utorak, 4. siječnja 2011.

InterVLAN routing

Understanding How InterVLAN Routing Works

Network devices in different VLANs cannot communicate with one another without a router to route traffic between the VLANs. In most network environments, VLANs are associated with individual networks or subnetworks.

For example, in an IP network, each subnetwork is mapped to an individual VLAN. In a Novell IPX network, each VLAN is mapped to an IPX network number. In an AppleTalk network, each VLAN is associated with a cable range and AppleTalk zone name.

Configuring VLANs helps control the size of the broadcast domain and keeps local traffic local. However, when an end station in one VLAN needs to communicate with an end station in another VLAN, interVLAN communication is required. This communication is supported by interVLAN routing. You configure one or more routers to route traffic to the appropriate destination VLAN.

shows a basic interVLAN routing topology. Switch A is in VLAN 10 and Switch B is in VLAN 20. The router has an interface in each VLAN.

Figure 3-1 Basic InterVLAN Routing Topology

When Host A in VLAN 10 needs to communicate with Host B in VLAN 10, it sends a packet addressed to that host. Switch A forwards the packet directly to Host B, without sending it to the router.

When Host A sends a packet to Host C in VLAN 20, Switch A forwards the packet to the router, which receives the traffic on the VLAN 10 interface. The router checks the routing table, determines the correct outgoing interface, and forwards the packet out the VLAN 20 interface to Switch B. Switch B receives the packet and forwards it to Host C.

shows another common scenario, interVLAN routing over a single trunk connection to the router. The switch has ports in multiple VLANs. InterVLAN routing is performed by a Cisco 7505 router connected to the switch through a full-duplex Fast Ethernet trunk link.

Figure 3-2 InterVLAN Routing Over a Single Trunk Link

Multiple subinterfaces are configured on the physical Fast Ethernet router interface, one for each VLAN supported on the trunk. IntraVLAN traffic (traffic with the source and destination host in the same VLAN) is handled entirely by the switch.

InterVLAN traffic is sent across the trunk to the router. The router checks the routing table, determines the outgoing subinterface (destination VLAN), and sends the traffic back over the trunk to the switch, where it is forwarded out the appropriate switch port.

Configuring VTP and VLANs on the Switch

To successfully configure a router for interVLAN routing, you must configure VTP and create and configure VLANs on the switch.

Note This section describes the basics of VTP and VLAN configuration. For detailed information on configuring VTP and VLANs, see the Software Configuration Guide for your switch.

To configure VTP and VLANs on the switch, perform this task in privileged mode:


Step 1 Specify the VTP mode.

set vtp mode {client | server | transparent}

Step 2 Configure a VTP domain (if you configured the switch as a VTP client or server).

set vtp domain name

Step 3 Create VLANs on the switch.

set vlan vlan_num

Step 4 Assign ports to the VLAN.

set vlan vlan_num mod_num/port_num

This example shows how to configure VTP, create two VLANs, and assign switch ports to those VLANs:

Console> (enable) set vtp mode server
VTP domain modified
Console> (enable) set vtp domain Corp_Net
VTP domain Corp_Net modified
Console> (enable) set vlan 100
Vlan 100 configuration successful
Console> (enable) set vlan 200
Vlan 200 configuration successful
Console> (enable) set vlan 100 3/1-12
VLAN 100 modified.
VLAN 1 modified.
VLAN  Mod/Ports
---- -----------------------
100   1/1-2
Console> (enable) set vlan 200 3/13-24
VLAN 200 modified.
VLAN 1 modified.
VLAN  Mod/Ports
---- -----------------------
200   1/1-2
Console> (enable)

Basic Router Configuration Tasks

These sections describe basic router configuration tasks you need to understand before you configure interVLAN routing:

Accessing Configuration Mode on the Router

Viewing and Saving the Router Configuration

Bringing Up a Router Interface

Accessing Configuration Mode on the Router

To access configuration mode on the router, perform this task, beginning in normal EXEC mode:


Step 1 At the EXEC prompt, enter enable mode.


Step 2 At the privileged EXEC prompt, enter global configuration mode.

configure terminal

Step 3 Enter the commands to configure interVLAN routing.

(Refer to the appropriate configuration tasks later in this chapter.)

Step 4 Exit configuration mode.


Viewing and Saving the Router Configuration

To view and save the configuration after you make changes, perform this task in privileged EXEC mode:


Step 1 View the current operating configuration at the privileged EXEC prompt.

show running-config

Step 2 View the configuration in NVRAM.

show startup-config

Step 3 Save the current configuration to NVRAM.

copy running-config startup-config

Bringing Up a Router Interface

In some cases, a router interface might be administratively shut down. You can check the status of an interface using the show interface command

Source Cisco.com

RIP v2

RIPv2 Summary

Distance-vector protocol.

