Configuring Routing between VLANs with ISL Encapsulation

Table of Contents

Configuring Routing between VLANs with ISL Encapsulation

Overview of Inter-Switch Link Protocol
ISL Encapsulation Configuration Task List
Configure AppleTalk Routing over ISL
Configure Banyan VINES Routing over ISL
Configure DECnet Routing over ISL
Configure Hot Standby Router Protocol over ISL
Configure IPX Routing over ISL
Configure VIP Distributed Switching over ISL
Configure XNS Routing over ISL
ISL Encapsulation Configuration Examples

Configuring Routing between VLANs with ISL Encapsulation

This chapter describes the Inter-Switch Link (ISL) protocol and provides guidelines for configuring ISL features. For a complete description of the commands used to configure routing between VLANs using ISL encapsulation, refer to the Cisco IOS Switching Services Command Reference. To locate documentation of other commands that appear in this chapter, use the master index or search online.

Overview of Inter-Switch Link Protocol

Inter-Switch Link (ISL) is a Cisco protocol for interconnecting multiple switches and maintaining VLAN information as traffic goes between switches. ISL provides VLAN capabilities while maintaining full wire speed performance on Fast Ethernet links in full- or half-duplex mode. ISL operates in a point-to-point environment and will support up to 1000 VLANs. You can define virtually as many logical networks as are necessary for your environment.

This chapter describes how to configure routing between VLANs using ISL encapsulation.

Frame Tagging in ISL

With ISL, an Ethernet frame is encapsulated with a header that transports VLAN IDs between switches and routers. A 26-byte header that contains a 10-bit VLAN ID is prepended to the Ethernet frame.

A VLAN ID is added to the frame only when the frame is destined for a non-local network. Figure 9 illustrates VLAN packets traversing the shared backbone. Each VLAN packet carries the VLAN ID within the packet header.


Figure 9: VLAN packets Traversing the Shared Backbone



ISL Encapsulation Configuration Task List

You can configure routing between any number of VLANs in your network. This section documents the configuration tasks for each protocol supported with ISL encapsulation. The basic process is the same, regardless of the protocol being routed. It involves

  • Enabling the protocol on the router.

  • Enabling the protocol on the interface.

  • Defining the encapsulation format as ISL.

  • Customizing the protocol according to the requirements for your environment.

The configuration processes documented in this chapter include the following:

Refer to the "ISL Encapsulation Configuration Examples" section at the end of this chapter for sample configurations.

Configure AppleTalk Routing over ISL

AppleTalk can be routed over virtual LAN (VLAN) subinterfaces using the ISL and IEEE 802.10 VLAN encapsulation protocols. The AppleTalk Routing over ISL and IEEE 802.10 Virtual LANs feature provides full-feature Cisco IOS software AppleTalk support on a per-VLAN basis, allowing standard AppleTalk capabilities to be configured on VLANs.

To route AppleTalk over ISL or IEEE 802.10 between VLANs, you need to customize the subinterface to create the environment in which it will be used. Perform these tasks in the order in which they appear:

Enable AppleTalk Routing

To enable AppleTalk routing on either ISL or 802.10 interfaces, perform this task in global configuration mode:

Task Command
Enable AppleTalk routing globally. appletalk routing [eigrp router-number]

Define the VLAN Encapsulation Format

To define the VLAN encapsulation format as either ISL or 802.10, perform the following tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface the VLAN will use. interface type slot/port.subinterface-number
Step 2 Define the encapsulation format as either ISL (isl) or IEEE 802.10 (sde), and specify the VLAN identifier or security association identifier, respectively. encapsulation isl vlan-identifier

encapsulation sde said

Configure AppleTalk on the Subinterface

After you enable AppleTalk globally and define the encapsulation format, you need to enable it on the subinterface by specifying the cable range and naming the AppleTalk zone for each interface. To enable the AppleTalk protocol on the subinterface, perform the following tasks in interface configuration mode:

Task Command
Assign the AppleTalk cable range and zone for the subinterface. appletalk cable-range cable-range [network.node]
Assign the AppleTalk zone for the subinterface. appletalk zone zone-name

Configure Banyan VINES Routing over ISL

Banyan VINES can be routed over virtual LAN (VLAN) subinterfaces using the ISL encapsulation protocol. The Banyan VINES Routing over ISL Virtual LANs feature provides full-feature Cisco IOS software Banyan VINES support on a per-VLAN basis, allowing standard Banyan VINES capabilities to be configured on VLANs.

