Skip to main content

Inter VLAN routing

Inter-Vlan Routing is the capability to route traffic between vlans. This functionality could be on the Switch itself (for Layer 3 Switches). By default, only hosts that are members of the same VLAN can communicate.

Inter-VLAN Routing Architectures

Within a LAN topology, inter-VLAN routing is used to route packets between different VLANs. Three common inter-VLAN routing architectures are used in modern LAN networks today:
  • Router-on-a-stick.
  • Router-on-a-stick using trunks.
  • Layer 3 switching.
This section examines each of these in detail, outlining any restrictions or issues associated with each.

Router-on-a-Stick

The router-on–a-stick architecture is the most basic method of inter-VLAN routing. In this architecture, a router is simply connected to each VLAN and forwards inter-VLAN traffic between the appropriate VLANs. Figure 1 shows this architecture.

Figure1 Router-on–a-Stick
As you can see in Figure1, the router has a physical Ethernet interface dedicated for each VLAN. If IP hosts on VLAN 100 need to communicate with hosts of VLAN 200, IP packets with the appropriate source and destination IP addresses are sent to the router, which looks up the destination IP address and forwards to the appropriate host on the destination VLAN. The router-on-a-stick architecture is simple to understand because the Layer 2 functions (provided by a switch) and Layer 3 functions (provided by a router) are physically separated.
The major issue with this architecture is performance. Because routers are software-based, they cannot route packets as fast as switches (hardware-based) can switch frames. Even if you are using high-performance routers, the physical interface connecting each VLAN to the router is a bottleneck because it can transmit packets only at 10 Mbps, 100 Mbps, or 1 Gbps depending on the interface type. This restriction means that the router becomes a performance bottleneck when routing between high-speed VLANs.
Another issue with this architecture is the number of routers and physical interfaces required to support multiple VLANs. A dedicated Ethernet interface is required per VLAN. Routers are low-density devices, meaning that there is a high cost per port and multiple routing devices might be required to support multiple VLANs, increasing the complexity of the network.
Finally, all inter-VLAN traffic must travel via the router. In Figure 1, even though the PCs in VLAN 100 and VLAN 200 are connected to the same switch, all inter-VLAN traffic between the PCs must be sent through the router, which is inefficient.

Router-on-a-Stick Using Trunks:

As discussed in the last section, the router-on-a-stick architecture has physical limitations based upon a dedicated physical interface being required for each VLAN. This limitation can be removed by using trunk interfaces, where multiple VLANs are supported on a single physical interface by using tagging technologies such as 802.1Q or ISL. Rather than using physical interfaces to attach the router to each VLAN, virtual or logical interfaces are used to attach the router to each VLAN. Figure 2 shows this architecture.

Figure 2 Router-on-a-Stick Using Trunks
In Figure 2, virtual interfaces (rather than physical interfaces) are used to connect the router to each VLAN. A single physical trunk interface transports tagged VLAN traffic to the router, with the tag determining to which virtual interface a frame should be forwarded for routing. Apart from the differences between using physical interfaces per VLAN as opposed to virtual interfaces per VLAN, this architecture is essentially identical to the traditional router-on-a-stick architecture and suffers the same performance limitations, because the routing engine is still software-based and the trunk interface is limited to 10 Mbps, 100 Mbps, or 1 Gbps.

Routing Using Layer 3 Switches:


