN 102
  • assign the port to their respective VLANs
  • configure sub-interfaces on router fast Ethernet 0/0 assign IP address as per the topology
  • ensure the connectivity between VLAN 101 and VLAN 102, make sure HOST 1 (VLAN 101) IS able to ping HOST 4 (VLAN 102).

Switch(config)#vlan 101
Switch(config-vlan)#name sales
Switch(config-vlan)#exit

Switch(config)#vlan 102
Switch(config-vlan)#name marketing
Switch(config-vlan)#exit

Switch(config)#interface range fastEthernet 0/1-2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 101
Switch(config-if-range)#exit

Switch(config)#interface range fastEthernet 0/3-4
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 102

Switch(config-if-range)#exit



Switch(config)#interface fastEthernet 0/5
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport trunk allowed vlan 101,102

Switch(config-if)#exit

Router(config)#interface fastEthernet 0/0
Router(config-if)#no shutdown
Router(config-if)#exit

Router(config)#interface fastEthernet 0/0.101
Router(config-subif)#encapsulation dot1Q 101
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#exit

Router(config)#interface fastEthernet 0/0.102
Router(config-subif)#encapsulation dot1Q 102
Router(config-subif)#ip address 192.168.20.1 255.255.255.0

Router(config-subif)#exit

%LINK-5-CHANGED: Interface FastEthernet0/0.102, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.102, changed state to up

Router#show ip interface brief
Interface                         IP-Address          OK?      Method   Status          Protocol
FastEthernet0/0             unassigned          YES      manual      up                    up
FastEthernet0/0.101      192.168.10.1       YES      manual      up                    up

FastEthernet0/0.102      192.168.20.1       YES      manual      up                    up


from host 1


from host 4





let see the third method , inter-VLAN routing using multi-layer switch
switch virtual interface (SVI).
NOTE: to enable routing on multi-layer switch is command use IP ROUTING.

Topology:-
switch virtual interface (SVI)

Goal:


  • configure the topology as per the diagram and assign the IP address as per the topology
  • configure VLAN 111, VLAN 122 and assign the port into their VLANs respectively 
  • configure the IP address on multilayer switch 

Switch(config)#vlan 111
Switch(config-vlan)#name sales
Switch(config-vlan)#exit

Switch(config)#vlan 122
Switch(config-vlan)#name marketing
Switch(config-vlan)#exit



Switch(config)#interface range fastEthernet 0/1-2



Switch(config-if-range)#switchport access vlan 111
Switch(config-if-range)#exit

Switch(config)#interface range fastEthernet 0/3-4

Switch(config-if-range)#switchport mode access

Switch(config-if-range)#switchport access vlan 122
Switch(config-if-range)#exit

Switch(config)#ip routing

Switch(config)#interface vlan 111
Switch(config-if)#ip address 192.168.10.1 255.255.255.0
Switch(config-if)#no shutdown

%LINK-5-CHANGED: Interface Vlan111, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan111, changed state to up

Switch(config-if)#exit
Switch(config)#interface vlan 122
Switch(config-if)#ip address 192.168.20.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#end

%LINK-5-CHANGED: Interface Vlan122, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan122, changed state to up

Switch#show ip interface brief
Interface            IP-Address       OK?     Method  Status Protocol
Vlan111             192.168.10.1     YES    manual   up             up

Vlan122            192.168.20.1      YES   manual   up             up

let see the connectivity between both the VLANs.

from host 2



from host 4



 


 


Instagram

Facebook


Twitter



LINKEDIN








2 comments:

Unknown said...

Third method using switch virtual interface (SVI) ,followed all steps but unable to ping on inter vlan hosts. I missed the IP routing mentioned in the note. All 3 methods at one place is very good. Thankyou for sharing all 3 at 1 place.

Unknown said...

Greet

What is ASA firewall security zones? How to configure security zones?

  By default, Cisco routers permit and forward all the packets they receive if the route is matched in their routing table. In case we want ...