To route Banyan VINES over ISL between VLANs, you need to configure ISL encapsulation on the subinterface. Perform these tasks in the order in which they appear:

Enable Banyan VINES Routing

To begin the VINES routing configuration, perform this task in global configuration mode:

Task Command
Enable Banyan VINES routing globally.
  1. vines routing [address]

Define the VLAN Encapsulation Format

To define the VINES routing encapsulation format, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface on which ISL will be used. interface type slot/port.subinterface-number
Step 2 Define the encapsulation format as ISL (isl), and specify the VLAN identifier. encapsulation isl vlan-identifier

Configure Banyan VINES on the Subinterface

After you enable Banyan VINES globally and define the encapsulation format, you need to enable VINES on the subinterface by specifying the VINES routing metric. To enable the Banyan VINES protocol on the subinterface, perform this task in interface configuration mode:

Task Command
Enable VINES routing on an interface. vines metric [whole [fractional]]

Configure DECnet Routing over ISL

DECnet can be routed over virtual LAN (VLAN) subinterfaces using the ISL VLAN encapsulation protocols. The DECnet Routing over ISL Virtual LANs feature provides full-feature Cisco IOS software DECnet support on a per-VLAN basis, allowing standard DECnet capabilities to be configured on VLANs.

To route DECnet over ISL VLAN you need to configure ISL encapsulation on the subinterface. Perform these tasks in the order in which they appear.

Enable DECnet Routing

To begin the DECnet routing configuration, perform this task in global configuration mode:

Task Command
Enable DECnet on the router.
  1. decnet [network-number] routing [decnet-address]

Define the VLAN Encapsulation Format

To define the encapsulation format, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface on which ISL will be used. interface type slot/port.subinterface-number
Step 2 Define the encapsulation format as ISL (isl), and specify the VLAN identifier. encapsulation isl vlan_identifier

Configure DECnet on the Subinterface

To configure DECnet routing on the subinterface, perform this task in interface configuration mode:

Task Command
Enable DECnet routing on an interface. decnet cost [cost-value]

Configure Hot Standby Router Protocol over ISL

The Hot Standby Router Protocol (HSRP) provides fault tolerance and enhanced routing performance for IP networks. HSRP allows Cisco IOS routers to monitor each other's operational status and very quickly assume packet forwarding responsibility in the event the current forwarding device in the HSRP group fails or is taken down for maintenance. The standby mechanism remains transparent to the attached hosts and can be deployed on any LAN type. With multiple hot-standby groups, routers can simultaneously provide redundant backup and perform load-sharing across different IP subnets. Figure 10 illustrates HSRP in use with ISL providing routing between several VLANs.


Figure 10: Hot Standby Router Protocol in VLAN Configurations



A separate HSRP group is configured for each VLAN subnet so that Cisco IOS router A can be the primary and forwarding router for VLANs 10 and 20. At the same time, it acts as backup for VLANs 30 and 40. Conversely, Router B acts as the primary and forwarding router for ISL VLANs 30 and 40, as well as the secondary and backup router for distributed VLAN subnets 10 and 20.

Running HSRP over ISL allows users to configure redundancy between multiple routers that are configured as front ends for VLAN IP subnets. By configuring HSRP over ISLs, users can eliminate situations in which a single point of failure causes traffic interruptions. This feature inherently provides some improvement in overall networking resilience by providing load balancing and redundancy capabilities between subnets and VLANs.

To configure HSRP over ISLs between VLANs, you need to create the environment in which it will be used. Perform these tasks in the order in which they appear.

