Network Kings

LIMITED TIME OFFER

$999 $499 only For All Access Pass Today! USE PROMO CODE : LIMITED

d :
h :
m
Claim Offer
Consult Us

router on a stick inter vlan routing

Router on a Stick: Explained

by
router on a stick configuration
router on a stick configuration

VLANs divide traffic in a LAN according to the needs and increase the broadcast domain. There are methods using which two different Vans can communicate with each other. This process is known as Inter-VLAN routing.

We have discussed Inter-VLAN routing and different methods that can be used to make different VLANs communicate with each other. Let us now see the configuration of one of the popular methods of Inter-VLAN routing, i.e., Router on a stick.

What is Router on a Stick?

Router on a stick or ROAS is a method in which we learn to create a sub-interface on the router and use VLAN tagging to differentiate between the traffic. Let us see how this can be attained.

Router on a Stick Configuration:-

Let us take a simple topology with VLAN 10 and VLAN 20.
VLAN 10 is used for sales and VLAN 20 is used for accounts.
PC 1 and 2 are connected to the port in VLAN 10 and are configured with IP 10.10.10.10 and 10.10.10.11
PC 3 and PC 4 are connected to the port in VLAN 20 and are configured with IP 10.10.20.10 and 10.10.20.11

router on a stick configuration

Configuration on Switch:-

Interface FastEthernet 0/2 and fastEthernet 0/3 are in VLAN 10 while interface FastEthernet 0/4 and FastEthernet 0/5 are assigned to VLAN 20.
Interface FastEthernet 0/1 of the switch should be configured as a trunk because all the VLAN passes to the router from this link only.

S1#configure terminal  

S1(config)#vlan 10 

S1(config-vlan)#name sales 

S1(config-vlan)#exit 

S1(config)#vlan 20 

S1(config-vlan)#name accounts 

S1(config-vlan)#exit 

 

S1(config)#interface range fastEthernet 0/2 – 3 

S1(config-if-range)#switchport mode access  

S1(config-if-range)#switchport access vlan 10 

S1(config-if-range)#exit 

 

S1(config)#interface range fastEthernet 0/4 – 5 

S1(config-if-range)#switchport mode access  

S1(config-if-range)#switchport access vlan 20 

S1(config-if-range)#exit 

 

S1(config)#interface fastEthernet 0/1 

S1(config-if)#switchport mode trunk 

Configuration on Router:-

R1(config)#interface GigabitEthernet0/1 

R1(config-if)#no ip address  

(We will configure different IP addresses on different sub-interfaces)

R1(config-if)#no shutdown  

 

R1(config-if)#exit 

R1(config)#interface gigabitEthernet 0/1.10 

%LINK-5-CHANGED: Interface GigabitEthernet0/1.10, changed state to up

Sub interface comes up, no need to give a shutdown command here since the actual physical interface i.e. GigabitEthernet0/1 is already up. 

 

 

R1(config-subif)#encapsulation dot1Q 10 

 

Tagging VLAN 10 to router sub-interface so that routers know which subinterface the traffic belongs to whenever traffic with VLAN 10 comes. Also, whenever traffic leaves the 1.10 subinterface a VLAN 10 will be assigned to it. 

 

 

R1(config-subif)#ip address 10.10.10.1 255.255.255.0 

R1(config-subif)#exit 

 

 

 

Similarly, let us create a subinterface for VLAN 20 

 

 

 

R1(config)#interface gigabitEthernet 0/1.20 

 

R1(config-subif)#ip address 10.10.20.1 255.255.255.0 

 

 

Configuring IP routing on a LAN subinterface is only allowed if that 

subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q, 

or ISL vLAN. 

 

If we assign an IP address before the encapsulation, this error message will pop up. 

 

R1(config-subif)# encapsulation dot1Q 20 

R1(config-subif)#ip address 10.10.20.1 255.255.255.0 

 

 

 

R1>show ip route  

 

Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP 

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area 

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2 

E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP 

i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area 

* – candidate default, U – per-user static route, o – ODR 

P – periodic downloaded static route 

 

The Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks 

C 10.10.10.0/24 is directly connected, GigabitEthernet0/1.10 

L 10.10.10.1/32 is directly connected, GigabitEthernet0/1.10 

C 10.10.20.0/24 is directly connected, GigabitEthernet0/1.20 

L 10.10.20.1/32 is directly connected, GigabitEthernet0/1.20 

Let us verify and try to ping a PC in VLAN 20 from a PC configured with VLAN 10.

C:\>ping 10.10.20.10 

 

Pinging 10.10.20.10 with 32 bytes of data: 

 

Reply from 10.10.20.10: bytes=32 time<1ms TTL=127 

Reply from 10.10.20.10: bytes=32 time<1ms TTL=127 

Reply from 10.10.20.10: bytes=32 time<1ms TTL=127 

Reply from 10.10.20.10: bytes=32 time=11ms TTL=127 

 

Ping statistics for 10.10.20.10: 

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), 

Approximate round trip times in milli-seconds: 

Minimum = 0ms, Maximum = 11ms, Average = 2ms 

router on a stick configuration

See two different VLANs are now allowed to communicate with each other.

Inter VLAN Routing: Explained

by
inter vlan routing
inter vlan routing

Before talking about Inter VLAN routing, let me give you a brief introduction to VLAN first.

