From the course: CompTIA Network+ (N10-009) Cert Prep

InterVLAN routing

From the course: CompTIA Network+ (N10-009) Cert Prep

Start my 1-month free trial Buy for my team

InterVLAN routing

- One of the big issues when you're setting up VLANs is that you have literally taken one big network and separated it into two separate broadcast domains. Now, that's good because from security reasons and such, we like that. But the downside is, is there's some times you want these two separate networks to be able to talk to each other. And you can, but it can be a little bit messy. So let's take a look over here. So just to keep things simple, what I'm going to say is I've set up this entire switch to be on VLAN2 and this switch underneath it to be on VLAN3. Now, of course, we don't have to do it that way. We could have ports on 2 and 3 all over the place, but just for simplicity's sake, we're going to say it's that way. Now, what I've done is I've thrown an old router on top of the two switches, and I'm going to show you how we used to do things in the old days. If I've got two separate VLANs, I'm going to have to use a router to interconnect them. So I'm going to go something like this. On this particular router, it has two Ethernet ports. The other ports are just used for management. (cables rattling) So I'm going to plug this puppy up. (switches clicking) And it's going to look something like this. So what I've done is I've taken one arbitrary port from VLAN2, plugged that into one side of my router, and then I took another arbitrary port from VLAN3 and plugged it into the other side. Now that I've got this all plugged in, I can go into my router configuration and I can set it all up and put in firewalls and access control lists, whatever I want to do to keep one VLAN from getting too far into the other VLAN. So whatever I want to do there, I can do. The downside to this is that, unless we come up with something different, every time I come up with another VLAN, that's going to be a separate broadcast domain, and I'm going to have to keep (chuckling) adding more and more routers, or at least adding more and more ports to a single router to allow everybody to interconnect. It's a mess. So what we do instead is we use something called interVLAN routing. Now, interVLAN routing is in essence a virtualization of the functions of a router that's put into higher-end switches. With interVLAN routing turned on, I can say, okay, I've got two VLANs, VLAN2 and VLAN3, and you literally go into your switch configuration to do this. So I go in, I have VLAN2 and VLAN3, and I allow inter-VLAN routing, and I turn it on, and on a really good switch, I can even add things like access control lists and stuff like that. So interVLAN routing is simply the tool that we use that if you make a bunch of VLANs and you're going to have to reconnect them via routers, instead of having a bunch of big, ugly routers like this laying around, with the right type of switch and a little bit of patience, 'cause sometimes interVLAN routing can be challenging, you can do it all within one or two boxes.

Contents