Define the Encapsulation Format

To define the encapsulation format as ISL, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface on which ISL will be used. interface type slot/port.subinterface-number
Step 2 Define the encapsulation format, and specify the VLAN identifier. encapsulation isl vlan-identifier

Define the IP Address

After you have specified the encapsulation format, define the IP address over which HSRP will be routed. Perform this task in interface configuration mode:

Task Command
Specify the IP address for the subnet on which ISL will be used. ip address ip-address mask [secondary]

Enable HSRP

To enable HSRP on an interface, enable the protocol, then customize it for the interface. Perform this task in interface configuration mode:

Task Command
Enable HSRP. standby [group-number] ip [ip-address [secondary]]

To customize "hot standby" group attributes, perform one or more of these tasks in interface configuration mode:

Task Command
Configure the time between hello packets and the hold time before other routers declare the active router to be down. standby [group-number] timers hellotime holdtime
Set the hot standby priority used to choose the active router. standby [group-number] priority priority
Specify that if the local router has priority over the current active router, the local router should attempt to take its place as the active router. standby [group-number] preempt
Configure the interface to track other interfaces, so that if one of the other interfaces goes down, the hot standby priority for the device is lowered. standby [group-number] track type-number [interface-priority]
Select an authentication string to be carried in all HSRP messages. standby [group-number] authentication string

Configure IPX Routing over ISL

The IPX Routing over ISL Virtual LANs (VLANs) feature extends Novell NetWare routing capabilities to include support for routing all standard IPX encapsulations for Ethernet frame types in VLAN configurations. Users with Novell NetWare environments can now configure any one of the four IPX Ethernet encapsulations to be routed using the Inter-Switch Link (ISL) encapsulation across VLAN boundaries. IPX encapsulation options now supported for VLAN traffic include

  • novell-ether (Novell Ethernet_802.3)
  • sap (Novell Ethernet_802.2)
  • arpa (Novell Ethernet_II)
  • snap (Novell Ethernet_Snap)

NetWare users can now configure consolidated VLAN routing over a single VLAN trunking interface. With configurable Ethernet encapsulation protocols, users have the flexibility of using VLANs regardless of their NetWare Ethernet encapsulation. Configuring Novell IPX encapsulations on a per-VLAN basis facilitates migration between version of Netware. NetWare traffic can now be routed across VLAN boundaries with standard encapsulation options (arpa, sap, and snap) previously unavailable. Encapsulation types and corresponding framing types are described in the "Configuring Novell IPX" chapter of the Network Protocols Configuration Guide, Part 2.


Note Restrictions - Only one type of IPX encapsulation can be configured per VLAN (subinterface). The IPX encapsulation used must be the same within any particular subnet: a single encapsulation must be used by all NetWare systems that belong to the same virtual LAN.

To configure Cisco IOS software on a router with connected VLANs to exchange different IPX framing protocols, perform these tasks in the order in which they are appear:

Enable NetWare Routing

To enable IPX routing on ISL interfaces, perform this task in global configuration mode:

Task Command
Enable IPX routing globally. ipx routing [node]

Define the VLAN Encapsulation Format

To define the encapsulation format as ISL, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface on which ISL will be used. interface type slot/port.subinterface-number
Step 2 Define the encapsulation format and specify the VLAN identifier. encapsulation isl vlan_identifier

Configure NetWare on the Subinterface

After you enable NetWare globally and define the VLAN encapsulation format, you need to enable the subinterface by specifying the NetWare network number (if necessary) and the encapsulation type. Perform this task in interface configuration mode:

Task Command
Specify the IPX encapsulation. ipx network network encapsulation encapsulation-type

Note The default IPX encapsulation format for Cisco IOS routers is "novell-ether" (Novell Ethernet_802.3). If you are running Novell Netware 3.12 or 4.0, the new Novell default encapsulation format is Novell Ethernet_802.2 and you should configure the Cisco router with the IPX encapsulation format "sap."

Configure VIP Distributed Switching over ISL

With the introduction of the VIP Distributed ISL feature, Inter-Switch Link (ISL) encapsulated IP packets can be switched on Versatile Interface Processor (VIP) controllers installed on Cisco 7500 series routers.

The second generation Versatile Interface Processor (VIP2) provides distributed switching of IP encapsulated in ISL in VLAN configurations. Where an aggregation route performs inter-VLAN routing for multiple VLANs, traffic can be switched autonomously on-card or between cards rather than through the central Route Switch Processor (RSP). Figure 11 shows the VIP distributed architecture of the Cisco 7500 series router.


