This post will be somewhat of a continuation of the last post entitled “A bit about 802.1q Trunk ports”.
Relevant CCNA Topics Covered: Interconnecting Cisco Networking Devices Part 1 (100-105) Section 2.0
The last post touched on the need for a layer 3 device to switch or route inter-vlan traffic. The configuration in which a router does this is called router on a stick. In it’s basic iteration there will be a layer 1 connection between a switch and a router. The layer 2 configuration on the switch port will be a static trunk assignment. Most routers will not be running DTP so there can be no negotiation of the trunk port. The router’s port connecting to the switch cannot be statically assigned trunkport status because it is not operating as a layer 2 device however it can still encapsulate frames with an 802.3 tag as a standard trunkport would. This configuration starts on the router by building a sub-interface for each required vlan. The standard practice is the make the sub-interface ID equal to the Vlan ID. This way you will be able to determine the vlan at a glance. Before I continue with the configuration example examine the diagram below:<
In this scenario PC1 (10.5.5.5) will attempt to send traffic to PC2 (10.15.15.15) which is on a different subnet. PC1 will send this traffic to it’s default gateway of 10.5.5.1 which is R1. PC1 will encapsulate a frame with a destination mac address of R1’s Fa0/1 interface. SW1 will insert a 4byte tag into the frame indicating the packet belongs to Vlan 5, and forward it to R1 via the trunk port. If R1 can’t have a trunk port configured, how does it handle the frame tag? Let’s continue with the next step of the configuration and find out. After creating the sub-interface on port FastEthernet0/1 we must apply the “encapsulation” command which will allow the transmit and receipt of 802.1q frames. Let’s take a look at R1’s configuration as it’s being applied below.
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#int fa0/1.5 R1(config-subif)#encapsulation dot1q 5 R1(config-subif)#ip address 10.5.5.1 255.255.255.0 R1(config-subif)#int fa0/1.15 R1(config-subif)#encapsulation dot1q 15 R1(config-subif)#ip address 10.15.15.1 255.255.255.0 R1(config-subif)#end R1#
With this configuration in place R1 is able to receive the frame with the 802.1q tag for vlan 5, and properly deliver it to sub-interface fa0/1.5. The router will deencapsulate the frame and determine the packet is destined for 10.15.15.15. The ensuing route table look up will find a connected route for 10.15.15.0/24 via interface fa0/1.15. R1 will consult the arp table for the link-layer address of 10.15.15.15, encapsulate the packet in a frame with the destination mac address of Pc2, and a 802.1 Q tag for vlan 15. R1 will then forward the frame out of fa0/1.15 towards SW1. SW1 will then forward the frame to PC2 in vlan 15 based on the vlan tag and destination mac provided by R1.
This topology and configuration allows the router to route traffic between the two vlans effeciently. An alternate topology could have two layer 1 connections from SW1 to R1, using one connection for each vlan. This configuration could work in this specific scenario but is not scalable in most situations. The router on-a-stick configuration allows you to efficiently use one interface to support inter-vlan routing.
Thank you for taking the time to read this post, feel free to leave a comment with any feedback or questions, and have a great day! If you find yourself in need of the ICND1 100-105 here’s may affiliate link to amazon where you can purchase: CCENT/CCNA ICND 100-105 Official Cert Guide by Wendell Odom (2016-05-17)
-Eric