Use UDP port 520.

Makes Automatic summarization on network Class boundary.

Classless protocol (supports VLSMs).

Have the power to shut the Auto-summarization And make a configured manual Summarization.

Supports VLSMs.

Metric is router hop count.

Maximum hop count is 15; infinite (unreachable) routes have a metric of 16.

Periodic route updates sent every 30 seconds to multicast address

25 routes per RIP message (24 if authentication is used).

Invalid route marked after 180 sec.

Flush timer is 280 sec.

Hold-down timer 180 sec.

Supports authentication.

Implements split horizon with poison reverse.

Implements triggered updates.

Subnet mask included in route entry.

Administrative distance for RIPv2 is 120.

Used in small, flat networks or at the edge of larger networks.

RIPv2 Convergence

The steps for RIPv2 convergence are as follows:

1- When the local router sees a connected route disappear, it sends a
Flash update and removes the route entry from its table. This is
Called a triggered update with poison reverse.

2- The receiving routers send a Flash update and put the affected route
in holddown.

3- The originating router queries its neighbor (DC) for alternative routes.
If the neighbor has an alternative route, it is sent; otherwise, the
Poisoned route is sent.

4- The originating router installs the best alternative route that it
hears because it has purged the original routes, and Send the new updates in
its periodic routing update timer (30 sec).

5- Routers that are in holddown ignore only the alternative route.

6- When the other routers emerge from holddown, they will accept
the alternative route.

7- Convergence takes the time for detection, plus holddown, plus the
number of routing updates (equal to the hop-count diameter of the network).
This could take a long time.,

More info.


The characteristics of EIGRP follow:

ü Hybrid routing protocol (distance vector that has link-state protocol characteristics).

ü Use DUAL, first proposed by E. W. Dijkstra and C. S. Scholten, to perform distributed shortest-path routing while maintaining freedom from loops at every instant. Although many researchers have contributed to the development of DUAL, the most prominent work is that of J. J. Garcia-Luna-Aceves.

ü Cisco Proprietary created in 1994.

ü First released in IOS 9.21

ü Uses IP protocol 88.

ü Makes Automatic summarization on network Class boundary.

ü Classless protocol (supports VLSMs).

ü Have the power to shut the Auto-summarization And make a configured manual Summarization.

ü Default composite metric of bandwidth and delay.

ü You can factor load, MTU and reliability into the metric.

ü Eigrp metric is the same as IGRP*256, It uses the smallest B.W,Reliablity,Load & MTU with the Comulative delay upon the path…..The MTU doesn’t actually used in the Metric calculations, But is included in the EIGRP Routing updates.

ü Sends route updates to multicast address, and nei. Reply’s back with Unicast Address.

ü Sends non-periodic, partial, and bounded updates.

ü Send Hello packets every 5 sec. and Hold down timer is 15 sec.

ü For Low speed Hello is every 60 sec. with hold down time 180 sec.

ü By default, EIGRP uses no more than 50 percent of the bandwidth of a link.

ü Support for authentication via MD5 Only.

ü Uses DUAL for loop prevention, and generating Succ./Fesible Succ.

ü Maximum paths for Load-balancing are 6 & default is 4 , maximum are 16 in IOS 12.3(2)T and later IOS releases

ü By default, Equal-Metric load balancing. If Unequal-Metric load sharing is used the router will load share inversely proportional to the metrics of the paths.

ü Administrative distance is 90 for EIGRP internal routes, 170 for EIGRP external routes, and 5 for EIGRP summary routes.

ü Potential routing protocol for the core of a network; used in large networks.

ü For neighbor relation to be established, both routers must send and receive Hello or Ack packets from each other, they must have the same AS #, and the same Metric K values.

ü Eigrp doesn’t restrict that neighbors must have the same Hello & dead interval timers, Unlike OSPF.

ü Has a Maximum hop count of 255, the default is 100 in the last IOS releases.

The composite metric for each EIGRP route is calculated as

EIGRP metric = IGRP metric * 256

IGRP metric = [k1*BWIGRP(min) + (k2* BWIGRP(min))/(256-LOAD) + k3*DLYIGRP(sum)]
x [k5/(RELIABILITY + k4)]

If k5 is set to zero, the [k5/(RELIABILITY+k4)] term is not used.

Given the default values for k1 through k5, the composite metric calculation used by IGRP reduces to the default metric:

IGRP metric = BWIGRP(min) + DLYIGRP(sum)

BWIGRP(min) = 107/BW(min)

DLYIGRP(sum) = DLY(sum) /10

EGRP uses multiple packet types, all identified by protocol number 88 in the IP header:

· Hellos are used by the neighbor discovery and recovery process. Hello packets are multicast and use unreliable delivery.

