Hello, I am currently doing a module at college on Networking and recently I have learnt what VLANs are and how they are implemented. According to my tutor you can make inter-VLAN networking possible by connecting one port for each VLAN you have (multiple access links) from the switch to the router. As it happens I have read somewhere that you don't need to do this at all. You can simply connect ONE trunk link from the switch to the router! However, all my attempts to simulate the latter scenario on Packet Tracer (one trunk link as opposed to multiple access links) did not work! Can someone please help putting this newbie's mind in order ?

Here's how it works in the real world... You need one internal router (minimum) and managed switches capable of VLAN tagging. When you have multiple switch racks (as we do where I work) you need one "management VLAN" which is "tagged all" (ie: tagged for all VLAN's in the network) which interconnects all switches in the network and also connects to the router. Then, the rest of the ports in each switch are tagged for whichever VLAN you want passing through it. The router handles all the traffic and VLAN switching (which is faster than routing which is why people bother with it in the first place). You don't need multiple connections to the router. That would make things incredibly complex in a large environment. Where I work we have a WAN with 4 remote sites as well as our main office...all running multiple VLAN's. We presently have one internal router handling things but are moving to several routers/firewalls. Off the top of my head I'd say we have at least 20 VLAN's spread over 5 sites. If you required a router -> switch connection for each VLAN, well, I think you get the picture....it wouldn't be easily managed and the overabundance of cabling and interfaces would make it almost not worthwhile.

Hi and many thanks for your reply which has cleared my mind at last. However, I would like to ask you yet another question... have you ever used Cisco's Packet Tracer and if so do you know of any issues concerning the way it simulates VLAN-based network topologies? I really can't make my router handle all the VLANs through one single trunk backbone link... Any comments would be greatly appreciated! Thank you again. --0v3rload

The router has to be capable of trunking to begin with which involves a certain level of code . Trunking on a router is configured using subinterfaces on the fast ethernet port and you add the statement "encapsulation dot1q vlan # " for each vlan you want to ride that trunk . A separate subinterface is configured for each vlan on the trunk. To configure the switch you will have to force the trunk on , can't have it negotiate the trunk like you can switch to switch.

I've never used Cisco's packet tracer myself so I couldn't say about that. We are presently using a UNIX based router and are moving to teamed servers running the same OS for our new routers. My workplace is getting away from Cisco equipment. My own experience with Cisco routers is limited in this aspect for the aforementioned reason. We have a security guy who handles the routers. What I do know is you do have to enable dot1q encapsulation on the trunk port. However, it seems to me you simply tag the trunk for all VLAN's to pass them through and shouldn't have to do it singly if you have IOS 12.1 or higher in your router. I could definately tell you how to set up Cisco switches for this....we still have a few in the mix even though we are converting to Nortel Baystack 5510/20's.