INTERVLAN ROUTING ROUTER-ON-A-STICK

OVERVIEW Router in-a-stick is used when a router is configured as a gateway for multiple vlan sub-networks and all those vlans connects to it through a unique local interface. The router local interface is divided into as many sub-interfaces as vlans configured to connect to the router, each sub-interface must be configured with encapsulation dot1q as the trunk interface on the switch. TOPOLOGY Figure1: Network topology
Gateway network

R3 (gateway router )

R5

R2

VLAN40 sub-network
VLAN40 gateway router VLAN50 gateway router

VLAN50 sub-network

Table1: Network components Device R2 R5 R3 ADDRESS SCHEME

Role Cisco 2610 sub-network gateway router for vlan 40 Cisco 2610 sub-network gateway router for vlan 50 Cisco 2610 gateway router for both vlan 40 and 50

Figure2: addressing and interfaces

10.10.10.10/24 .1 R3 fa 0/0.40 Dot1q .40.100 R5 e0 .40.1 Fa 0/21
Fa0/0

Fa 0/020 Dot1q .50.100 R2

Fa 0/23

192.168.40.0/24 VLAN40

Fa 0/22 192.168.50.0/24 VLAN50

E0/0 .50.1

AJN

Table2: IP Addressing scheme. Subnet Assignment 192.168.40.0/24 VLAN 40 subnet. 192.168.50.0/24 VLAN 50 subnet 10.10.10.0/24 Gateway network for both VLAN 50 and 40 192.168.40.100 Router fa 0/0.40 sub-interface gateway IP address connected to VLAN 40 192.168.50.100 Router fa 0/0.50 sub-interface gateway IP address connected to VLAN 50 192.168.40.1 Router R5 e0 ip address 192.168.50.1 Router R2 e0/0 ip address CONFIGURATION Switch:
c2924XL#sh run int fa 0/21 Building configuration... Current configuration: ! interface FastEthernet0/21

// This interface belongs to VLAN 40

switchport access vlan 40 end c2924XL#sh run int fa 0/22 Building configuration... Current configuration: ! interface FastEthernet0/22

// This interface belongs to VLAN 40

switchport access vlan 50 end c2924XL#sh run int fa 0/23 Building configuration... Current configuration: ! interface FastEthernet0/23

// This is the interface connected to the router through which both vlans 40 and 50 traffic are // passed, it must be configured as trunk with dot1q encapsulation.
switchport switchport switchport switchport end c2924XL# trunk encapsulation dot1q trunk native vlan 666 trunk allowed vlan 1,40,50,1002-1005 mode trunk

Router R3:
R3#sh run Building configuration...

AJN

Current configuration : 2045 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! boot-start-marker boot-end-marker ! enable secret 5 $1$D39W$Hc58App8EbDccjjw6TmOG/ ! username admi2n5 password 0 39W$Hc58App8EbDc clock timezone GMT 1 aaa new-model ! ! aaa authentication login default group radius local none aaa accounting session-duration ntp-adjusted aaa accounting system default start-stop group radius aaa accounting resource default start-stop group radius aaa session-id common ip subnet-zero ! ! ! ip audit notify log ip audit po max-events 100 ip domain name nouri.com ip name-server 172.16.0.104 no ftp-server write-enable ! ! interface Loopback0 ip address 10.10.10.10 255.255.255.0 ! interface Ethernet0/0 no ip address half-duplex ! interface Ethernet0/0.40

// Set encapsulation type to 802.1q and bind to VLAN 40

encapsulation dot1Q 40

// Setting gateway IP address from VLAN40 subnet address scheme

ip address 192.168.40.100 255.255.255.0 ! interface Ethernet0/0.50

// Set encapsulation type to 802.1q and bind to VLAN 50

encapsulation dot1Q 50

// Setting IP address from VLAN50 subnet address scheme

ip address 192.168.50.100 255.255.255.0 ! interface Serial0/0 no ip address shutdown no fair-queue ! ip classless ip http server
AJN

no ip http secure-server ! line con 0 stopbits 1 line aux 0 line vty 0 4 exec-timeout 0 0 transport input ssh line vty 5 15 ! ! ! end

Router R5:
R5#sh run Building configuration... Current configuration : 470 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname R5 ! ! ip subnet-zero ! ! ! ! ! interface Ethernet0

// Setting IP address from VLAN40 subnet address scheme

ip address 192.168.40.1 255.255.255.0 ! interface Ethernet1 no ip address shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! ip classless

// Setting a default route to the VLAN40 gateway

ip route 0.0.0.0 0.0.0.0 192.168.40.100 ip http server ! ! line con 0 line aux 0 line vty 0 4 login
AJN

! end

Router R2:
R2#sh run Building configuration... Current configuration : 455 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname R2 ! ! ip subnet-zero ! ! ! ! ! ! interface Ethernet0/0

// Setting IP address from VLAN50 subnet address scheme

! interface Serial0/0 no ip address shutdown no fair-queue ! ip classless ip address 192.168.50.1 255.255.255.0 half-duplex

// Setting a default route to the VLAN50 gateway

ip route 0.0.0.0 0.0.0.0 192.168.50.100 no ip http server ! ! line con 0 line aux 0 line vty 0 4 login ! end

CHECKING Status check: From R3:

R3#sh ip int brief Interface IP-Address OK? Method Status Protocol
AJN

Ethernet0/0 Ethernet0/0.40 Ethernet0/0.50 Serial0/0 Loopback0 R3#

unassigned 192.168.40.100 192.168.50.100 unassigned 10.10.10.10

YES manual up YES manual up YES manual up YES NVRAM

up up up

administratively down down up

YES manual up

From R2:
R2#sh ip int brief Interface Ethernet0/0 Serial0/0 down R2# IP-Address 192.168.50.1 unassigned OK? Method Status YES manual up YES NVRAM Protocol up

administratively down

From R5:
R5# sh ip int brief Interface Ethernet0 Ethernet1 Serial0 Serial1 R5# IP-Address 192.168.40.1 unassigned unassigned unassigned OK? Method Status YES manual up YES NVRAM YES NVRAM YES NVRAM Protocol up

administratively down down administratively down down administratively down down

Table3: Connectivity matrix R2 R5 R3 E0/0 E0 E0/0.40 E0/0.50 Loopback0 E0/0.40 OK OK OK OK OK R3 E0/0.50 OK OK OK OK OK Loopback0 OK OK OK OK OK R2 E0/0 OK OK OK OK OK R5 E0 OK OK OK OK OK

AJN