This can be achieved with the ‘interface vlan ” On the switch you would require 2 VLAN interfaces, since the hosts in each VLAN still require a default gateway in their own subnet. So let’s look at that first, before we get into the second step of having a router connected to the internet as well.
If you had a multi layer switch (Layer 3 switch) then yes you could bypass the router all together. The switch will send the packet to the destination computer.The switch will receive the packet on the trunk port on VLAN 20.The router will send the packet via the TRUNK to the switch on VLAN 20 through sub-interface f0/1.20.The router will encapsulate the packet with a TAG for VLAN 20.The router will remove the TAG on the packet and do a lookup in the routing table.The router will receive the packet on sub-interface f0/1.10 tagged as VLAN 10.
The Switch will send the packet via the TRUNK port on VLAN 10 to the router.When a machine from VLAN 10 tries to communicate with a machine in VLAN 20 the following will take place In order to complete the design and installation of the above, all computers that are in VLAN 10 would need to have their Default-gateway configured as 10.0.10.1 and machines in VLAN 20 would need their Default-gateway configured as 10.0.20.1.
This enters the interface FastEthernet 0/1 and creates a sub-interface named ‘20’.ĪOIP.ORG(config-subif)# encapsulation dot1q 20Ĭonfigures the sub-interface to be encapsulated with dot1q, and allocates this sub-interface to VLAN 20ĪOIP.ORG(config-subif)# ip address 10.0.20.1 255.255.255.0Ĭonfirm that ping now works, you will notice the first ping failed, but this is purely a ARP delay that caused this NOTE: It is a wise idea to name your sub-interface the same as the VLAN number you are going to allocate it to for help with troubleshooting.ĪOIP.ORG(config-subif)# encapsulation dot1q 10Ĭonfigures the sub-interface to be encapsulated with dot1q, and allocates this sub-interface to VLAN 10ĪOIP.ORG(config-subif)# ip address 10.0.10.1 255.255.255.0Īssociate an IP address to the sub-interfaceĪOIP.ORG(config)# interface fastethernet 0/1.20 This enters the interface FastEthernet 0/1 and creates a sub-interface named ‘10’. Here is the breakdown of the configuration needed to configure a Router on a stick.Ĭonfirming that ping does not work to the interface VLAN 10 on my switch which has IP address 10.0.10.2Ĭonfirming that ping does not work to the interface VLAN 20 on my switch which has IP address 10.0.20.2ĪOIP.ORG(config)# interface fastethernet 0/1.10 (Port f0/23 on the switch is plugged into the router’s port f0/1) In my example I have already configured the switch and made FastEthernet 0/23 a trunk port using dot1q as my encapsulation protocol. In order to have multiple VLAN’s sent over a single cable/port the port needs to be configured as a Trunk port. There is however one small problem with using this option. Each sub-interface can be configured as if it were a physical port on the device.Īs you can see from the above, option 2 is the only logical solution for scalability and ease. NOTE: A sub-interface is a logical separation of the physical interface. This is FAR more scalable and would allow me to configure more than 2 VLAN’s on a single interface Configure Sub-interfaces on the router and associate each sub-interface to each VLAN. So far this is not looking like a very scalable solution.Ģ/ I can plug my router in my switch with a single cable. What if I had more than 2 VLAN’s? What if I had 200 VLAN’s (Not an uncommon scenario)? Not only would this mean I need a router with 200 interfaces, but it would also mean that my switch would need 200 interfaces.
#Router on a stick configuration example free
This is not a major issue, and this is something that could easily be configured, however it will require a router with 2 interfaces free for me to use.
Configure 1 port on the router to be in subnet 10.0.10.0/24 and in VLAN 10, and configure a second port to be in subnet 10.0.20.0/24 and associate that port to VLAN 20. Furthermore the switch I have used in the example below is a layer 2 switch so there is no routing functionality available so I am forced to use a router.ġ/ Plug my router into my switch with 2 cables. In order to have traffic from one subnet communicate with the other routing would have to take place. This can be done either by a multi-layer switch which will have routing capabilities, or the packets can be routed by a router (Router on a Stick)Īs an example, I have 2 VLANS, VLAN 10 and VLAN 20 which have subnets 10.0.10.0/24 and 10.0.20.0/24 respectively. In order for 2 VLANS to be able to communicate, the traffic must be routed.