Connectivity between VLANs
LAN switches forward frames based on Layer 2 logic. This means that, when a switch receives an Ethernet frame, it looks at the destination MAC address and forwards the frame out another interface or multiple interfaces if it is a BUM frame. This type of switch is often called Layer 2 switch.
Layer 2 forwarding logic is performed per VLAN. For example, in figure 1, all end-stations on the left are configured in VLAN10 which is a separate broadcast domain and different subnet. The servers on the right are configured in VLAN20 and are in their own broadcast domain and different subnet from VLAN10.
Because VLAN10 and VLAN20 are different broadcast domains, frames from one VLAN will never leak over to the other. Therefore, the switch acts like two separate switches as shown in figure 1.
Routing between VLANs with a router
Ultimately, when we design networks, we want to have any-to-any connectivity between all devices. Following the logic that we have learned in the previous lessons, that
VLAN = Broadcast Domain = Subnet
to enable connectivity between two VLANs means to enable connectivity between IP subnets. Therefore, we need to have a device that acts as a router. There are two possible solutions, we can use an actual router to do the routing or the switch itself can perform routing functionalities. Switches that can perform Layer 3 routing functions are called Layer 3 switches or Multilayer switches.
In the following example, we are using a router to route data between VLAN10 and VLAN20. The router has one physical interface connected to switchport in VLAN10 and one physical interface connected to switchport in VLAN20. Thus, the router has one interface in subnet 192.168.1.0/24 and one interface in subnet 10.1.0.0/24 and it does what all routers do - route IP packets between subnets.
The downside of this approach for forwarding data between VLANs is that the router must have physical interfaces for every VLAN. Above example is a feasible design option, but if we have 10+ VLANs for example, it will obviously not scale well because we will use 10+ interfaces on both the router and the switch.
Configuring and Verifying InterVLAN routing
Let's first check if everything is configured correctly on the switch. We have four clients in VLAN10 (Users) and for servers in VLAN20 (Servers) connected as shown in Figure 3.
SW1#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 USERS active Fa0/1, Fa0/2, Fa0/3, Fa0/4
20 SERVERS active Fa0/15, Fa0/16, Fa0/17, Fa0/18
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface gi0/0
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#description USERS
Router(config-if)#exit
Router(config)#int gigabitEthernet 0/1
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
Router(config-if)#ip address 10.1.0.1 255.255.255.0
Router(config-if)#description SERVERS
Router(config-if)#end
gdgdfgfd
Router#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.1.1 YES manual up up
GigabitEthernet0/1 10.1.0.1 YES manual up up
GigabitEthernet0/2 unassigned YES unset administratively down down
Vlan1 unassigned YES unset administratively down down