Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3806
Views
0
Helpful
10
Replies

How will the router forward the packets from the vlan networks towards other regular network

Go to solution
Al-Hakeem Canape
Level 1
Level 1

‎10-04-2019 02:07 AM

This might be a very simple question but i really want to know the logical concept on how routers forward packets from vlan networks going to other regular notwork outside vlans.

 

While i do understand how two regular networks communicate via router, I unfortunately don't regarding vlan networks towards other regular networks.

 

 

Note: I am not talking about inter-vlan.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎10-04-2019 03:42 AM

Hi @Al-Hakeem Canape 

 

The first thing that should be clear is that the vlan works in layer 2, so the vlan tag does not pass through the routers.

Therefore, when working with router-on-a-stick(RoaS) it is necessary to encapsulate the packets in the subinterfaces with the corresponding vlan tag.

When packets leave the router to another network they do it without vlan tag.

So, packets reach other routers without vlan tag.

If the router's internal interface is encapsulated (RoaS), then the packet leaves the router with the vlan tag configured.
If it is not encapsulated (RoaS), then the packets comes out without vlan tag.
When this packet without a tag reaches a switch port in trunk mode, then the packet is taged with the tag of the native vlan.

If the packet reaches a switch port in access mode, then the packet is taged with the vlan tag configured on that port.

 

Regards

 

View solution in original post

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to Al-Hakeem Canape

‎10-05-2019 01:54 AM

Hi,

I am not sure that I got your point correctly or not but trying to explain in simple words:

 

Your network is here:

VLAN1--(192.168.1.0/24)-----------                                                                       

                                                             { (Router GIG0/0) L3 Routing (Router GIG1/0 }----(Internet ISP) 

VLAN 2--(192.168.2.0/24)----------                                                                       

 

As here You want to access the Internet as 8.8.8.8 or 1.1.1.1 or www.google.com from the VLAN 1 and VLAN 2 then how will it work?

 

You are trying to PING 1.1.1.1 from the PC1 (VLAN 1) with IP 192.168.1.2 then here is a process:

1. As this destination address (1.1.1.1) is outside the subnet which is configured on the NIC so PC1 will check it's routing table and found a default gateway 192.168.1.1  (Router's IP) and will forward the packet to the 192.168.1.1.

2. The router receives the packet from the PC1 and remove Layer 2 header and also extract Layer 3 header and check for the Destination routing in the routing table:

3. The router didn't find any matching entry with 1.1.1.1 in the routing table then it will choose the default route to send a packet out.

4. Here, We know that For accessing the internet, we must receive a default route (You may also receive specific routes but I am talking on SMB connections where BGP is not given by ISP). from the ISP. 

5. As we have to apply NAT form LAN to WAN because a Private IP address is not routable on the WAN.

6. Here, Router will Rewrite L3 and L2 header and forward it to the ISP (Default Gateway).

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful
10 Replies 10

Go to solution
marce1000
VIP
VIP

‎10-04-2019 02:37 AM

 

 - They do that depending on their routing table and or forward packets to 'routing-gateways' ; they will in essence not have to bother with what happens to that packet when it has been forwarded to an appropriate gateway.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎10-04-2019 03:42 AM

Hi @Al-Hakeem Canape 

 

The first thing that should be clear is that the vlan works in layer 2, so the vlan tag does not pass through the routers.

Therefore, when working with router-on-a-stick(RoaS) it is necessary to encapsulate the packets in the subinterfaces with the corresponding vlan tag.

When packets leave the router to another network they do it without vlan tag.

So, packets reach other routers without vlan tag.

If the router's internal interface is encapsulated (RoaS), then the packet leaves the router with the vlan tag configured.
If it is not encapsulated (RoaS), then the packets comes out without vlan tag.
When this packet without a tag reaches a switch port in trunk mode, then the packet is taged with the tag of the native vlan.

If the packet reaches a switch port in access mode, then the packet is taged with the vlan tag configured on that port.

 

Regards

 

0 Helpful

Go to solution
Al-Hakeem Canape
Level 1
Level 1
In response to luis_cordova

‎10-04-2019 06:51 PM

Thank you so much, really appreciate this.

 

Yeah, i am fairly verse about the encapsulation.

 

for example, i have VLAN 10, 20 30, with an IP address of 172.16.10.1, 172.16.20.1, 172.16.30.1 respectively.

Then, i have an g0/0/1 internal interface from the router.

 

from encapsulation:

 interface g0/0/1.10

 encapsulation dot1q 10

 ip address 172.16.10.1 255.255.255.0

 

.

.

