In general, you want to use a router when most of the time the device does routing. Likewise, you want to use a switch when when most of the time the device does switching. This statement becomes more apparent when dealing with larger network like an ISP or large corporation.
Example in ISP is that they use router (at least 7600 series) to have full view of BGP (the edge router). As for their "internal network", they use layer-3 switches (usually Catalyst 6500 series).
The idea of creating Layer-3 switch is basically to efficiently do inter-VLAN routing or to do internal routing between multiple broadcast domains (multiple LAN where each LAN has its own subnet) while keeping Layer-2 features such as spanning tree and trunking. However to deal with "border" or "edge" of the network, a router is used since a router is basically designed to handle traffic across the border or the edge network.
For more info, you can check out the following FAQ:
»Cisco Forum FAQ »What is the difference between a Layer-3 switch and a router?
Following is illustration of using Layer-3 switch to do inter-VLAN routing.
Internet
|
Router
|
| 10.0.0.0/24
|
Layer-3 Switch
| | |
| LAN 2 |
| 10.0.2.0/24 |
| |
LAN 1 LAN 3
10.0.1.0/24 10.0.3.0/24
Sample Configuration of Layer-3 Switch design implementation
Router:
interface FastEthernet0/0
description Internet
ip address dhcp
ip nat outside
!
interface FastEthernet0/1
description To Layer-3 Switch
ip address 10.0.0.1 255.255.255.252
ip nat inside
!
ip route 10.0.0.0 255.0.0.0 10.0.0.2
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
Switch
vlan 1,11-13
!
ip routing
!
interface FastEthernet0/1
description LAN 1
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/2
description LAN 1
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/3
description LAN 1
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/4
description LAN 2
switchport access vlan 12
switchport mode access
!
interface FastEthernet0/5
description LAN 2
switchport access vlan 12
switchport mode access
!
interface FastEthernet0/6
description LAN 2
switchport access vlan 12
switchport mode access
!
interface FastEthernet0/7
description LAN 3
switchport access vlan 13
switchport mode access
!
interface FastEthernet0/8
description LAN 3
switchport access vlan 13
switchport mode access
!
interface FastEthernet0/9
description LAN 3
switchport access vlan 13
switchport mode access
!
interface FastEthernet0/12
description To Router
no switchport
ip address 10.0.0.2 255.255.255.252
!
interface Vlan1
description VLAN database management only
shutdown
!
interface Vlan11
description LAN 1
ip address 10.0.1.1 255.255.255.0
!
interface Vlan12
description LAN 2
ip address 10.0.2.1 255.255.255.0
!
interface Vlan13
description LAN 3
ip address 10.0.3.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.0.0.1
!
Keep in mind that Layer-3 switches' prices in general are not cheap from SOHO users or small businesses' perspective since Layer-3 switches are designed for organizations that need physical hardware separation between router and switch when routing is in need. Therefore should there be cheap Layer-3 switches available, SOHO users or small businesses are more than welcome to use them.
When small businesses need to do inter-VLAN routing (i.e. data interchange between multiple departments) or internal routing between LAN subnets (multiple broadcast domains), there are some "cheap" and might still be reliable solutions beside using layer-3 switches.
One solution is to use a "Router On A Stick" design. Such design consists of a router and a layer-2 switch that are capable of doing trunking. Following is illustration.
Internet
|
Router with Trunking Capability
*
* Trunk between router and switch
*
Switch with Trunking Capability
| | | | |
| | | | |
| LAN 2 | LAN 4 |
| 10.0.2.0/24 | 10.0.4.0/24 |
| | |
LAN 1 LAN 3 LAN 5
10.0.1.0/24 10.0.3.0/24 10.0.5.0/24
Sample Configuration of "Router On A Stick" design implementation
Router:
interface FastEthernet0/0
description Internet
ip address dhcp
ip nat outside
!
interface FastEthernet0/1
description Trunk to Switch
no ip address
!
interface FastEthernet0/1.2
description Native VLAN
ip address 10.0.0.1 255.255.255.252
encapsulation dot1q 2 native
ip nat inside
!
interface FastEthernet0/1.11
description LAN 1
ip address 10.0.1.1 255.255.255.0
encapsulation dot1q 11
ip nat inside
!
interface FastEthernet0/1.12
description LAN 2
ip address 10.0.2.1 255.255.255.0
encapsulation dot1q 12
ip nat inside
!
interface FastEthernet0/1.13
description LAN 3
ip address 10.0.1.1 255.255.255.0
encapsulation dot1q 13
ip nat inside
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
Switch
vlan 1-2,11-13
!
interface FastEthernet0/1
description LAN 1
switchport access vlan 11
switchport mode access
!
interface FastEthernet0/2
description LAN 2
switchport access vlan 12
switchport mode access
!
interface FastEthernet0/3
description LAN 3
switchport access vlan 13
switchport mode access
!
interface FastEthernet0/12
description Trunk to Router
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-2,11-13
switchport mode trunk
!
interface Vlan1
description VLAN database management only
shutdown
!
interface Vlan2
description Native VLAN
ip address 10.0.0.2 255.255.255.252
!
