Layer 3 Forwarding Using a Router

Switches do not forward frames between different VLANs. So, when you have multiple VLANs, what do you do when the hosts in each VLAN want to communicate with each other? Well, you use a router. Figure 10-7 outlines the general idea in a network with one switch and three VLANs.

Although the switch cannot forward frames between two VLANs, a router can. First, notice that three VLANs are shown, and each VLAN corresponds to a different subnet. The router needs an interface in each subnet to forward traffic between the subnets—that is true even without VLANs being used. So, in this case, the router has three interfaces, each cabled to the switch. The switch configures the corresponding interfaces to be in VLAN1, VLAN2, and VLAN3. Hosts in VLAN1, when they want to send packets to hosts in VLAN2 or VLAN3, send their packets to the router, which then forwards the packets out another interface into the other VLAN.

You might be thinking that using three interfaces on the router in Figure 10-7 seems wasteful—and it is. Alternately, you can use a router with a Fast Ethernet port that supports trunking and use a single physical connection from the router to the switch (trunking is not supported on 10 Mbps Ethernet interfaces). Figure 10-8 shows the same network as Figure 10-7, but with a trunk between the router and the switch.

Figure 10-8 Example of a Router Forwarding Between VLANs over a Trunk

Chapter 8, "Advanced TCP/IP Topics" in the CCNAICND Exam Certification Guide shows an example configuration for the router in this example. The process works the same as in Figure 10-7, except that the actual frames go to the router and leave the router over the same cable.

