As we learned, each VLAN usually works on its own subnet. The network switches mainly work at layer 2 of the OSI model, so they do not examine the logical addresses. Therefore, for traffic between VLANs, inter-VLAN routing is required. The Legacy Inter-VLAN routing is the first solution for traffic between different VLANs. It relies on routers with multiple physical interfaces. All interfaces had to be connected to a separate network and configured with a separate subnet.
The legacy inter-VLAN routing connects different physical router interfaces to different physical ports on the switch. The switch ports connected to the router must be placed in access mode.
Each physical interface of the router is assigned to a different VLAN. The router interface then accepts traffic from the VLAN related to the switch interface to which it is connected. Then, the router sends the traffic to other VLANs connected to the different interfaces.
The following network diagram illustrates Legacy Inter-VLAN Routing. It shows a router with two physical interfaces: FastEthernet0/0 connected to VLAN 100 (subnet 192.168.100.0/24) and FastEthernet0/1 connected to VLAN 200 (subnet 192.168.200.0/24). The switch has ports Fa0/2 and Fa0/7 configured in access mode for VLAN 100 and VLAN 200, respectively. Host-1 (VLAN 100) communicates with Host-2 (VLAN 200) through the router, which routes traffic between the VLANs.
Configure Legacy Inter-VLAN Routing
Multiple Physical interfaces are required on the router to configure the Legacy inter-VLAN. The router can route with each of its physical interfaces connected to a unique VLAN. Configure each physical interface with a unique IP address for the subnets related to the particular VLAN.
After configuring the IP address on physical interfaces, each device connected to the LAN can communicate with the router using this physical interface. The router would be the gateway for each device on the VLAN. All the VLAN can communicate with each other without configuring any routing protocol on the router. The legacy Inter-VLAN routing required configuration on the switch and the router.
Router Configuration for Legacy Inter-VLAN Routing
To enable Legacy Inter-VLAN Routing, the router must have multiple physical interfaces, each configured with an IP address corresponding to the subnet of the connected VLAN. Below is a step-by-step configuration for a router connected to VLAN 100 and VLAN 200, as described in the article.
Prerequisites
- The router is connected to switch ports configured for VLAN 100 (e.g., Fa0/2) and VLAN 200 (e.g., Fa0/7).
- The switch ports connected to the router are in access mode.
- The router interfaces are operational (no shutdown).
Configuration Steps
- Access the Router’s CLI:
- Enter privileged EXEC mode and then global configuration mode.
- Configure Interface for VLAN 100:
- Assign an IP address from the VLAN 100 subnet (e.g., 192.168.1.1/24).
- Ensure the interface is active.
- Configure Interface for VLAN 200:
- Assign an IP address from the VLAN 200 subnet (e.g., 192.168.2.1/24).
- Ensure the interface is active.
- Save the Configuration:
- Write the configuration to ensure persistence after a reboot.
Example Configuration
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#ip address 192.168.100.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface FastEthernet0/1
Router(config-if)#ip address 192.168.200.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#do write
Building configuration...
[OK]
Router(config)#exitVerification Commands
- show ip interface brief: Check the status and IP addresses of the interfaces.
- show running-config: Verify the configuration details.
- ping 192.168.2.2: Test connectivity to a host in VLAN 200 from the router.
Notes
- Ensure the switch ports connected to the router (e.g., Fa0/2 for VLAN 100, Fa0/7 for VLAN 200) are correctly configured in access mode.
- The router acts as the default gateway for devices in each VLAN. For example, hosts in VLAN 100 use 192.168.1.1, and hosts in VLAN 200 use 192.168.2.1.
Legacy Inter-VLAN Routing – Switch Configuration
To configure legacy inter-VLAN routing, start by configuring the switch. As shown below, the Router is connected to switch ports Fa0/2 and Fa0/7, which have been configured for VLANs 100 and 200, respectively.
Use the following command to create a VLAN and assign ports to that VLAN. Remember that you issue the command in global configuration mode. The port must be in access mode
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 100
Switch(config-vlan)#name admin
Switch(config-vlan)#vlan 200
Switch(config-vlan)#name account
Switch(config-vlan)#exit
Switch(config)#interface range fastEthernet 0/1-5
Switch(config-if-range)#switchport mod access
Switch(config-if-range)#switchport access vlan 100
Switch(config-if-range)#exit
Switch(config)#interface range fastEthernet 0/6-10
Switch(config-if-range)#switchport mod access
Switch(config-if-range)#switchport access vlan 200
Switch(config-if-range)#do wr
Building configuration...
[OK]
Switch(config-if-range)#exit
Switch(config)#exit
Switch(config)#exit
Switch#
%SYS-5-CONFIG_I: Configured from console by console
In this example, the interfaces Fa0/1 to Fa0/5 have been assigned to VLAN-100, and the interfaces Fa0/6 to Fa 0/10 have been assigned to VLAN 200. Using the name command assigns the name to VLANs, and finally using the wr (write) command saves the work into the startup configuration file.
We have used the command “do wr” because we are in global configuration mode. The command is originally not used in global configuration mode. So, if we are in “User Privileged Mode,” then we would use the command “wr or write”. We can also use the copy “running-config startup-config” instead of the “wr” command. Watch the following video for Legacy Inter-VLAN routing configuration:
Legacy Inter-VLAN Routing – Router Configuration
In the Legacy Inter-VLAN routing, there are no static or dynamic protocols needed for the routing. We are just required to configure the IP addresses of the router according to the subnet of the connected VLANs. We can configure the IP address of the interface using the “IP address <ip address subnet mask> command in global configuration mode. Remember that the switch must be in the status of “no shutdown”.
