Section 6.3: InterVLAN Routing Configuration
6.3.1: Accessing the Route Processor
To begin interVLAN routing configuration, the route processor must first be accessed. On an external router, a terminal emulator program can be used to connect directly with the console port. If some IP connectivity is already available on the router, a telnet session can be opened to the router. An integrated or internal route processor must first be located in the switch chassis. Use the show module command on a Catalyst switch to get a listing of the installed modules.
To establish a terminal session with the integrated route processor, use the session Catalyst switch command with the moduie_number as an argument. The integrated route processors run Cisco IOS; therefore, the user interface and command set may be different from that of the host switch. The session command essentially starts a Telnet session with the route processor. By using the exit IOS command, the router session is terminated and the switch session is resumed.
For future identification and readability, you should assign a hostname to the route processor at this point using the hostname name command.
6.3.2: Establishing VLAN Connectivity
Next, the route processor will need to have its interfaces configured to support connectivity to the necessary VLANs. This is accomplished using interfaces and commands that are unique to the route processor hardware.
6.3.2.1: Establishing VLAN Connectivity with Physical Interfaces
External routers are connected to switches using traditional LAN media links, such as Ethernet, Fast Ethernet, Gigabit Ethernet, or Token Ring. Individual physical router interfaces are configured for a single network each and connected to non-trunk switch ports configured for VLAN membership. By way of the physical connection, the router interface inherits the VLAN identity of the switch port.
To configure a physical interface, enter the configuration mode and the interface configuration mode; assign a network address to the interface; and ensure that the interface is in operation. The commands required for these operations are illustrated below:
Router# configure terminal
Router(config)# interface media module_number/port_number Router(config-if)# description description Router(config-if)# ip address ip_address subnet_mask Router(config-if)# no shutdown
6.3.2.2: Establishing VLAN Connectivity with Trunk Links
When an external router is connected to a switch by a trunk link, the trunk must also be configured. The physical interface on the router must be Fast Ethernet or Gigabit Ethernet to support trunking and VLAN encapsulation. The physical interface is identified with a slot number and a major interface number. Once trunking is enabled on the interface, each VLAN in the trunk is represented by a subinterface number. These numbers can be arbitrarily chosen, but must be unique within the major interface number. For each VLAN to be connected, trunking and VLAN encapsulation must be configured on the respective subinterface. Then the subinterface is assigned a network address. The commands required for these operations are illustrated below:
Router(config)# interface module_number/port_number.subinterface Router(config-if)# encapsulation [ isl | dot1q ] vlan_number Router(config-if)# ip address ip_address subnet_mask
6.3.2.3: Establishing VLAN Connectivity with Integrated Routing Processors
Route processors internal to a Catalyst switch have no physical interfaces to connect and configure, instead these modules use internal connections into the switching backplane. The type of connection is related to the specific module being used. However, the configuration is similar to that of an external router: To begin configuration, the route processor module must be located and a terminal session opened. The show module command displays a list of the installed modules. The session module-number command can be used to open a Telnet session to the routing module. This command will open a session to the IOS command line running on the route processor module.
The following commands are used to configure the VLAN interfaces:
Switch(enable) session module_number Router# configure terminal
Router(config)# interface vlan vlan_number Router(config-if)# ip address ip_address subnet_mask Router(config-if)# no shutdown
Router(config-if)# interface vlan vlan_number Router(config-if)# ip address ip_address subnet_mask Router(config-if)# no shutdown
6.3.3: Configure Routing Processes
Once connectivity has been configured between the switch and a route processor, you must also configure routing. Routes are paths to distant networks known on the local route processor, along path costs and the addresses of next-hop route processors. In this way, a router hands off packets destined for a remote network to a neighboring router who is closer to the destination. Routers are used by end-user devices when the destination is not attached to the local VLAN. A route processor keeps a local table of known routes, metrics, interfaces, and neighboring routers. The table entries can be derived from static route entries that are manually configured or from dynamic routing protocols that run on the router. Dynamic routing protocols communicate with other routers running the same protocols so that optimal routes can be determined and advertised in real-time.
To configure dynamic routing on a route processor, use the following IOS commands:
Router(config)# ip routing
Router(config)# router ip_routing_protocol Router(config-router)# network ip_network_number Router(config-router)# network ip_network_number
6.3.4: Additional InterVLAN Routing Configurations
Once a route processor has been configured for interVLAN routing, end-user stations can use the processor. Normally, an end-user device knows only about its local subnet and can communicate only with stations on the local VLAN. To reach another station on a different VLAN, packets must be forwarded to a router; therefore, each end-user device should be configured with the router's IP address on the local VLAN. The local VLAN router's IP address is known as the default gateway. In addition, a switch needs to be configured with a router's address. Unless the switch has the router's address, the switch will be unable to forward management traffic off its local management VLAN. You can use the ip default-gateway ip_address command to configure a default gateway on an IOS-based switch. On a CLI-based switch, a default route must be configured using the set ip route default gateway_address command.