VLAN is a logical grouping of network devices connected to a switch. VLANs are used to create smaller broadcast domains at layer 2 by assigning different ports to different subnetworks on the same switch so that two or more departments cannot communicate with each other which helps to reduce unnecessary traffic in a network. Also, the use of VLAN in an organization is a common practice. This allows different departments to remain isolated from each other and saves bandwidth.

But what if two different VLANs or we can say two different departments of an organization want to communicate with each other? Can this be made possible?

What is Inter VLAN routing?

Inter VLAN routing is the process of enabling communication between devices on different VLANs within the same network. Without inter VLAN routing, devices on separate VLANs are essentially isolated from each other, unable to exchange data or access resources. Inter VLAN routing helps to resolve this communication gap by allowing data to flow between VLANs. To allow communication between different VLANs we take the help of routing and hence we need a device that can perform routing i.e., router or layer 3 switches.

Why is Inter-VLAN routing used?

As we discussed Inter VLAN routing can help to build a communication channel between two or more different VLANs, but besides this, it also has some other uses: –

  • Security

VLANs are used to enhance security by keeping sensitive data on a separate VLAN and ensuring that no unauthorized devices can access it. Inter-VLAN helps authorized devices access these resources and data. 

  • Shared Resources

Inter VLAN routing allows devices on different VLANs to share network resources efficiently. For instance, printers, file servers, and network-attached storage (NAS) devices can be placed on a separate VLAN; users from multiple VLANs can access these shared resources. This simplifies resource management and utilization. 

  • Scaling and Growth

As an organization grows, the network grows and new services are added, inter VLAN routing can help maintain efficient communication between VLANs without physically reconfiguring the network. 

  • Traffic Management and Optimization

By routing traffic between VLANs, you have control over how traffic flows within your network. This allows you to optimize network performance and ensure that bandwidth is allocated according to the organization’s needs and policies. 

How does Inter-VLAN routing work?

Inter VLAN routing can be implemented using three methods, namely- 

  • External Router

The oldest method of implementing Inter VLAN routing is using a router with multiple interfaces and each router interface is connected to ports on a switch configured with different VLAN. The router interface acts as a default gateway for the particular VLAN. 

An example of this method is shown in the diagram below. 

Ports on the switch are assigned to particular VLANs as mentioned and each port is connected to the port on the RE. When a PC in VLAN 10 wants to communicate with a PC configured at VLAN 20, the packet is forwarded to the default gateway of VLAN 10 i.e., Gi0/0. The router examines the destination address and sends out a packet to the Gi0/1 interface. A packet that travels to the fa0/2 port of the switch and finally reaches PC 2 i.e., PC configured with VLAN 20. 

External Router

This method is effective but it has a drawback. Since each VLAN requires a different default gateway and hence different RE ports. It becomes a costly method. RE used to have a smaller number of ports. In our example, we had only three VLANs. What is an organization that has 10 different departments and requires 10 different VLANs?  

Hence this solution is not scalable. 

  • Router-on-a-Stick

As we saw in the case of the old Inter-Vlan routing method we require ports equal to the number of VLAN configured in a network but the router-on-the-stick method overcomes this drawback. 

NOTE: In the case of the Router-on-a-stick method we only require one physical Ethernet interface. 

But, how is it possible to enable it using a single port?

The router uses the concept of Sub-Interfaces, each associated with a specific VLAN. These Sub-Interfaces are assigned IP addresses, acting as the default gateways for devices in their respective VLANs. VLAN tagging (usually with 802.1Q) is employed to differentiate traffic from different VLANs as it passes through the single physical connection to the router. This router port is connected to the layer 2 switch trunk port.

When a packet tagged with a VLAN enters the router sub-interface, the router makes the routing decision based on the destination IP Address and then it determines the exit interface for that particular packet. Since the exit sub-interface is also configured as an 802.1Q sub-interface, the new VLAN is tagged at the data frames and forwarded accordingly.

Router-on-a-Stick

This method is cost-effective since it requires only one physical router. However, it can also become a bottleneck if there is a significant amount of inter-VLAN traffic since all the traffic must pass through a single physical interface. Since it employs the use of a single physical interface, latency is also high. Also, if this physical interface goes down for any reason, an outage in a network can occur. 

  • Switch Virtual Interface/ Use of Layer 3 Switch

A Layer 3 switch, also known as a multilayer switch, combines the features of a traditional network switch and a router. A layer 3 switch is also known as a multi-layer switch since it can operate on both layer 2 and layer 3. We can configure a switched virtual interface on a layer 3 switch.  

it has VLAN interfaces configured for each VLAN and can route traffic between these VLANs using the physical interfaces connected to the switch. 

Devices within each VLAN use the Layer 3 switch as their default gateway. DVI performs the same function for the VLAN as a router sub-interface does but it is much faster than it since it employs the same hardware for routing and switching. This method is also not limited to one link because the concept of EtherChannel can also be used between switches to increase the bandwidth. Latency is also lower in SVI. 

SVI

This approach is efficient and provides high-speed inter VLAN routing because it eliminates the need for a separate physical router. The main disadvantage of using this method is the cost. Generally, Multi-Layer switches are expensive devices.

Also, the configuration for Multi-Layer switches is a little complex.