Another solution that is probably cheaper is to setup multiple unmanaged (dumb) switches with also multiple routers. While "Router On A Stick" design means single router terminates multiple LAN subnets, this second solution means each router terminates its own LAN subnet. Following is illustration.
Internet
|
Internet Router
|
| 10.0.0.0/24
|
Unmanaged Switch
| | |
| Router 2 |
| | |
| LAN 2 |
| 10.0.2.0/24 |
| |
Router 1 Router 3
| |
LAN 1 LAN 3
10.0.1.0/24 10.0.3.0/24
Sample Configuration of multiple router design implementation
1. Static Routing
When there are only few LAN (broadcast domain), then static routing network design should be sufficient.
Internet Router:
interface FastEthernet0/0
description Internet
ip address dhcp
ip nat outside
!
interface FastEthernet0/1
description Unmanaged Switch (LAN)
ip address 10.0.0.254 255.255.255.0
ip nat inside
!
ip route 10.0.1.0 255.255.255.0 10.0.0.1
ip route 10.0.2.0 255.255.255.0 10.0.0.2
ip route 10.0.3.0 255.255.255.0 10.0.0.3
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
Router 1
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.1 255.255.255.0
!
interface FastEthernet0/1
description LAN 1
ip address 10.0.1.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.0.0.254
ip route 10.0.2.0 255.255.255.0 10.0.0.2
ip route 10.0.3.0 255.255.255.0 10.0.0.3
!
Router 2
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.2 255.255.255.0
!
interface FastEthernet0/1
description LAN 2
ip address 10.0.2.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.0.0.254
ip route 10.0.1.0 255.255.255.0 10.0.0.1
ip route 10.0.3.0 255.255.255.0 10.0.0.3
!
Router 3
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.3 255.255.255.0
!
interface FastEthernet0/1
description LAN 3
ip address 10.0.3.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 10.0.0.254
ip route 10.0.1.0 255.255.255.0 10.0.0.1
ip route 10.0.2.0 255.255.255.0 10.0.0.2
!
2. Dynamic Routing
When there are more LAN (broadcast domain) in place, then network design based on dynamic routing with RIP might be more scalable than static route approach.
Internet Router:
interface FastEthernet0/0
description Internet
ip address dhcp
ip nat outside
!
interface FastEthernet0/1
description Unmanaged Switch (LAN)
ip address 10.0.0.254 255.255.255.0
ip nat inside
!
router rip
version 2
redistribute static route-map DEFAULT-ROUTE
network 10.0.0.0
no auto-summary
!
ip nat inside source list 1 interface FastEthernet0/0 overload
!
access-list 1 permit 10.0.0.0 0.255.255.255
!
access-list 10 remark Redistribute Default Route only
access-list 10 permit 0.0.0.0
!
route-map DEFAULT-ROUTE permit 10
match ip address 10
set metric 1
!
Router 1
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.1 255.255.255.0
!
interface FastEthernet0/1
description LAN 1
ip address 10.0.1.1 255.255.255.0
!
router rip
version 2
network 10.0.0.0
no auto-summary
!
Router 2
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.2 255.255.255.0
!
interface FastEthernet0/1
description LAN 2
ip address 10.0.2.1 255.255.255.0
!
router rip
version 2
network 10.0.0.0
no auto-summary
!
Router 3
interface FastEthernet0/0
description Unmanaged Switch
ip address 10.0.0.3 255.255.255.0
!
interface FastEthernet0/1
description LAN 3
ip address 10.0.3.1 255.255.255.0
!
router rip
version 2
network 10.0.0.0
no auto-summary
!
Whichever solution to choose, you should always use managed switch instead of unmanaged switch since in general, managed switch is more reliable and has more functionality to tune.
More Sample Design and Configuration
»Cisco Forum FAQ »Various Network Design using Routers, Layer-3 Switches, and more
 feedback form
 feedback form
by aryoba 
last modified: 2009-07-31 16:38:30 |
