From: Derek Small (d.small@xxxxxxxxxxxxxxxx)
Date: Wed Aug 30 2000 - 16:40:22 GMT-3
802.1q is supported on GigE, although ISL is not. ISL and 802.1q is
supported on all Router 100Meg Ethernet interfaces, except for the 1700
series platform. Using IRB or CRB only lets you combine routing and
switching of various protocols over several interfaces. The problem that
you are running into is you have several VLANs defined. VLANs are logically
isolated networks by definition. Therefore you need some device (logical or
physical) that will allow you to move traffic between the two VLANs.
Certainly you could take several switches that are divided into numerous
VLANs, and plug one connection from each of those VLANs into another switch
or bridge device that is not devided into VLANS and create one big switched
network again. But all you have done is bridged your VLANs back into a
single broadcast domain, or a single switch network. The purpose of
creating VLANs is to isolate one network segment from another, usually for
security or broadcast reduction. That means you want to allow traffic to
flow between the VLANs only through some layer 3 device, a router usually.
There are three ways to interconnect VLANs with a layer 3 device.
1. Connect one interface from each VLAN to an interface in the router.
2. Connect a trunk line to the router that supports all the VLANs, then
break each VLAN back out on the router with logical interfaces
(sub-interfaces).
3. Put layer three intelligence in the switch itself. Install an RSM or MSM
routing engine and define VLAN interfaces for each VLAN.
You could assign secondary IP addresses to an ethernet port on a router and
then route between the addresses, but how are you going to get traffic from
all the VLANs into the router? Remember we are trying to use a single port
on the router here, right? The only way to get traffic from more than one
VLAN to enter a port on a router is to enable trunking on the switch end of
that port, thereby sending all VLANs that are permitted on that trunk to be
sent to the router, or to bridge all the VLANs together and then send
traffic to the port on the router. If you bridge all the VLANs together
though, you just defeated any benifit there might have been to creating
VLANs in the first place.
I think you are getting confused on where VLANs are defined. VLANs are
defined on switches, networks are defined on routers. Router only use
subinterfaces to keep VLAN traffic seperated so they can treat the network
on each VLAN differantly. The only VLAN operation you can do on a router is
assign a logical port to a specific VLAN, you can't define a VLAN on a
router. (I suppose you may be able to interconnect two routers with a cross
over cable and a trunking protocol, but I cannot imagine a situation where
that would be useful, and I have doubts that it would work anyway).
Derek Small
CCIE # 5832, Nortel NCSE
513-703-7059
dwsmall@fatkid.com
----- Original Message -----
From: Erick B. <erickbe@yahoo.com>
To: Aaron DuShey <aaron.dushey@dushey-consulting.com>; CCIE (E-mail)
<ccielab@groupstudy.com>
Sent: Wednesday, August 30, 2000 5:48 PM
Subject: Re: vlans
>
> >From my knowledge, Cisco only supports trunking (ISL
> or 802.1q) on 100meg interfaces to date (correct me if
> I'm wrong - need to do more VLAN work). Some modules
> support ISL and some 802.1q. If you can't use a
> trunking protocol then the only other way to route
> between VLANs is to make the switch-port a member of
> all the VLANs and multinet the router interface so it
> has address's for all the networks. Not a pretty
> solution but it works.
>
> - Erick
>
> --- Aaron DuShey <aaron.dushey@dushey-consulting.com>
> wrote:
> > question-
> > What other methods are there for routing between
> > VLANs besides subinterfaces
> > w/ISL?
> > Can you use IRB/CRB to do this?
> > This is on a 3640 FastE interface.
> > Does this mean that if you don't have a 100MB
> > interface on a router you can
> > use IRB to route between the vlans instead?
> > Little confused here...any help is greatly
> > appreciated,
> > The doc cd states-but I am still not completely
> > clear
> > Our VLAN Routing implementation is designed to
> > operate across all router
> > platforms. However, the Inter-Switch Link (ISL) VLAN
> > trunking protocol
> > currently is defined on 100 BaseTX/FX Fast Ethernet
> > interfaces only and
> > therefore is appropriate to the Cisco 7000 and
> > higher-end platforms only.
> > The IEEE 802.10 protocol can run over any LAN or
> > HDLC serial interface. VLAN
> > traffic is fast switched. The actual format of these
> > VLAN encapsulations are
> > detailed in the IEEE Standard 802.10-1992 Secure
> > Data Exchange and in the
> > Inter-Switch Link (ISL) Protocol Specification.
> > Our VLAN Routing implementation treats the ISL and
> > 802.10 protocols as
> > encapsulation types. On a physical router interface
> > that receives and
> > transmits VLAN packets, you can select an arbitrary
> > subinterface and map it
> > to the particular VLAN "color" embedded within the
> > VLAN header. This mapping
> > allows you to selectively control how LAN traffic is
> > routed or switched
> > outside of its own VLAN domain. In the VLAN routing
> > paradigm, a switched
> > VLAN corresponds to a single routed subnet, and the
> > network address is
> > assigned to the subinterface.
> >
> > Aaron DuShey
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:33 GMT-3