Two methods for communication between different VLANs (single-arm routing and layer-3 Switching)
Test environment: Third data center, second floor, east suburb
Investigational device: Catalyst 2950-24 (SW3)
Cisco 2611 (R2)
Catalyst 3750 SERIES (with two SD interfaces, S8----SW-2L)
Real machine (PC5, PC6 ).
Objective::
1. Communication between different VLANs through single-arm Routing
2. implement communication between different VLANs through layer-3 switching routing
Network Topology:
1. Single-arm routing for different VLAN interconnection test network topology
2. layer-3 switching for interconnection of different VLANs
Tutorial steps:
Test procedure of single-arm routing for interconnection of different VLANs
1. Specific Configurations of switch SW3 (mainly vlan and trunk Interface)
1. Create vlan 100, vlan200, and vlan300 on SW3, named caiwu, xiaoshou, and gongcheng in sequence. (You can create a vlan either in the vlan database or in global mode. In this tutorial, the vlan database is configured)
2. In Global mode, port f0/1-5 is divided into vlan 100 and port f0/6-10 is divided into vlan 200, port f0/11-15 is divided into vlan 300 and configured in access mode.
3. Use show vlan to display the vlan configuration information of SW3. You can see that the configuration is correct)
4. If a vswitch communicates between VLANs through a vro, You need to configure the port connecting the vswitch to the trunk mode. Only the trunk line can pass the VLAN.
II. Specific Configurations of vror2 R2 (the gateway of each vlan is encapsulated by configuring the vro sub Interface)
1. Configure sub-interfaces on the ports of routers (R2) and switches (SW3). The IP addresses of each sub-interface are the gateway addresses of each VLAN (or the next hop address ), and encapsulate the 802.1Q protocol on the sub-interface (General encapsulation mode of the switch ). You can also encapsulate the ISL protocol (cisco-specific protocol, which is not compatible with 802.1Q ).
2. Connect PC5 and PC6 to f0/6 and f0/1 of SW3, respectively, and configure the IP address of PC5 as 192.168.2.1/24 and the gateway as 192.168.2.254. The IP address of PC6 is 192.168.1.1 and the gateway is 192.168.1.254. Ping PC6 with PC5 to see if the ping is successful.
Experiment on layer-3 switching for different VLANs
1. Use the VTP protocol to achieve VLAN configuration consistency.
Note: The port F0/24 of SW3 has already been set to trunk mode, while the interface of the cisco catalyst 3750 switch is a dynamic negotiation mode by default. Both parties negotiate to form a trunk link. You can also set it manually.
1. Set SW3 to vtp server mode and the domain name to benet.com. Provide VTP announcements for other vswitches to achieve vlan coordination consistency.
2. Configure the Domain Name of the layer-3 Switch SW-2L (R8) as benet.com, the mode is client mode. Accept the vlan announcement of SW3.
3. From the figure below, we can see that the SW-2L has learned the VTP announcement information of the SW-2L. (Note: Do not learn port Division)
4. Configure the enable routing function on the layer-3 Switch SW-2L (the routing function must be enabled, otherwise the layer-3 switch function is equivalent to the layer-2 switch ).
5. Configure the IP address of each VLAN on the three-layer switch S2-2L, that is, the gateway of each VLAN. (A layer-3 switch supports routes between VLANs, which is equivalent to the IP address configured on the sub-interface of a single-arm route. The configuration method is the same as the IP address command for configuring VLAN1 (management ).
6. After configuration, you can view the route information of the direct connection through show ip route.
7. view the FIB table of the layer-3 Switch SW-2L (FIB table is similar to the image of the route table that contains the forwarding information in the route table. When the network topology changes, the route table is also updated, and the FIB also changes. FIB contains the next hop address information, which is also obtained based on the information in the route table .)
8. view the neighbor relationship table.
9. Connect PC5 and PC6 to f0/6 and f0/1 of SW3, respectively, and configure the IP address of PC5 as 192.168.2.1/24 and the gateway as 192.168.2.254. The IP address of PC6 is 192.168.1.1 and the gateway is 192.168.1.254. Ping PC6 with PC5 to see if the ping is successful.
Conclusion: During the test, we can see two ways to implement different VLANs: One is through single-arm routing and the other is through layer-3 switching routing, it can be said that communication between different VLANs can only be achieved through the routing function. Second, you must configure the next hop address (GATEWAY) for communication between different network segments. So when to use single-arm routing and when to choose layer-3 switching. Single-arm routing is not scalable. Why? If the number of VLANs increases, the traffic flowing through the link between the router and the switch will become very large, this link becomes the bottleneck of the entire network, even if your network bandwidth is faster. Therefore, when the network grows and the number of VLANs is increasing, You need to configure the routing function of the layer-3 switch, communication between different VLANs (the data table throughput of a layer-3 switch is usually several million pps, while that of a traditional router is only 10 KPPS ~ 1 Mpps. The second layer switches use hardware to exchange and route data packets. Of course, the throughput is high, or even close to the line rate. Vrouters only use virtual sub-interfaces to exchange and route data packets. Instead of implementing the hardware, the throughput will decrease.
In a word: layer-3 switching technology achieves high-speed packet forwarding on layer-3, which solves the network bottleneck caused by low speed and responsibility of traditional routers.