Sponsored Links
In this post I will explain how to provide routing between two VLANs on a simple Layer 2 switch using a Cisco router with just one interface. This is called also Router-on-a-stick. This configuration is usually asked as a question in CCNA exams, so I hope it will be helpful for people preparing for certification. Lets see the diagram below to get us started:
A Cisco Layer 2 switch carries two VLANs (VLAN 10 – RED and VLAN 20 – GREEN) with two hosts connected on them as shown on the diagram above. The first host belongs to Network 10.10.10.0/24 (VLAN10) and the second one to 20.20.20.0/24 (VLAN20). By default, if the switch is just a normal Layer 2 switch the two hosts can not communicate between them because they belong to different VLANs and there is no routing. Thus, if we want to provide network connectivity between the two VLANs we need to have a Layer 3 engine somewhere in the network. This can be accomplished either if the switch is Layer 3 or if there is a router in place. In our example we use a router to provide Layer 3 connectivity as shown in our diagram.
The router uses just a single interface connected to a trunk port on the switch. The Router interface can be divided into two subinterfaces, with each subinterface belonging to the appropriate VLAN. The switch port connected to the router must be a trunk in order to be able to carry both VLANs towards the router port. Lets see the configuration below:
SWITCH CONFIGURATION
# conf t
(config)# vlan database
(config-vlan)# vlan 10 name RED
(config-vlan)# vlan 20 name GREEN
(config-vlan)# exit
(config)# interface FastEthernet1/0/1
(config-if)# description trunk-to-router-on-a-stick
(config-if)# switchport trunk encapsulation dot1q
(config-if)# switchport mode trunk
(config-if)# exit
(config)# interface FastEthernet1/0/2
(config-if)# description connection-to-RED-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 10
(config-if)# exit
(config)# interface FastEthernet1/0/3
(config-if)# description connection-to-GREEN-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 20
(config-if)# exit
(config)# exit
# copy run start
ROUTER CONFIGURATION
# conf t
(config)# interface fastethernet 0/0.10
(config-if)# encapsulation dot1q 10
(config-if)# ip address 10.10.10.2 255.255.255.0
(config-if)# exit
(config)# interface fastethernet 0/0.20
(config-if)# encapsulation dot1q 20
(config-if)# ip address 20.20.20.2 255.255.255.0
(config-if)# exit
Now, in order for the two hosts to communicate between them, they must set as default gateway the IP address of the corresponding router subinterface address (e.g for host in VLAN 10 the gateway must be 10.10.10.2 and for host in VLAN 20 the gateway must be 20.20.20.2).
Related posts:
- How to configure a Cisco Layer 3 switch-InterVLAN Routing
- How to Configure VLANs on a Cisco Switch
- How to Configure Cisco VTP – VLAN Trunk Protocol
- Configuring Cisco Router Interfaces
- How to Configure VLAN subinterfaces on Cisco ASA 5500 Firewall
- Cisco Router 851 – 871 Interfaces and Basic Configuration
- Configuring a Cisco Catalyst Switch SPAN mirroring port
Sponsored Links
10 Responses to 'Cisco Router-on-a-stick with Switch'
Leave a Reply
Configuration Tutorial For Cisco ASA 5500 Firewalls
With FREE ASA 5505 Configuration Tutorial Bonus
CLICK HERE TO DOWNLOAD EBOOKS
- August 2010 (4)
- July 2010 (4)
- June 2010 (6)
- May 2010 (4)
- April 2010 (7)
- March 2010 (5)
- February 2010 (6)
- January 2010 (6)
- December 2009 (6)
- November 2009 (3)
- October 2009 (4)
- September 2009 (4)
- August 2009 (2)
- July 2009 (4)
- June 2009 (4)
- May 2009 (3)
- April 2009 (4)
- March 2009 (5)
- February 2009 (3)
- January 2009 (3)
- December 2008 (5)
- November 2008 (7)
- October 2008 (6)
- September 2008 (7)
- August 2008 (6)
- July 2008 (6)
- June 2008 (3)
- May 2008 (6)
- April 2008 (6)
- March 2008 (4)
[...] public links >> router Why You Need A Bosch Router First saved by creeder | 14 days ago Cisco Router-on-a-stick with Switch First saved by Jennygyuon | 15 days ago New Apple goodness! First saved by KOOLWWEKID | 17 [...]
Thanks, this is perfect. If only Cisco had published this in their switching book.
thanks for saving me
this tutorial really helps me.
would this work with a layer 2 dell switch 3524?
If the switch support Dot1Q trunking then it will work
Great posting, very helpful.
Hi,
I’m new to networks, and I’m trying to configure router-on-a-stick w/ switch using a Cisco Catalyst 2960 switch and C7206 router.
I tried running through those commands but got stuck with the “switchport trunk encapsulation dot1q” line. I’m guessing the switch doesn’t support “dot1q” like you said earlier.
Is there an alternative way to still configure router-on-a-stick?
You must have some sort of “Vlan tagging” in order to split the single link interface into several vlans.
Jack,
You only have to enter the command:
(config-if)# switchport trunk encapsulation dot1q
if your switch supports 203.1q AND ISL (ISL is an old school cisco proprietry protocol)
If the option isnt there, it only supports 203.1q so there is no need to specify 203.1q, just skip the line….as in:
# conf t
(config)# vlan database
(config-vlan)# vlan 10 name RED
(config-vlan)# vlan 20 name GREEN
(config-vlan)# exit
(config)# interface FastEthernet1/0/1
(config-if)# description trunk-to-router-on-a-stick
(config-if)# switchport mode trunk
(config-if)# exit
(config)# interface FastEthernet1/0/2
(config-if)# description connection-to-RED-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 10
(config-if)# exit
(config)# interface FastEthernet1/0/3
(config-if)# description connection-to-GREEN-VLAN
(config-if)# switchport mode access
(config-if)# switchport access vlan 20
(config-if)# exit
(config)# exit
# copy run start
Yeap, Warren is right. I haven’t played much with 2960 switches but seems they support only 802.1q as Vlan protocol, so you just need to specify “switchport mode trunk” only in your configuration.