The architectures discussed thus far represent the traditional inter-VLAN routing architectures. The major issue with these architectures is performance—if gigabit speed routing is required between VLANs, extremely high performance and costly routers are required. A new form of inter-VLAN routing on the LAN has emerged in recent years called Layer 3 switching. With a Layer 3 switch, the traditionally separated Layer 2 and Layer 3 functions are combined into a single device, eliminating the bottleneck associated with the cable between a router and switch by replacing the cable with a high-speed backplane connection. Layer 3 switches also typically perform routing in specially designed hardware circuitry rather than software, using specialized hardware that can perform routing functions at high speed. This means that the performance of Layer 3 switches is much higher than traditional router-on-a-stick architectures. For example, if you use a Cisco 3640 series router in the router-on-a-stick architecture, you can achieve routing speeds of up to 40,000 packets per second. If you compare this with a Cisco Catalyst 3550-24-EMI Layer 3 switch, which is actually cheaper than a Cisco 3640 router, you can route packets at up to 6.6 million packets per second. This is obviously quite a difference and highlights the limitations of using router-on-a-stick architectures for inter-VLAN routing on the LAN. Of course, the Cisco 3640 router still has a place in the network; it supports a wide variety of diverse media, including serial and ATM connections for WAN connectivity; also supports advanced features such as firewalling, encryption, and so on—all of which are not supported on Cisco Catalyst switches.
The Layer 3 switch uses application-specific integrated circuits (ASICs), which are hardware chips that can route traffic at very high speeds. These ASICs are installed on the switching engine of a Layer 3 switch, which traditionally switches frames at Layer 2. The ASICs allow the switching engine to also switch frames that contain packets sent between different VLANs. Each ASIC is programmed with the information required to route traffic from one VLAN to another, without having to pass the traffic through the CPU of the routing engine. This information includes the egress port, egress VLAN, and new destination MAC address that should be written for the frame that is sent. Some form of route cache is normally used to store such information, with the ASIC searching the cache for routing information for the destination IP address of packets as they are received. How this information is programmed into the route cache depends on the Layer 3 switch architecture used; however, the end result is essentially the same.
In addition to the high-speed routing feature, these ASICs also can apply security access control list (ACL) filtering and Layer 3 quality of service (QoS) classification, all at wire-speed, meaning these useful features can be turned on without affecting performance.
howto_3550_intervlanrouting.gif



Labels:

Comments

Post a Comment

Popular posts from this blog

What is QinQ(IEEE 802.1ad)

What is QinQ In this section, we will see about Switching concept QinQ. In service provider networks, This is very important. Service provider use this Switching function to pass customer data from one end to other end with two vlan id’s in own switching network.  Explanation: The QinQ technology is called VLAN dot1q tunnel, 802.1Q tunnel, VLAN Stacking technology. The standard comes from IEEE 802.1ad and it is the expansion of the 802.1Q protocol. QinQ adds one layer of 802.1Q tag (VLAN tag) based on the original 802.1Q packet head. With the double layers of tags, the VLAN quantity is increased to 802.1Q. QinQ encapsulates the private network VLAN tag of the user in the public(service provider) network VLAN Tag to make the packet with double layers of VLAN Tags cross the backbone network (public network) of the operator. In the public network, the packet is passed according to the out layer of VLAN tag (that is the public network VLAN Tag) and the private network
Post a Comment
Read more

Beacon Frames, Probe request and response

Beacon frame  is one of the management frames in  IEEE 802.11  based WLANs. It contains all the information about the network. Beacon frames are transmitted periodically, they serve to announce the presence of a wireless LAN and to synchronise the members of the service set. Beacon frames are transmitted by the  access point  (AP) in an infrastructure  basic service set  (BSS). In IBSS network beacon generation is distributed among the stations. Beacons are sent periodically at a time called Target Beacon Transmission Time(TBTT) 1 TU = 1024 microseconds Beacon interval =100 TU (100x 1024 microseconds or 102.4 milliseconds) 1. Timestamp (8 byte) 2. Beacon Interval (2 byte) 3. Capability info (2 byte) 4. SSID (variable size) 5. Supported Rates (variable size) Probe Request:  A station or client becomes active or on a PC when the wlan card it enabled it becomes active sends a probe request frame when it needs to obtain information from another station or access point.
Post a Comment
Read more

Difference between Polling and Trap in Network Management – Which one is better?

A Network Manager’s job is to get data from Network Elements and present it to the administrators or operators. There are two ways of doing this activity:  1) Polling and 2) Trap . Here is a quick difference between the two: Polling  : A traditional way of providing operators with the network elements information. It’s characteristics are as follows: ·        Pull Mechanism – Requests and get information from network elements at periodic intervals. The periodic interval is most often configurable. ·        Provides non-real time information. It may happen that some changes happen in network element but polling happens an hour after that. Thus, operator gets to know about the changes after an hour. ·        Higher bandwidth needed. Traps  : When an alarm situation exists a trap can be generated, or if some changes happen at network element, an attribute value change event can be generated by the agent. It’s characteristic are as follows: ·        Push Mechanism – E
Post a Comment
Read more