Inter VLAN routing

I need a little help, with Inter VLAN routing.

I am setting up 3 VLANs, and here is what i am doing on the router configuration part.
Router is 2650, and switch is 2950

int f0/0.1
encap dot1q 1
ip address 192.168.10.17 255.255.255.240
int f0/0.2
encap dot1q 2
ip address 192.168.10.33 255.255.255.240
int f0.0.3
encap dot1q3
ip address 192.168.10.49 255.255.255.240

Hosts on VLAN 1 will get ip address 18 - 30, while Hosts on VLAN 2 get 34 - 46.

Is this right? Oh, and the default gateway for systems on VLAN1 will be the ip addres of the interface on of the router right?

Would this configuration work as well?

int f0/0.1
encap dot1q 1
ip address 192.168.1.1 255.255.255.0
int f0/0.2
encap dot1q 2
ip address 192.168.2.1 255.255.255.0
int f0.0.3
encap dot1q3
ip address 192.168.2.1 255.255.255.0

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

remyforbes777

What is the 1,2, and 3 after the dotq encapsulation command? Your default gateway wouild be the IP address of the subinterface on the router. Your IP scheme seems good. Is it not working? Both configs look like they would work.

datchcha

What is the 1,2, and 3 after the dotq encapsulation command?

The 1, 2 and 3 or the "VLAN#", I just used the number which corresponded to my VLAN. I can not remember what the term is, but if i remember currectly they are just an ID number, something like the ID number in OSPF. I could be wrong. No, i have not tried this yet, was brain storming.

dtlokee

The "encapsulation dot1q 3" tells the interface to tag all traffic sent with vlan ID of 3, also all traffic received on the interface will be forwarded to the correct subinterface.

The only problem is you are creating a subinterface for VLAN 1, the default native VLAN. The native VLAN is untagged so this configuration would not work correctly if the switch is using VLAN 1 as native. You can add the "native" keyword to the encapsulation command, or move the configuration of sub-interface 1 to the physical interface (which always sends untagged.)

datchcha

dtlokee wrote:

The only problem is you are creating a subinterface for VLAN 1, the default native VLAN. The native VLAN is untagged so this configuration would not work correctly if the switch is using VLAN 1 as native. You can add the "native" keyword to the encapsulation command, or move the configuration of sub-interface 1 to the physical interface (which always sends untagged.)

You lost me on this one.

Netstudent

He's just saying that since VLAN1 is untagged by default, no need to put it on a subinterface. If you really want to put it on a subinterface you can, But you will have to use the encap dot1q 1 native. If you do not put the native keyword in the input, then the router will start adding a dot1q tag inside the frame for VLAN1. Once this frame gets to the switch, it notices a tagged frame and it says "Now wait a minute, you are not suuposed to have atag because you are native".

Or you could just put the subnet for VLAn1 on the physical interface and not worry about any dot1q encapsulation commands.

int f0/0
ip address 192.168.1.1 255.255.255.0
no shut

This is all you need for this subnet.

jediknight

datchcha wrote:

dtlokee wrote:

The only problem is you are creating a subinterface for VLAN 1, the default native VLAN. The native VLAN is untagged so this configuration would not work correctly if the switch is using VLAN 1 as native. You can add the "native" keyword to the encapsulation command, or move the configuration of sub-interface 1 to the physical interface (which always sends untagged.)

You lost me on this one.

Basically, a Native VLAN exists when you using dot1q as the trunking protocol. ISL does not have a Native VLAN. This is usually VLAN 1, but with the "native" keyword you can change this. Packets originating in VLAN1 using dot1q are not tagged with a dot1q header when it crosses a trunk line. ISL tags packets for any traffic crossing a trunk line regardless.

Netstudent

also it looks like you are using the same subnet on VLANS 2 and 3. You will need to change one of those subnets to something other than 192.168.2.1 on that second snippet.

rakem

whenever i work with VLANs i always start from VLAN2.... I think this is good practice to avoid any issues with trying to change VLAN1.

datchcha

Thanks...!!!

Cheers!!!!

Tricon7

This reminds me to ask - if you have a router-on-a-stick scenario, and you have two switches to one router and, say, two hosts to each switch for good measure, along with three VLANs, I would/could have both of the switches on the first VLAN, along with whichever hosts were on there, and the 0/0.1 subinterface would be the default gateway of that first VLAN. Correct?

jediknight

Tricon7 wrote:

This reminds me to ask - if you have a router-on-a-stick scenario, and you have two switches to one router and, say, two hosts to each switch for good measure, along with three VLANs, I would/could have both of the switches on the first VLAN, along with whichever hosts were on there, and the 0/0.1 subinterface would be the default gateway of that first VLAN. Correct?

Yes that would be correct if you configured the first VLAN on both switches you would set the default gateway of the hosts to be the ip address of the 0/0.1 subinterface of the router if that was assigned to the first VLAN.