Configure InterVLAN

Sure, but why have them be seperate VLANs if you aren't going to do something with the router between them, be it routing, filtering, NAT or QoS of somekind?

Doesn't that turn into one flat VLAN?

One flat VLAN? But it's in a different subnetwork. For example: SVR1:192.168.10.1/24 SVR2: 192.168.20.1/24 and Workstations are: 192.168.10.0/24

All connect to one switch. Is that possible for workstation to talk to SVR2 without a Router?

Thanks,

No. The only way for this to work is if the workstations have connections in each network. Basic networking tells us that a node can only talk to its directly connected network which it knows via its IP address and subnet mask. As soon as it has to talk off of its subnet, it must use its default gateway, which must be a router or some other kind of device that acts like a router.

I wonder if switch layer 3 have a same function like router? Is that possible to make it work with switch layer 3? If can how to do it?

Any idea or advice?

Thanks,

A layer 3 switch is a layer 2 switch with layer 3 capability. You would make this work in the exact same way as you would a router and a switch, but in this case, the layer 3 switch plays both ports. You would create vlan interfaces with IP addresses for each network. You would then place some of your ports as access ports in one vlan, and other ports as access ports in the second vlan. Then, provided your hosts have their gateways pointing to your virtual interfaces on the switch, this would work. In short:

interface vlan 2 ip address 192.168.2.1 255.255.255.0 no shut interface vlan 3 ip address 192.168.3.1 255.255.255.0 no shut

int g0/1 switchport mode access switchport access vlan 2 no shut int g0/2 switchport mode access switchport access vlan 3 no shut

Put your node connected to g0/1 in the 192.168.2.0 network (.2 - .

254), and make its gateway 2.1. Put the node connected to g0/2 in the 192.168.3.0 network (.2-.254), and makes its gateway 3.1. You may also need to turn up basic ip routing, but that should be it, and it will work.

hhs:

Here is a response I post a day or two ago to a similar question (the IP addresses relate to the other person's scenario), in a different newsgroup:

VLANs are isolated from one another. To communicate between VLANs, you must use interVLAN routing.

You configure a trunk port (e.g.: 802.1Q) on the switch and connect it to a router that has been configured with sub interfaces (e.g.: one sub-interface configured as 192.168.142.1, the other 192.168.143.1). These addresses would be the default gateway addresses of their respective VLANs.

Lets say your VLAN IDs were 142 and 143, and you wanted to access a server on VLAN 143, from a host on VLAN 142.

The host determines that the server is not on the same network by applying the network mask to both addresses, and doing a comparison. The host forwards a packet to it's default gateway (192.168.142.1). The switch tags the packet with VLAN ID 142 (e.g.: 4 byte 802.1Q header) and forwards it over the trunk to the router.

The router receives the packet, strips of the VLAN tag, looks at its routing table and determines that it does have a route to the server via sub-interface 192.168.143.1. The packet is tagged by the router with VLAN ID 143, and forwarded over the trunk. The switch strips off the VLAN tag, and forwards the packet to the server.

When the server responds, it uses its mask comparison to conclude that the host is on another network, and that it therefore needs the assistance of its default gateway which is at 192.168.143.1. It sends a response packet to the host. This packet will be tagged by the switch with VLAN ID 143, and forwarded to the router. The router will strip off the tag, do a route lookup, re-tag the packet with VLAN ID 142 and forward it out the trunk (via sub-interface 192.168.142.1). The switch will remove the tag and forward it to the host.

Note that a "single" packet being sent between the host and server, has to traverse the trunk "twice".

Host to router, then router to server.

The penalty for using VLANs, is the increased utilization of the physical link between the switch and the router (i.e. the trunk).

Best Regards, News Reader

hhs wrote:

Definitely agree with News Reader, although having a layer 3 switch keeps all that within the same network device (at least at a small level). As soon as you include routers and trunking, News Reader is

100% right, which also starts to show the reasoning behind the trend towards distributed layer 3 and the slow elimination of vlan trunking in large enterprises (other than between access switch pairs for redundant connections to individual servers).

I see, thanks so much for your explanation.

Regards, hhs

A layer 3 switch is a router.