annuler
Affichage des résultats de 
Rechercher plutôt 
Vouliez-vous dire : 
cancel
564
Visites
0
Compliment
9
Réponses

Routing vlan

Saldebob
Spotlight
Spotlight

Hello,

1000022165.png


My question concerns routing between 2 vlans performed by a router.
Normally, when the PC in vlan 10 sends a frame to the PC in vlan 20.

Inbound frame is pc in vlan 10

When inbound frame arrive on the interface Fe1/0/3 in vlan 20, it must be rejected

That's why I dont understand.

So I don't understand why the ping works.

 

9 RÉPONSES 9

SW 

Check frame Inbound not Outbound 

And it check source MAC of Inbound not destiantion of Inbound frame 

So source of Inbound frame is pc in vlan 20 and SW accept it 

MHM

So source of Inbound frame is pc in vlan 10

When inbound frame arrive on the interface Fe1/0/3 in vlan 20, it must be rejected

 

That's why I dont understand.

Sorry I mean vlan 20 not vlan 10

The inbound from pc in vlan to pc in vlan 10

So source is vlan 20 and destiantion is vlan 10

MHM

Hello,

 

It's still not clear to me

 

Why the Switch accepts the frame ( vlan id=10) on its fe1/0/3 interface ( vlan 20)

 

It should reject the frame from vlan 10, as it is not part of vlan 20. 

Did you read my previous comment?

SW check source of inbound to it port frame not destiantion of inbound and not outbound.

SW dont care about destiantion mac in both case inbound and outbound.

Even so SW add source MAC address of frame inbound to it table with vlan config in port

MHM

@Saldebob 

 This scenario is called "Inter-vlan routing" and that´s why you need a router. If the packet goes from one vlan interface to the other directly, the communication would be denied due the vlan ID mismatch but the router can overcome this. The router knows both vlans as it has a Trunk interface, it will accept both Vlans IDs. The hosts are in differents networks and the router have routing table for both.

 That´s why the communication happens.  At layer2 level the switch delives the frame to the router on interface 1/0/2, the router check the source and destination of the packet and send it back to the switch on the interface 1/0/3.

I believe it would help if you image two switches instead of one because this is basically what the vlan is doing there. Spliting the switch in two and using the router as a bridge between them.

 Hello,

It's still not clear to me

Why the Switch accepts the frame from computer red ( vlan id=10) on its fe1/0/3 interface mode access( vlan 20)

It should reject the frame from vlan 10, as it is not part of vlan 20. 

The switch does not receive the vlan 10 on interface 1/0/3. Keep in mind that the router has a trunk, which means it has both interfaces on it.

 As soons as you ping from one PC to the other and the traffic goes to the router, the router is responsible to encapsulate the packet in the proper vlan and send it downstream to the proper switch interface/vlan.

Does that make sense?

M02@rt37
VIP
VIP

Hello @Saldebob 

The key to understanding here is that the switch never directly receives a frame from VLAN 10 on the interface configured for VLAN 20. It is the router which does the inter-Vlan routing: it receives the frame from VLAN 10, processes it, and re-encapsulates it for VLAN 20. So, when the frame arrives on the fe1/0/3 interface of the switch, it is correctly tagged with VLAN 20, which is why it is not discarded .

There is therefore no VLAN mismatch in this process, because the router ensures that each frame is correctly tagged before being sent back to the switch.

Nb: I answer in French also on the FR page.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.