· Acknowledgments (ACKs) are Hello packets with no data in them. ACKs are always unicast and use unreliable delivery.

· Updates convey route information. Unlike RIP and IGRP updates, these packets are transmitted only when necessary, contain only necessary information, and are sent only to routers that require the information. When updates are required by a specific router, they are unicast. When updates are required by multiple routers, such as upon a metric or topology change, they are multicast. Updates always use reliable delivery.

· Queries and Replies are used by the DUAL finite state machine to manage its diffusing computations. Queries can be multicast or unicast, and replies are always unicast. Both queries and replies use reliable delivery.

· Requests were a type of packet originally intended for use in route servers. This application was never implemented, and request packets are noted here only because they are mentioned in some older EIGRP documentation.

EIGRP has four components:

Protocol-Dependent Modules (PDM): EIGRP implements modules for IP, IPX, and AppleTalk, which are responsible for the protocol-specific routing tasks. For example, the IPX EIGRP module is responsible for exchanging route information about IPX networks with other IPX EIGRP processes and for passing the information to the DUAL. Additionally, the IPX module will send and receive SAP information.

Reliable Transport Protocol (RTP): The Reliable Transport Protocol (RTP) manages the delivery and reception of EIGRP packets. Reliable delivery means that delivery is guaranteed and that packets will be delivered in order. If any packet is reliably multicast and an ACK is not received from a neighbor, the packet will be retransmitted as a unicast to that unresponding neighbor. If an ACK is not received after 16 of these unicast retransmissions, the neighbor will be declared dead. The time to wait for an ACK before switching from multicast to unicast is specified by the multicast flow timer. The time between the subsequent unicasts is specified by the retransmission timeout (RTO). Both the multicast flow timer and the RTO are calculated for each neighbor from the smooth round-trip time (SRTT). The SRTT is the average elapsed time, measured in milliseconds, between the transmission of a packet to the neighbor and the receipt of an acknowledgment. The formulas for calculating the exact values of the SRTT, the RTO, and the multicast flow timer are proprietary.

Neighbor Discovery/Recovery: Hellos are multicast every 5 sec., minus a small random time to prevent synchronization. & are unicast every 60 sec. On multipoint X.25, Frame Relay, and ATM interfaces, with access link speeds of T1 or slower also it's the default for ATM SVCs and for ISDN PRI In all cases, the Hellos are unacknowledged.

Diffusing Update Algorithm (DUAL): Used For routing calculations, loop free & convergence.


OSPF Summary

The characteristics of OSPF follow:

Link-state routing protocol.

Uses IP protocol 89.

Classless protocol (supports VLSMs and CIDR).

Metric is cost, based on interface bandwidth by default (10^8 / BW in bps).

Sends partial route updates only when there are changes.

Send hello packets every 10 sec with dead timer of 40 sec over P-P & BC networks.

Send hello packets every 30 sec with dead timer of 120 sec over NBMA networks.

If the network is stable and there have been no updates within 30 min, a compressed update is sent.

Routes labeled as intra-area, interarea, external Type 1, or external Type 2.

Support for authentication.

Uses Dijkstra algorithm to calculate SPF tree.

Default administrative distance is 110.

Uses multicast address (ALLSPFRouters).

Uses multicast address (ALLDRouters).

Recommended for large networks.

For 2 routers to be adjacent :
1st. Hello packets must be sent & received.
2nd They must have the same hello & dead timers Also & same Net ID with subnet mask.
3rd They must be in the same area.

Download video!

Cisco CCNA support blog

Wild card mask

A wildcard mask is a sequence of numbers that streamlines packet routing within the subnets of a proprietary network. A subnet can be a geographically defined local area network (LAN). Alternatively, a subnet may define security boundaries, departmental boundaries, multicast zones or hardware security parameters. The use of a mask saves a router the task of having to handle an entire IP address because the router deals only with the digits selected by the mask. Wildcard masks are commonly used with Open Shortest Path First (OSPF) router protocols and in access control lists for Cisco routers.

Once a packet has arrived at an organization's main gateway with its network number, that packet is routed to its ultimate destination using a subnet number. The wildcard mask is usually a string of binary digits shown over the subnet number, telling the router which parts of the subnet number to look at. A binary "0" over a particular digit in the subnet number says "Pay attention to this digit." A "1" says "Ignore this digit." In a wildcard mask, all the binary "0"s in a conventional subnet mask are replaced by "1"s and all the "1"s are replaced by "0"s.

I know you are here!

You are...

Click For A Free Hit Counter