VLAN Routing

wrsenter · June 6, 2018, 10:42pm

Question:

Let’s say that I have a GigE WAN connection from AT&T connected to a layer 3 switch. The switch has many VLANs being routed by RIP (I know, dumb) but that is what it is.

When a customer accesses this switch via the WAN to connect to an application running on a server that may be on one of the VLANs, what happens?

ReneMolenaar · June 12, 2018, 12:41pm

Hello Wes,

It really depends on the configuration of your interfaces. Since it’s routing for multiple VLANs, your config probably looks similar to this:

Switch(config)#interface GigabitEthernet 0/1
Switch(config-if)#description DESKTOPS
Switch(config-if)#switchport access vlan 10

Switch(config)#interface GigabitEthernet 0/2
Switch(config-if)#description SERVERS
Switch(config-if)#switchport access vlan 20    

Switch(config)#interface vlan 10
Switch(config-if)#description DESKTOPS
Switch(config-if)#ip address 192.168.10.254 255.255.255.0

Switch(config)#interface vlan 20
Switch(config-if)#description SERVERS
Switch(config-if)#ip address 192.168.10.254 255.255.255.0

Your switch ports are in different VLANs and you have an SVI interface with an IP address for each VLAN.

Let’s say you are connected to AT&T with a routed port, something like this:

Switch(config)#interface GigabitEthernet 0/3
Switch(config-if)#no switchport
Switch(config-if)#description AT&T 
Switch(config-if)#ip address 1.2.3.4 255.255.255.252
Switch(config-if)#ip address 1.2.3.4 255.255.255.0

As an L3 switch (with IP routing enabled), it will route between these subnets:

Switch#show ip route     
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.2.3.0/24 is directly connected, GigabitEthernet0/3
L        1.2.3.4/32 is directly connected, GigabitEthernet0/3
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/24 is directly connected, Vlan10
L        192.168.10.254/32 is directly connected, Vlan10
      192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.20.0/24 is directly connected, Vlan20
L        192.168.20.254/32 is directly connected, Vlan20

So if an IP packet entered the AT&T interface with destination 192.168.20.100, it would get routed out of the VLAN20 interface. The switch then checks its ARP table to figure out if it knows where 192.168.20.100 is, learns the MAC address, then switches it out of one of the switch ports.

I hope this helps!

Rene