Troubleshooting Legacy Inter-VLAN Routing
When configuring Legacy Inter-VLAN Routing, several issues may prevent successful communication between VLANs. Below are common problems and their solutions:
Hosts cannot Ping Across VLANs
- Cause: Incorrect IP address or subnet mask on the router interface.
- Solution: Verify the IP addresses on the router interfaces using
show ip interface brief. Ensure they match the VLAN subnets (e.g., 192.168.1.1/24 for VLAN 100).
Example:
Router#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.100.1 YES manual up up
FastEthernet0/1 192.168.200.1 YES manual up up- Cause: Switch ports connected to the router are not in access mode.
- Solution: Confirm the switch ports are in access mode for the correct VLAN using
show vlan brieforshow running-config.
ARP Requests Fail
- Cause: The router’s interface is down or misconfigured.
- Solution: Ensure the router interfaces are active (
no shutdown) and correctly configured with the appropriate IP address.
Example:
Router(config)#interface FastEthernet0/0
Router(config-if)#no shutdown- Cause: Hosts are not configured with the correct default gateway.
- Solution: Verify that hosts in VLAN 100 use the router’s VLAN 100 interface IP (e.g., 192.168.1.1) as their default gateway.
VLANs Not Configured on the Switch
- Cause: VLANs are not created or ports are not assigned correctly.
- Solution: Use
show vlan briefto confirm VLAN 100 and VLAN 200 exist and that the correct ports are assigned.
Switch#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
100 admin active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5
200 account active Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10Router Interface Connectivity Issues
- Cause: Physical connectivity issues between the router and switch.
- Solution: Check cable connections and ensure the switch port and router interface are up using
show ip interface briefon the router andshow interfaces statuson the switch.
Tips for Effective Troubleshooting
Use ping from a host to the default gateway to test connectivity within the VLAN.
Use traceroute to identify where packets are dropped.
Enable debugging on the router (debug ip packet) to monitor packet flow (use cautiously in production environments).
Comparison with Modern Inter-VLAN Routing Methods
While Legacy Inter-VLAN Routing is effective for small networks, it has limitations in scalability and hardware requirements. Below is a comparison with modern alternatives:
1. Router-on-a-Stick
- Description: Uses a single router interface with subinterfaces to handle multiple VLANs, leveraging 802.1Q trunking.
- Advantages:
- Requires only one physical router interface, reducing hardware costs.
- More scalable for networks with many VLANs.
- Disadvantages:
- Potential bottleneck on the single trunk link.
- Requires trunk configuration on the switch and router.
- Use Case: Suitable for small to medium-sized networks with moderate inter-VLAN traffic.
2. Multilayer Switch Routing
- Description: Uses a Layer 3 switch to perform inter-VLAN routing internally, eliminating the need for an external router.
- Advantages:
- High performance due to hardware-based routing.
- Simplifies network design by consolidating routing and switching.
- Disadvantages:
- Requires a multilayer switch, which is more expensive than a Layer 2 switch.
- Configuration may be more complex for beginners.
- Use Case: Ideal for large enterprise networks with high inter-VLAN traffic.
Why Use Legacy Inter-VLAN Routing?
- Simplicity: Easy to configure for small networks with few VLANs.
- Learning Value: Essential for CCNA/CCNP students to understand basic routing concepts.
- Limitations: Not scalable for large networks due to the need for multiple physical interfaces.
Conclusion:
Legacy Inter-VLAN routing is a foundational solution for facilitating communication between different VLANs within a network. As network switches operate primarily at Layer 2 of the OSI model and do not inherently support inter-VLAN communication, routers with multiple physical interfaces become essential for routing traffic between VLANs. By configuring each router interface with a unique VLAN and subnet, Legacy Inter-VLAN routing enables devices within those VLANs to communicate through the router, serving as their gateway. Although this method requires separate physical interfaces and subnets, it offers a straightforward approach to inter-VLAN routing.
FAQs
What is Legacy Inter-VLAN Routing?
Legacy Inter-VLAN Routing uses a router with multiple physical interfaces, each connected to a switch port in access mode for a specific VLAN. Each interface is configured with an IP address in the VLAN’s subnet, enabling routing between VLANs.
Why is a router needed for Legacy Inter-VLAN Routing?
Switches operate at Layer 2 and cannot route traffic between VLANs, which are separate broadcast domains. A router, operating at Layer 3, is required to forward packets between VLANs based on IP addresses.
What are the main limitations of Legacy Inter-VLAN Routing?
-
equires multiple physical router interfaces, increasing hardware costs.
-
Not scalable for networks with many VLANs.
-
More complex cabling compared to modern methods like Router-on-a-Stick.
-
How do I verify that Legacy Inter-VLAN Routing is working?
-
Use ping from a host in one VLAN to a host in another VLAN.
-
Check the router’s routing table with show ip route.
-
Verify VLAN assignments on the switch with show vlan brief.
-
Can Legacy Inter-VLAN Routing be used in modern networks?
While still functional, Legacy Inter-VLAN Routing is less common in modern networks due to its scalability limitations. Router-on-a-Stick or multilayer switch routing is preferred for efficiency.
What happens if a switch port is not in access mode for the router connection?
If the switch port is not in access mode (e.g., it’s a trunk port), the router will not correctly process VLAN traffic, leading to communication failures between VLANs.
Do I need a routing protocol for Legacy Inter-VLAN Routing?
No, Legacy Inter-VLAN Routing does not require a routing protocol. The router uses directly connected interfaces, and routes are automatically added to the routing table.
