cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1046
Views
4
Helpful
6
Replies

Inter VLAN Routing: on Router or on Switch

tunemore1
Level 1
Level 1

Where is the better place to do Inter VLAN routing: Creating sub-interfaces on router or turn on routing on the switch?

If it depends on size or number of subnets, what are the magic numbers?

Thanks,

6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

Hi

Generally speaking it's probably better to turn it on on the switch if you can. If you use subinterfaces on the router you are in effec dividing up the bandwidth of one interface between a number of vlans. If it is just a fast ethernet intreface for example 100Mb can soon be used up with a number of subinterfaces.

HTH

Jon

Jon, thanks for your reply.

Her are addictional questions.

Let us say we have used vlan 1 for entire network segment composed of a router and two switches (sw1 and sw2). we would like to add another switch (sw3) and turn Layer3 between sw2 and sw3. We also like to have two uplinks (may be etherchannel) between sw2 and sw3. We don't want to brake existing VLAN 1 either.

How do we do? Any idea?

Router

|

|

|

sw1======sw3

||

||

||

sw2

Thanks,

Hi

Could you be a bit more specific in what you mean about layer 3 between sw2 and sw3. Do you mean use layer 3 etherchannel beween the 2 switches or use layer 2.

Assuming the etherchannel is layer 2 then you should set this up as a trunk and then vlan 1 would work across all your switches if this is what you want.

What you should look to do is turn one of your switch into a L3 switch and have that route for all your vlans. You can then segment your network into different vlans and only use vlan 1 for managing the switches, altho even for management you should use a different vlan.

Your diagram didn't come out too well. Could you explain what you are trying to achieve with sw3.

Jon

Jon, please forget my previous post. It was my bad and I couldn't write a simple explanation.

Let me try again.

Let us say we have a router and multiple switches on one big flat LAN segment composed of multiple buildings and they all are on one VLAN (vlan 1).

Most building has at least one layer3 capable switch and we would like to turn layer3 on at each building.

The proble is not a design, mostly how to do the migration without breaking current sub-netting and IP assignment (pritners and some pc has static IP).

I was thinking using sub-interfaces on router for different vlans (vlan 10 for building A and vlan 20 for building B, and.....). During the migration, each building will have their own vlan ID plus vlan 1 and slowly move off vlan1. After that turning layer3 at building switch and vlan assigned at the building may not matter any more.

Am I confused you more than ever? :)

Is there better way to accomplished this?

Thanks,

Hi

Okay it's becoming a little clearer. As you rightly say you cannot turn on layer 3 at each building and maintain vlan 1 across the entire network infrastructure.

It sounds like your ultimate goal is to inteconnect the buildings with Layer 3. This is fine and removes the issue of spanning tree from your interconects.

i think you have the right idea in what you are proposing. Until you have migrated the devices into their new vlans you can only connect the buildings to each other with layer 2 links. Where is slightly differ is that in the main building ie the one with the router and the L3 switch i would use the L3 switch to create your vlan interfaces. You could also migrate the vlan 1 interface off the router onto your L3 switch as well.

I would make the L3 switch in the main building the sole device responsible for inter-vlan routing.

All your uplinks from the other buildng switches will need to be made into L2 trunks as they will need to carry vlan 1 + the additional vlan per building that you propose to add.

Once all this is working you can then look to turn on L3 at each site which entails migrating the vlan interface off the main L3 switch onto the site L3 switch and turning the uplink from a L2 trunk to a L3 routed link.

Eventually you should look to decomission vlan 1 altogether and use a different vlan for managing your switches.

L2 vs L3 always has trade offs. Be aware that if you do use L3 links between your buildings then you can't use one vlan across your entire estate to manage the switches. Actually you would be better off using loopbacks on your L3 switches for management.

You may find that once you have all routing on your main L3 switch and each building connected by L2 trunks that you are happy with that.

Hope this makes sense, let me know if there are any other questions

Jon

Hi,

I agree with Jon, plus why adding another device which introduces more processing and delay, and point of failures.

HTH, please do rate all helpful replies,

Mohammed Mahmoud.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: