π Inter-VLAN Routing Configuration (Layer 3 Switch + Router-on-a-Stick)
π₯ Introduction (Real Problem You Might Face)
You created VLANs perfectly⦠but:
- β HR cannot access Sales server
- β IT team cannot manage other VLANs
- β Ping fails between departments
π Devices in different VLANs cannot communicate.
π Everything looks correctβbut communication is blocked.
For example:
- HR (VLAN 10) cannot ping IT (VLAN 20)
π This is expected behavior β VLANs are isolated by design.
But in real-world networks:
- Departments need to share resources
- Applications must communicate
- Servers must be accessible
π Without proper routing, your network becomes partially unusable.
Root Cause:
VLANs isolate traffic at Layer 2. Without routing, they are completely separate networks.
βοΈ Solution: This is where Inter-VLAN Routing becomes essential.
β‘ Inter-VLAN Routing (Quick Answer)
Inter-VLAN Routing allows communication between different VLANs using a Router or a Layer 3 switch.
π§ What is Inter-VLAN Routing?
Inter-VLAN Routing is the process of enabling communication between VLANs using a Layer 3 device.
π It solves the problem of VLAN isolation by:
- Allowing controlled communication
- Connecting multiple VLAN networks
- Enabling real-world applications
Simple Understanding:
- VLAN = separate network
- Router/L3 Switch = connects networks
π π‘ Key Insight:
Without Inter-VLAN Routing, VLANs remain isolated and Devices in different VLANs cannot exchange data.
π Why Inter-VLAN Routing is Needed ?
Without routing:
- VLAN 10 β isolated
- VLAN 20 β isolated
π With routing:
β Devices communicate
β Applications work
β Network becomes functional
π’ Real-World Network Scenario
| VLAN | Department | Network |
|---|---|---|
| VLAN 10 | HR | 192.168.10.0/24 |
| VLAN 20 | Sales | 192.168.20.0/24 |
| VLAN 30 | IT | 192.168.30.0/24 |
π Requirement:
- All departments should communicate securely
- Maintain VLAN isolation + controlled access
π οΈ Methods of Inter-VLAN Routing
There are two main methods:
- Router-on-a-Stick
- Layer 3 Switch Routing
π οΈ Method 1: Router-on-a-Stick Configuration
π What is Router-on-a-Stick?
π A single physical router interface is divided into multiple subinterfaces. It uses trunk link (802.1Q tagging).
π Best for: Small networks / budget setups and labs
π Each subinterface represents a VLAN
βοΈ Configuration (Cisco)
πΉ Switch Configuration
enable
configure terminal
vlan 10
name HR
vlan 20
name SALES
interface fastethernet 0/1
switchport mode access
switchport access vlan 10
interface fastethernet 0/2
switchport mode access
switchport access vlan 20
interface gigabitethernet 0/1
switchport mode trunk
πΉ Router Configuration
enable
configure terminal
interface gigabitethernet 0/0
no shutdown
interface gigabitethernet 0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
interface gigabitethernet 0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
π Packet Flow (VERY IMPORTANT π₯)
π Example: VLAN 10 β VLAN 20
- PC1 sends packet β Switch (untagged)
- Switch adds VLAN tag β sends via trunk
- Router receives β identifies VLAN 10
- Router routes to VLAN 20
- Sends back via same interface
- Switch forwards to PC2
β οΈ Important:
All traffic goes through ONE router interface β possible bottleneck
β οΈ Limitations
- β Single point of failure
- β Bandwidth bottleneck
- β Not scalable
π οΈ Method 2: Layer 3 Switch (SVI Routing)
π What is Layer 3 Switching?
π Layer 3 switch
- Performs routing inside switch hardware
- Uses SVI (Switched Virtual Interface)
- Does not require any external router
π Best for: Medium to large networks
π Switch acts as both switch and router
βοΈ Configuration (Cisco)
enable
configure terminal
ip routing
vlan 10
name HR
vlan 20
name SALES
interface vlan 10
ip address 192.168.10.1 255.255.255.0
no shutdown
interface vlan 20
ip address 192.168.20.1 255.255.255.0
no shutdown
interface fastethernet 0/1
switchport mode access
switchport access vlan 10
interface fastethernet 0/2
switchport mode access
switchport access vlan 20
π Packet Flow (High-Speed Routing β‘)
- PC sends packet β switch
- Switch routes internally
- No external device involved
- Packet delivered instantly
π Result: Ultra-fast communication
βοΈ Difference between Router-on-a-Stick vs Layer 3 Switch
Here below is a detailed comparison between Router on a stick and Layer 3 Switch.
| βοΈ Feature | π‘ Router-on-a-Stick | π’ Layer 3 Switch |
|---|---|---|
| π° Cost | Low (Budget Friendly) | Higher (Enterprise) |
| β‘ Performance | Moderate (CPU-based routing) | High (Hardware ASIC routing) |
| π Scalability | Limited | Excellent |
| β±οΈ Latency | Higher | Very Low |
| π Interface Usage | Single Interface (Trunk) | Multiple SVIs (Virtual Interfaces) |
| π§ Complexity | Medium | Easy |
| π Traffic Handling | Bottleneck Risk | Handles High Traffic Easily |
| π’ Best Use Case | Small Networks / Labs | Enterprise Networks |
| π Speed | Slower | Ultra Fast |
π βFor production networks, Layer 3 switch is always recommended due to performance and scalability.β
π Real-World Use Cases
π’ Office Network
- Department isolation
- Controlled communication
π« Educational Institutes
- Student vs Admin VLAN separation
π Data Centers
- Server segmentation
- High-speed routing
βοΈ Enterprises
- Secure multi-department architecture
π― When to Use Which Method?
π Use Router-on-a-Stick when:
- Network is small
- Budget is limited
- Learning or lab setup
π Use Layer 3 Switch when:
- Network is large
- High performance required
- Multiple VLANs exist
π π‘ Key Insight:
Layer 3 switches are preferred in modern networks due to speed and scalability.
π§― Troubleshooting Inter-VLAN Routing
If inter VLAN routing is not working, check:
π VLAN Status
show vlan briefπ Check trunk status
show interfaces trunk
π Interface Status
show ip interface brief
π Trunk Configuration
show interfaces trunk
π Check routing table
show ip route
π Check VLAN configuration
show vlan briefπ π‘ Pro Tip:
Always verify VLAN, trunk, and IP addressing before debugging routing issues.
β οΈ Common Mistakes to Avoid
- β Missing
ip routing(L3 switch) β Layer 3 switch will not route - β Wrong VLAN assignment
- β Trunk not configured β VLAN traffic will not reach router
- β Incorrect default gateway on PCs
- β Subinterface encapsulation missing
- β Wrong IP addressing β Devices will not communicate
π‘ Pro Tips (Real Admin Insights)
- β Always use Layer 3 switch in production
- β Use Router-on-a-Stick only for labs
- β Plan VLAN IP scheme before deployment
- β Monitor traffic to avoid congestion
- β Keep VLAN design simple
π Related Topics (Recommended Reading)
β‘οΈ What is VLAN
β‘οΈ VLAN Configuration
β‘οΈ VLAN Tagging (802.1Q) Explained
β‘οΈ VLAN Troubleshooting Steps
β‘οΈ VLAN Security Best Practices
β‘οΈ You can also refer to Inter-VLAN Routing Configuration β Explained by networklessons
π― Interview Questions
- What is Inter-VLAN Routing?
- What is Router-on-a-Stick?
- Difference between Layer 2 and Layer 3 switch?
β FAQs
1. Why devices in different VLANs cannot communicate?
π Because VLANs are isolated at Layer 2.
2. Which method should I use?
π Based on the size and budget. So if ,
- Small setup β Router-on-a-Stick
- Enterprise β Layer 3 switch (better performance)
3. What is SVI?
π Virtual interface acting as gateway for VLAN.
4. Can both methods be used together?
π Yes
- L3 switch β internal routing
- Router β internet access
5. What is default gateway in VLAN?
- Router subinterface IP address OR
- SVI interface IP address
π― Conclusion
Inter-VLAN Routing is essential for enabling communication between VLANs.
π It helps:
- Connect networks
- Enable applications
- Improve network functionality
π Without it, VLANs remain isolated and unusable in real-world environments.
π Key takeaway:
- Router-on-a-Stick β Simple, budget-friendly
- Layer 3 Switch β Fast, scalable, professional