Open in app

Sign in

Write

Sign in

How to configure VLAN and inter-VLAN Routing in Packet Tracer

Madan Adhikari
7 min readFeb 13, 2024

--

This is a simple step-by-step guide for configuring VLAN and inter-VLAN routing on a Cisco switch. But just before getting into configurations, let us have a brief overview of what is a VLAN.

What is VLAN?

A Virtual LAN (VLAN) is simply a logical LAN, just as its name suggests. VLANs have similar characteristics to those of physical LANs, only that with VLANs, you can logically group hosts even if they are physically located on separate LAN segments.

We treat each VLAN as a separate subnet or broadcast domain. For this reason, to move packets from one VLAN to another, we have to use a router or a layer 3 switch.

VLANs are configured on switches by placing some interfaces into one broadcast domain and some interfaces into another. For this tutorial, we’ll configure 2 VLANs on a switch. We will then proceed and configure a router to enable communication between the two VLANs.

  1. In Cisco Packet Tracer, create the network topology as shown below:
Fig01: Network topology-inter-VLAN-routing

2. Create 3 VLANs on the switch: VLAN 10, VLAN 20, and VLAN 30. You can give them names Engineering, R&D, and Support respectively.

This is a sample configuration of the floor2 switch, Similarly, we will create the same VLAN in each floor switch (floor1-a,floor1-b).

Creating VLAN in floor2,floor1-a, floor1-b switches

 
Switch(config)#hostname floor2
floor2(config)#vlan
floor2(config)#vlan 10
floor2(config-vlan)#name
floor2(config-vlan)#name Engineering
floor2(config-vlan)#exit
floor2(config)#vlan
floor2(config)#vlan 20
floor2(config-vlan)#name R&D
floor2(config-vlan)#exit
floor2(config)#vlan
floor2(config)#vlan 30
floor2(config-vlan)#name
floor2(config-vlan)#name Support
floor2(config-vlan)#do show vlan br
Switch(config)#hostname floor1-a
floor1-a(config)#vlan 10
floor1-a(config-vlan)#name
floor1-a(config-vlan)#name Engineering
floor1-a(config-vlan)#exit
floor1-a(config)#vlan
floor1-a(config)#vlan 20
floor1-a(config-vlan)#name
floor1-a(config-vlan)#name R&D
floor1-a(config-vlan)#exit
floor1-a(config)#vlan
floor1-a(config)#vlan 30
floor1-a(config-vlan)#name
floor1-a(config-vlan)#name Support
Switch(config)#hostname floor1-b
floor1-b(config)#vl
floor1-b(config)#vlan 10
floor1-b(config-vlan)#name
floor1-b(config-vlan)#name Engineering
floor1-b(config-vlan)#exit
floor1-b(config)#vlan 20
floor1-b(config-vlan)#name
floor1-b(config-vlan)#name R&D
floor1-b(config-vlan)#exit
floor1-b(config)#vlan 30
floor1-b(config-vlan)#name
floor1-b(config-vlan)#name  Support

3. Assign switch ports to the VLANs. Remember each VLAN is viewed as a separate broadcast domain.

And just before you configure, keep in mind that switch ports could be either access or trunk.

  • An access port is assigned to a single VLAN. These ports are configured for switch ports that connect to devices with a normal network card, for example, a PC in a network.
  • A trunk port on the other hand is a port that can be connected to another switch or router. This port can carry traffic of multiple VLANs.

In our topology, we will configure switch interfaces fa0/1 to VLAN20, fa 0/2 to VLAN10, and fa0/3 to VLAN30 of floor1-a. In floor1-b switch fa0/1 to VLAN20, fa 0/2 — VLAN10 and fa 0/3 to VLAN30. Similarly, for switch floor2 fa0/1 to VLAN10, fa 0/2 to VLAN20, and fa 0/3 to VLAN30. These are all access ports.

Gi0/1, Gi 0/2 — floor1-a, Gi0/2-floor1-b, Gi0/1, Gi 0/2 — floor2 will be configured as trunk port. Switch port Gi0/2 will be configured as a trunk which will carry traffic between VLANs (10,20,30) via the router port Gi0/0/0.10, Gi0/0/0.20, Gi0/0/0.30 subinterfaces of the main interface Gi0/0/0.

