- Posts: 4
- Thank you received: 0
inter vlan routing
17 years 11 months ago #19118
by hadi
inter vlan routing was created by hadi
Hi
I am working on vlans and I am a beginner.
My question is this?
How does router route vlan packets between vlans? Does router change vlan id or not?
for example, we have 2 vlans. if a packet with vlan id=1 departs vlan1 and enters to the neighbor router, does the router change the vlan id value or not?
Thanks
I am working on vlans and I am a beginner.
My question is this?
How does router route vlan packets between vlans? Does router change vlan id or not?
for example, we have 2 vlans. if a packet with vlan id=1 departs vlan1 and enters to the neighbor router, does the router change the vlan id value or not?
Thanks
17 years 11 months ago #19122
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: inter vlan routing
Hi Hadi and welcome to the community.
In answer to your question, the router will change the vlan id.
To route packets, you need to perform some sort of routing. This is the basic concept of getting packets from one subnet to another and is used to segment networks in order to make the broadcast domains smaller to improve on network performance (among other reasons).
Anyhow, if you keep this in mind, the same applies to InterVLAN Comminications. You need a way to route between the VLAN's which will need to be done at layer 3 in order to route using IP Addressing (unless you use bridging at layer 2 but there is no point since you then merge the broadcast domains again, loosing one of the main reasons for segmenting).
The way it works (refered to as Router-on-a-stick) is that you have a router connected to a switch using a VLAN Trunk Link. VLAN traffic is trunked through to the router from the switch (Cisco can use a propriatery protocol called ISL or a IEEE standard called 802.1Q for the encapsulation). It is basically the method used to identify which VLAN the traffic belongs to when it gets to the other end of the trunk.
The Router is then configured in order to accept this traffic and sub interfaces are used to map IP Addresses onto each VLAN sub-interface. The packet arrives on that VLAN, the VLAN identification is stripped, the router then routers the packet in the normal way, re-tags the packet into the correct VLAN of the destination network and down the Trunk it goes.
Hope it makes sense
Cheers
In answer to your question, the router will change the vlan id.
To route packets, you need to perform some sort of routing. This is the basic concept of getting packets from one subnet to another and is used to segment networks in order to make the broadcast domains smaller to improve on network performance (among other reasons).
Anyhow, if you keep this in mind, the same applies to InterVLAN Comminications. You need a way to route between the VLAN's which will need to be done at layer 3 in order to route using IP Addressing (unless you use bridging at layer 2 but there is no point since you then merge the broadcast domains again, loosing one of the main reasons for segmenting).
The way it works (refered to as Router-on-a-stick) is that you have a router connected to a switch using a VLAN Trunk Link. VLAN traffic is trunked through to the router from the switch (Cisco can use a propriatery protocol called ISL or a IEEE standard called 802.1Q for the encapsulation). It is basically the method used to identify which VLAN the traffic belongs to when it gets to the other end of the trunk.
The Router is then configured in order to accept this traffic and sub interfaces are used to map IP Addresses onto each VLAN sub-interface. The packet arrives on that VLAN, the VLAN identification is stripped, the router then routers the packet in the normal way, re-tags the packet into the correct VLAN of the destination network and down the Trunk it goes.
Hope it makes sense
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 11 months ago #19156
by hadi
Replied by hadi on topic Re: inter vlan routing
Hi Dear Smurf
Thanks for message and your kindness.
Would you help me more?
If a router wants to change the vlan id according to subnet IP address, there must be a table in router.
Is there any table? and how entries of the table can be updated?
Is there any protocol to update entries?
Thanks for message and your kindness.
Would you help me more?
If a router wants to change the vlan id according to subnet IP address, there must be a table in router.
Is there any table? and how entries of the table can be updated?
Is there any protocol to update entries?
17 years 11 months ago #19159
by Dove
Dove
Replied by Dove on topic Re: inter vlan routing
Hi Hadi,
As Smurf said, when configuring the interVLAN communication need to enable the normal routing. It will creat the routing table and maintain it with respective details as usual.
When a packet sending across to VLAN (inter-Vlan) the packet will passed from switch to router and router will find the respective destination VLAN interface from the existing routing table then fwd it out. Before sending out the packet as smurf said the Identification change will be happen...
Hope it will helps you.
The Router is then configured in order to accept this traffic and sub interfaces are used to map IP Addresses onto each VLAN sub-interface. The packet arrives on that VLAN, the VLAN identification is stripped, the router then routers the packet in the normal way, re-tags the packet into the correct VLAN of the destination network and down the Trunk it goes.
Cheers
As Smurf said, when configuring the interVLAN communication need to enable the normal routing. It will creat the routing table and maintain it with respective details as usual.
When a packet sending across to VLAN (inter-Vlan) the packet will passed from switch to router and router will find the respective destination VLAN interface from the existing routing table then fwd it out. Before sending out the packet as smurf said the Identification change will be happen...
Hope it will helps you.
Dove
Time to create page: 0.135 seconds