29 October 2008

Adding Switch to Cisco Home Lab - Part 4


Configure Router for InterVLAN routing

If you only configure VLAN on the 2950 or other layer 2 switches, the clients can only communicate with other clients within the same VLAN.
If you want them to be able to communicate with other clients on different VLANs, then you need to configure a router for interVLAN routing.

Configuration of router for interVLAN routing often called router on a stick. The reason is the clients that want to communicate with other clients on different VLANs need to go through the router first and the router will route the packets to the appropriate VLANs back through the same line.

The disadvantage of this is that single line going to the router will be filled by requests from one VLAN going to other VLAN, and the router will be set for handling the routing for this.

No problem for the small LAN, but if you have a huge number of clients, you need to consider using Layer 3 or multilayer switches (Cisco Catalyst 3550 series or above) for interVLAN routing.

The concept of layer 3 switch routing is something that you'd find on the CCNP level, not the CCNA.
I don't have layer 3 switch, the cheapest one I can find in my local area is more than $600 yikes. But the configuration is so easy, I'll only want to give you some snippets later.

For now lets configure the router to do interVLAN routing.

We know that routers have limited amount of physical interfaces right? The 2611 have a default of 2 ethernet interfaces.
One interface is going to the internet and the other is supposedly connected to the internal LAN.
How come one interface can handle multiple VLANs a.k.a. multiple networks with different subnets.

There's a genius way to get around this, that is by using logical sub interfaces. That one port can be logically devided into many sub interfaces.
Each sub interface will handle one VLAN/subnet.

NOTE:

Previously the interVLAN routing can only be done by routers with Fast Ethernet interfaces (100 Mbps) and not intended for Ethernet interfaces (10 Mbps) due to small bandwidth consideration. But now we can configure it on the ethernet ports also.

Before configuring the router, lets see again how the network diagram looks like:

So we need to define four sub interfaces and the respective IP addresses, we also need to define the VLAN assigned to the sub interface using encapsulation dot1q VLAN_NUMBER, where the VLAN_NUMBER is the VLAN ID for the sub interface.
You need to define the VLAN first on the sub interface, then you can assign IP address there.
You don't need to assign IP address for the main interface ethernet 0/0 but do no shutdown and the sub interfaces will automatically apply the same no shutdown.
here's how we configure them:

router> enable
router# configure terminal
router (config)# interface ethernet0/0
router (config-if)# no ip address
router (config-if)# no shutdown
router (config-if)# interface ethernet0/0.5
router (config-if)# interface ethernet0/1.5
router (config-subif)# encapsulation dot1q 5
router (config-subif)# ip address 192.168.5.1 255.255.255.0
router (config-subif)# interface ethernet0/1.10
router (config-subif)# encapsulation dot1q 10
router (config-subif)# ip address 192.168.10.1 255.255.255.0
router (config-subif)# interface ethernet0/1.20
router (config-subif)# encapsulation dot1q 20
router (config-subif)# ip address 192.168.20.1 255.255.255.0
router (config-subif)# interface ethernet0/1.30
router (config-subif)# encapsulation dot1q 30
router (config-subif)# ip address 192.168.30.1 255.255.255.0

You can give sub interface number up to 4294967295, the reason is it gives you the flexibility on naming the sub interface to match the VLAN ID. You can easily identify the sub interface e0/1.5 is for VLAN 5 and so on.

Oh, don't forget to do the no shutdown command on the main interface ethernet 0/1, it will also do no shutdown for the sub interfaces.

Now if you can successfully ping the interface VLAN 5 on the switch (192.168.5.2 in this example) then you are done configuring the router for interVLAN routing.

For configuring interVLAN routing on Layer 3 switches you have to make interface VLAN for every VLAN that you want to route and give them IP addresses.

Layer3Switch> enable
Layer3Switch# configure terminal
Layer3Switch (config)# interface VLAN 5
Layer3Switch (config-if)# ip address 192.168.5.1 255.255.255.0
Layer3Switch (config-if)# no shutdown

Do this for every VLAN that you want to route, you don't need to configure sub interfaces on the router.
The layer 3 switch will do the routing for the VLANs without ever need to send anything to the router first.
But you need to activate the ip routing feature on the switch first, if it's not already activated using:

Layer3Switch (config)# ip routing

Very simple right?

Last things left is to configure the router for additional configuration, DHCP server for each subnet, connect to the cable internet, and other details on the next post.