Configuring access and trunk ports in floor2,floor1-a, floor1-b switches


floor1-a(config)#int fa 0/1
floor1-a(config-if)#description ### Connected-To-PC0-VLAN20 ###
floor1-a(config-if)#switchport mode access 
floor1-a(config-if)#switchport access vlan 20

floor1-a(config)#interface fastEthernet 0/2
floor1-a(config-if)#description ### Connected-To-PC0-VLAN10 ###
floor1-a(config-if)#switchport mode access 
floor1-a(config-if)#switchport access vlan 10

floor1-a(config)#interface fastEthernet 0/3
floor1-a(config-if)description ### Connected-To-PC0-VLAN20 ###
floor1-a(config-if)#switchport mode access 
floor1-a(config-if)#switchport access vlan 30

================

floor1-a(config)#interface gigabitEthernet 0/1
floor1-a(config-if)#description ### Connected-To-Switch-floor2-gi0/1 ###
floor1-a(config-if)#switchport mode trunk

floor1-a(config-if)#int gi 0/2
floor1-a(config-if)#description ### Connected To-Switch-floor1-b-gi0/2 ###
floor1-a(config-if)#switchport mode trunk
 


floor1-b(config)#interface fastEthernet 0/1
floor1-b(config-if)#description ### Connected-To-PC3-VLAN20###
floor1-b(config-if)#switchport mode access 
floor1-b(config-if)#switchport access vlan 20

floor1-b(config)#interface fastEthernet 0/2
floor1-b(config-if)#description ###Connected-To-PC2-VLAN10###
floor1-b(config-if)#switchport mode access
floor1-b(config-if)#switchport access vlan 10

floor1-b(config-if)#int fa 0/3 
floor1-b(config-if)#description ###Connected-To-PC3-VLAN30###
floor1-b(config-if)#switchport mode access
floor1-b(config-if)#switchport access vlan 30

================

floor1-b(config)#interface GigabitEthernet0/2
floor1-b(config)#description ###Connected to floor1-a-gi0/2 ###
floor1-b(config)#switchport mode trunk


floor2(config)#interface fastEthernet 0/1
floor2(config-if)#description ###Connected-To-PC5-VLAN10###
floor2(config-if)#switchport mode access 
floor2(config-if)#switchport access vlan 10

floor2(config)#interface fastEthernet 0/2
floor2(config-if)#description ###Connected-To-PC5-VLAN20###
floor2(config-if)#switchport mode access 
floor2(config-if)#switchport access vlan 20

floor2(config-if)#int fa 0/3
floor2(config-if)#description ###Connected-To-PC5-VLAN30###
floor2(config-if)#switchport mode access 
floor2(config-if)#switchport access vlan 30

================

floor2(config)#interface gigabitEthernet 0/1
floor2(config-if)#description ###Connected-To-Switch-floor1-a-Gi0/1###
floor2(config-if)#switchport mode trunk
floor2(config-if)#

floor2(config-if)#int gi 0/2
floor2(config-if)#description ###Connected-To-Router-R1-core-Gi0/0/0###
floor2(config-if)#switchport mode trunk

Show command for verification of VLAN database

floor2#show vlan brief

Show command trunk port configuration

floor2#show interfaces trunk

4. Configure inter-VLAN routing on the router

Router configuration (Router on stick)

Now We will configure the router so that it will enable communication between the two VLANs via a single physical interface. How is this made possible? We’ll divide the single physical interface on the router into logical interfaces (sub-interfaces). Each sub-interface will then serve as a default gateway for each of the VLANs. This scenario is called a router on a stick (R.O.A.S) and will allow the VLANs to communicate through a single physical interface.

Worth noting: We can’t assign an IP address to the router’s physical interface that we have subdivided into logical sub-interfaces. We’ll instead assign IP addresses to the sub-interfaces.