.

 interface g0/0/1.30

 encapsulation dot1q 30

 ip address 172.16.30.1 255.255.255.0

 

this is well and good, i can now access other vlans in the switch.

 

but my problem lies from what comes after that.

 

If i want to send packets outside of the vlan premises, how?

 

by assigning ip address on the g0/0/1 interface?

would that address be assign to the hosts as gateway to pass through the router?

 

pls bear with me and spare me some basic explanation as much as possible because more than the know-how, i really want to understand the thought of the process :(

 

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to Al-Hakeem Canape

‎10-05-2019 01:54 AM

Hi,

I am not sure that I got your point correctly or not but trying to explain in simple words:

 

Your network is here:

VLAN1--(192.168.1.0/24)-----------                                                                       

                                                             { (Router GIG0/0) L3 Routing (Router GIG1/0 }----(Internet ISP) 

VLAN 2--(192.168.2.0/24)----------                                                                       

 

As here You want to access the Internet as 8.8.8.8 or 1.1.1.1 or www.google.com from the VLAN 1 and VLAN 2 then how will it work?

 

You are trying to PING 1.1.1.1 from the PC1 (VLAN 1) with IP 192.168.1.2 then here is a process:

1. As this destination address (1.1.1.1) is outside the subnet which is configured on the NIC so PC1 will check it's routing table and found a default gateway 192.168.1.1  (Router's IP) and will forward the packet to the 192.168.1.1.

2. The router receives the packet from the PC1 and remove Layer 2 header and also extract Layer 3 header and check for the Destination routing in the routing table:

3. The router didn't find any matching entry with 1.1.1.1 in the routing table then it will choose the default route to send a packet out.

4. Here, We know that For accessing the internet, we must receive a default route (You may also receive specific routes but I am talking on SMB connections where BGP is not given by ISP). from the ISP. 

5. As we have to apply NAT form LAN to WAN because a Private IP address is not routable on the WAN.

6. Here, Router will Rewrite L3 and L2 header and forward it to the ISP (Default Gateway).

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
Al-Hakeem Canape
Level 1
Level 1
In response to Deepak Kumar

‎10-11-2019 07:30 PM

Thank you very much and to all of you guys.

 

I now get it, I'm so dumb by over complicating it like someone mentioned above :(

I was just so confuse about the the term 'VLAN' that I'm treating it as something it isn't while all this time, it

is still a normal network that was separated logically.

 

So, what i did is that, from the switch, after creating a vlan, assigned a port to it and put an address to the interfaces, as well as making the port that link towards the router as trunk. I just assigned an IP from the router's interface that link towards the switch and made a sub interface to encapsulate the vlan addresses, which now allows InterVlan and for the vlans to be accessed from the outside and vice versa (Which was this all about).

 

I apologize for not really making sense :(

 

 

 

 

 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Al-Hakeem Canape

‎10-15-2019 09:52 AM

Yes you can do that, and as you've found it works, however, when possible, as L3 switches often have much, much more routing capacity, normally you would route LANs on a L3 switch rather than a router.
0 Helpful

Go to solution
Al-Hakeem Canape
Level 1
Level 1
In response to Joseph W. Doherty

‎10-15-2019 05:06 PM

Can you tell  me the major difference between L3 Switches & a Router and its advantages over the other. I'm well aware about these two, and as what I've read so far, Routing wise, router is still much much more capable than a L3 switch, although at some certain circumstances, L3 switch is so much more efficient because it can perform task from both L3 & L2.

 

 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Al-Hakeem Canape

‎10-18-2019 10:27 AM

Often the big difference between a L3 switch and a router, the former has dedicated hardware for some functions and the latter does not. This allows the former to often offer much, much more "performance" (actually capacity) but also often with a reduced function set compared to the latter.

BTW, the fact that an L3 switch also generally implies it's also a L2 switch doesn't have much bearing comparing it to a router because the latter generally is used exclusively for L3 (or higher levels) of processing.

On the LAN, where you often have much more bandwidth to support, the L3 switch has been a great boost. Before L3 switches became so common, you had sayings like "switch when you can, but route when you must".
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Al-Hakeem Canape

‎10-05-2019 08:51 AM - edited ‎10-05-2019 08:56 AM

 

You are over complicating this. 

 

Routers forward packets between subnets or to put it another way they forward packets between interfaces. 

 

So there is fundamentally no difference between forwarding between what you call "regular" networks and "vlan" networks although as others have pointed out a vlan is a L2 concept not a L3 one ie. it is all just networks. 

 

If you want to route packets to a remote destination then as long as your router has a route to that destination either a specific route or a default then it will work .

 

Jon

 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-04-2019 09:05 AM

As noted by others, at L3 routing, VLANs are not considered.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card