Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

VLAN routing

Gordon Cook
Advisor

VLAN routing

I am fairly new to networking. We have a E5412zl switch on order. When it gets here I am not going to have a lot of time to configure this switch. Most of the configuration I have figured out. One of the things I am not sure about is the following.

I will have 3 VLANs 100, 103, 200
VLAN 103 will only have two ports on it for two printers. I need both the other VLANs to be able to access the printers. But I need to make sure that VLAN 100 and VLAN 200 are completely issolated from each other.
From what I have read I believe the following should work.
enable routing
assign an ip address to VLAN 103
make all the ports in VLAN 100 and VLAN 200 tagged members of VLAN 103

I realize I can do this with my router but it will be located in a different building and I would like to try and reduce the traffic over the trunk.

Any help would be greatly appreciated.
1 REPLY
Cajuntank MS
Valued Contributor

Re: VLAN routing

This is incorrect from what I am reading. This is a layer 3 switch, so yes you can keep this intervlan routing on that switch, but your statement of "make all the ports in VLAN 100 and VLAN 200 tagged members of VLAN 103" will not do what your wanting it to so in regards to isolating VLAN 100 and VLAN 200.

When you create VLANs on switches, you are operating at later 2 and by default, VLANs do not talk with other VLANs. This is where layer 3 comes into play by being able to route between those VLANs. The two things that make this happen is defining an ip address to the VLAN interface and globally enabling ip routing. Once you do this, the VLANs (that have IP addresses defined at the VLAN interfaces), route between each other completely. The only way to stop traffic from one VLAN to another VLAN is to define ACL (access control lists) to permit or deny traffic (do a google search for some examples as this is a lengthy discussion on it's own).

Untagging and Tagging(called trunking in Cisco lingo) ports operates in layer 2, so this would not route between VLANs.