Configuring router interface


core-R1(config)#interface gigabitEthernet 0/0/0
core-R1(config-if)#description ###Connected-To-floor2-Gi0/2###

Configuring sub-interface in the router

core-R1(config)#interface gigabitEthernet 0/0/0.10
core-R1(config-subif)#encapsulation dot1Q 10
core-R1(config-subif)#ip address 192.168.0.1 255.255.255.192

core-R1(config-subif)#int gi 0/0/0.20
core-R1(config-subif)#encapsulation dot1Q 20
core-R1(config-subif)#ip address 192.168.0.65 255.255.255.224

core-R1(config-subif)#int gi 0/0/0.30
core-R1(config-subif)#encapsulation dot1Q 30
core-R1(config-subif)#ip address 192.168.0.97 255.255.255.224

Show command for verification of sub-interfaces

core-R1#show ip interface brief 
Interface              IP-Address      OK? Method Status                Protocol 
GigabitEthernet0/0/0   unassigned      YES unset  up                    up 
GigabitEthernet0/0/0.10192.168.0.1     YES manual up                    up 
GigabitEthernet0/0/0.20192.168.0.65    YES manual up                    up 
GigabitEthernet0/0/0.30192.168.0.97    YES manual up                    up 
GigabitEthernet0/0/1   unassigned      YES unset  administratively down down 
GigabitEthernet0/0/2   unassigned      YES unset  administratively down down 
Vlan1                  unassigned      YES unset  administratively down down
core-R1#
core-R1#show ip route 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     192.168.0.0/24 is variably subnetted, 6 subnets, 3 masks
C       192.168.0.0/26 is directly connected, GigabitEthernet0/0/0.10
L       192.168.0.1/32 is directly connected, GigabitEthernet0/0/0.10
C       192.168.0.64/27 is directly connected, GigabitEthernet0/0/0.20
L       192.168.0.65/32 is directly connected, GigabitEthernet0/0/0.20
C       192.168.0.96/27 is directly connected, GigabitEthernet0/0/0.30
L       192.168.0.97/32 is directly connected, GigabitEthernet0/0/0.30

core-R1#

4. Test inter-VLAN connectivity

VLAN10–192.168.0.0/26 — Gateway-92.168.0.1 — PC-92.168.0.2, PC-92.168.0.3,PC-92.168.0.4

VLAN20–192.168.0.64/27-Gateway-192.168.0.65, PC-92.168.0.66, PC-92.168.0.67,PC-92.168.0.68

VLAN30–192.168.0.96/27-Gateway-192.168.0.97,PC-92.168.0.98, PC-92.168.0.99,PC-92.168.0.100

C:\>ipconfig /all

FastEthernet0 Connection:(default port)

   Connection-specific DNS Suffix..: 
   Physical Address................: 0001.C707.D42A
   Link-local IPv6 Address.........: FE80::201:C7FF:FE07:D42A
   IPv6 Address....................: ::
   IPv4 Address....................: 192.168.0.98
   Subnet Mask.....................: 255.255.255.224
   Default Gateway.................: ::
                                     192.168.0.97
   DHCP Servers....................: 0.0.0.0
   DHCPv6 IAID.....................: 
   DHCPv6 Client DUID..............: 00-01-00-01-77-4B-E6-D5-00-01-C7-07-D4-2A
   DNS Servers.....................: ::
                                     0.0.0.0

======================
Testing for VLAN 10 Rechability from vlan 30
======================

C:\>ping 192.168.0.2

Pinging 192.168.0.2 with 32 bytes of data:

Request timed out.
Reply from 192.168.0.2: bytes=32 time=1ms TTL=127
Reply from 192.168.0.2: bytes=32 time<1ms TTL=127
Reply from 192.168.0.2: bytes=32 time<1ms TTL=127

Ping statistics for 192.168.0.2:
    Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

======================
Testing for VLAN 20 Rechability from vlan 30
======================

C:\>ping 192.168.0.66

Pinging 192.168.0.66 with 32 bytes of data:

Reply from 192.168.0.66: bytes=32 time<1ms TTL=127
Reply from 192.168.0.66: bytes=32 time<1ms TTL=127
Reply from 192.168.0.66: bytes=32 time<1ms TTL=127
Reply from 192.168.0.66: bytes=32 time<1ms TTL=127

Ping statistics for 192.168.0.66:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

Here we’ll test connectivity between computers in different VLANs. Don’t forget that the router that enables inter-VLAN routing.

We have successfully pinged the PC in VLAN20 and VLAN 10 from VLAN 30. If everything is well configured, then we will see a ping reply as shown above.

Thank you for reading and stay safe! Happy learning.

Bsc It
Bsc It Colleges
Networking
Cisco Packet Tracer
Vlan Routing

--

--

Madan Adhikari

Written by Madan Adhikari

44 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams