Lecture_Network Design, InterVlan Routing and Trunking_.pptx
- 1. VLAN Trunking & Inter-VLAN Routing Using Routers Lecturer: Dr Muhammad Ali Kazmi
- 3. VLANs can segment LAN devices without regard for the physical location of the user or device. In the figure, IT users on the first, second, and third floors are all on the same LAN segment. The same is true for HR and Sales users. A VLAN is a logical partition of a Layer 2 network. Multiple partitions can be created and multiple VLANs can co-exist. The partitioning of the Layer 2 network takes place inside a Layer 2 device, usually via a switch. Each VLAN is a broadcast domain that can span multiple physical LAN segments. Hosts on the same VLAN are unaware of the VLAN’s existence. Overview of VLANs VLAN Definitions VLANs are mutually isolated and packets can only pass between VLANs via a router.
- 4. Overview of VLANs Benefits of VLANs
- 5. Common types of VLANs: Default VLAN – Also known as VLAN 1. All switch ports are members of VLAN 1 by default. Data VLAN – Data VLANs are commonly created for specific groups of users or devices. They carry user generated traffic. Native VLAN – This is the VLAN that carries all untagged traffic. This is traffic that does not originate from a VLAN port . The native VLAN is VLAN 1 by default. Management VLAN – This is a VLAN that is created to carry network management traffic including SSH, SNMP, Syslog, and more. VLAN 1 is the default VLAN used for network management. Overview of VLANs Types of VLANs Default VLAN Assignment Initially, all switch ports are members of VLAN 1.
- 6. A VLAN trunk is a point-to-point link that carries more than one VLAN. Usually established between switches to support intra VLAN communication. A VLAN trunk or trunk ports are not associated to any VLANs. Cisco IOS supports IEEE 802.1q, a popular VLAN trunk protocol. VLANs in a Multi-Switched Environment VLAN Trunks The links between switches S1 and S2, and S1 and S3 are configured to transmit traffic coming from VLANs 10, 20, 30, and 99 across the network.
- 7. If a switch port receives a broadcast frame, it forwards it out all ports except the originating port. Eventually the entire network receives the broadcast because the network is one broadcast domain. VLANs can be used to limit the reach of broadcast frames because each VLAN is a broadcast domain. VLANs help control the reach of broadcast frames and their impact in the network. VLANs in a Multi-Switched Environment Controlling Broadcast Domains with VLANs In the figure, PC1 on VLAN 10 sends a broadcast frame. • Trunk links between S2 - S1 and S1 - S3 propagate the broadcast to other devices in VLAN 10. • Only devices in the same VLAN receive the broadcast therefore, PC4 would receive the broadcast.
- 8. VLAN Trunks Configuring IEEE 802.1q Trunk Links Native VLAN VLAN 99 172.17.99.0/24
- 9. VLAN Trunks Verifying Trunk Configuration
- 10. Troubleshoot VLANs and Trunks IP Addressing Issues with VLANs Common practice to associate a VLAN with an IP network. Different IP networks must communicate through a router. All devices within a VLAN must be part of the same IP network to communicate. In the figure, PC1 cannot communicate to the server because it has a wrong IP address configured.
- 11. Troubleshoot VLANs and Trunks Missing VLANs If all the IP address mismatches have been solved, but the device still cannot connect, check if the VLAN exists in the switch. If the VLAN to which the port belongs is deleted, the port becomes inactive and is unable to communicate with the rest of the network. • It is not functional until the missing VLAN is created or the VLAN is removed from the port.
- 12. Troubleshoot VLANs and Trunks Common Problems with Trunks Trunking issues are usually associated with incorrect configurations. The most common type of trunk configuration errors are: When a trunk problem is suspected, it is recommended to troubleshoot in the order shown above.
- 13. Inter-VLAN Routing Operation What is Inter-VLAN Routing? Layer 2 switches cannot forward traffic between VLANs without the assistance of a router. Inter-VLAN routing is a process for forwarding network traffic from one VLAN to another, using a router. There are three options for inter-VLAN routing: Legacy inter-VLAN routing Router-on-a-Stick Layer 3 switching using SVIs
- 14. Inter-VLAN Routing Operation Legacy Inter-VLAN Routing In the past: Router interfaces were used to route between VLANs. Each VLAN was connected to a different physical router interface. Packets would arrive on the router through one interface, be routed and leave through another. Because the router interfaces were connected to VLANs and had IP addresses from that specific VLAN, routing between VLANs was achieved. Large networks with large number of VLANs required many router interfaces. In this example, the router was configured with two separate physical interfaces to interact with the different VLANs and perform the routing.
- 15. Inter-VLAN Routing Operation Router-on-a-Stick Inter-VLAN Routing The router-on-a-stick approach uses only one of the router’s physical interface. One of the router’s physical interfaces is configured as a 802.1Q trunk port so it can understand VLAN tags. Logical subinterfaces are created; one subinterface per VLAN. Each subinterface is configured with an IP address from the VLAN it represents. VLAN members (hosts) are configured to use the subinterface address as a default gateway. In this example, the R1 interface is configured as a trunk link and connects to the trunk F0/4 port on S1. • Router accepts VLAN-tagged traffic on the trunk interface • Router internally routes between the VLANs using subinterfaces. • Router then forwards the routed traffic as VLAN-tagged for the destination VLAN out the trunk link.
- 16. Configure Router-on-a-Stick Inter-VLAN Routing Configure Router-on-a Stick: Preparation An alternative to legacy inter-VLAN routing is to use VLAN trunking and subinterfaces. VLAN trunking allows a single physical router interface to route traffic for multiple VLANs. The physical interface of the router must be connected to a trunk link on the adjacent switch. On the router, subinterfaces are created for each unique VLAN. Each subinterface is assigned an IP address specific to its subnet or VLAN and is also configured to tag frames for that VLAN.
- 17. Configure Router-on-a-Stick Inter-VLAN Routing Configure Router-on-a Stick: Switch Configuration To enable inter-VLAN routing using router-on-a stick, start by enabling trunking on the switch port that is connected to the router.
- 18. Configure Router-on-a-Stick Inter-VLAN Routing Configure Router-on-a Stick: Router Subinterface Configuration The router-on-a-stick method requires subinterfaces to be configured for each routable VLAN. The subinterfaces must be configured to support VLANs using the encapsulation dot1Q VLAN-ID interface configuration command.
- 19. Configure Router-on-a-Stick Inter-VLAN Routing Configure Router-on-a Stick: Verifying Subinterfaces By default, Cisco routers are configured to route traffic between local subinterfaces. As a result, routing does not specifically need to be enabled. Use the show vlan and show ip route commands to verify the subinterface configurations. The show vlan command displays information about the Cisco IOS VLAN subinterfaces. The show ip route command displays the routing table containing the networks associated with outgoing subinterfaces.
- 20. Configure Router-on-a-Stick Inter-VLAN Routing Configure Router-on-a Stick: Verifying Routing Remote VLAN device connectivity can be tested using the ping command. The command sends an ICMP echo request and when a host receives an ICMP echo request, it responds with an ICMP echo reply. Tracert is a useful utility for confirming the routed path taken between two devices.
- 21. Thank you!!! Q?