Figure 11: Cisco 7500 Distributed Architecture



This distributed architecture allows incremental capacity increases by installing additional VIP cards. Using VIP cards for switching the majority of IP VLAN traffic in multiprotocol environments significantly increases routing performance for the other protocols since the RSP off-loads IP and can then be dedicated to switching the non-IP protocols.

VIP distributed switching offloads switching of ISL VLAN IP traffic to the VIP card, removing involvement from the main CPU. Offloading ISL traffic to the VIP card, significantly improves networking performance. Because you can install multiple VIP cards in a router, VLAN routing capacity is increased linearly according to the number of VIP cards installed in the router.

To configure distributed switching on the VIP, you must first configure the router for IP routing. Perform these tasks in the order in which they appear:

Enable IP Routing

To enable IP routing, perform this task in global configuration mode:

Task Command
Enable IP routing on the router. ip routing

Once you have IP routing enabled on the router, you can customize the characteristics to suit your environment. Refer to the IP configuration chapters in the Network Protocols configuration Guide, Part 1 for guidelines on configuring IP.

Enable VIP Distributed Switching

To enable VIP distributed switching, perform the following tasks beginning in interface configuration mode:

Task Command
Step 1 Specify the interface, and enter interface configuration mode. interface type slot/port-adapter/port
Step 2 Enable VIP distributed switching of IP packets on the interface ip route-cache distributed

Configure ISL Encapsulation on the Subinterface

To configure ISL encapsulation on the subinterface, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the interface, and enter interface configuration mode. interface type slot/port-adapter/port
Step 2 Define the encapsulation format as ISL and specify the VLAN identifier. encapsulation isl vlan-identifier

Configure XNS Routing over ISL

XNS can be routed over virtual LAN (VLAN) subinterfaces using the ISL VLAN encapsulation protocol. The XNS Routing over ISL Virtual LANs feature provides full-feature Cisco IOS software XNS support on a per-VLAN basis, allowing standard XNS capabilities to be configured on VLANs.

To route XNS over ISL VLANs you need to configure ISL encapsulation on the subinterface. Perform these tasks in the order in which they appear:

Enable XNS Routing

Begin the XNS routing configuration in global configuration mode:

Task Command
Enable XNS routing globally.
  1. xns routing [address]

Define the VLAN Encapsulation Format

To define the VLAN encapsulation format, perform these tasks in interface configuration mode:

Task Command
Step 1 Specify the subinterface on which ISL will be used. interface type slot /port.subinterface-number
Step 2 Define the encapsulation format as ISL (isl), and specify the VLAN identifier. encapsulation isl vlan-identifier

Configure XNS on the Subinterface

Enable XNS on the subinterface by specifying the XNS network number. Perform this task in interface configuration mode:

Task Command
Enable XNS routing on the subinterface xns network [number]

ISL Encapsulation Configuration Examples

This section provides configuration examples for each of the protocols described in this chapter. It includes these examples:

AppleTalk Routing over ISL Configuration Examples

The configuration example illustrated in Figure 12 shows AppleTalk being routed between different ISL and IEEE 802.10 VLAN encapsulating subinterfaces.


Figure 12: Routing AppleTalk over VLAN encapsulations

As shown in Figure 12, AppleTalk traffic is routed to and from switched VLAN domains 3, 4, 100, and 200 to any other AppleTalk routing interface. This example shows a sample configuration file for the Cisco 7500 series router with the commands entered to configure the network shown in Figure 12.

Configuration for the Cisco 7500 Router
!
appletalk routing
interface Fddi 1/0.100
 encapsulation sde 100
 appletalk cable-range 100-100 100.2
 appletalk zone 100
!
interface Fddi 1/0.200
 encapsulation sde 200
 appletalk cable-range 200-200 200.2
 appletalk zone 200
!
interface FastEthernet 2/0.3
 encapsulation isl 3
 appletalk cable-range 3-3 3.2
 appletalk zone 3
!
interface FastEthernet 2/0.4
 encapsulation isl 4
 appletalk cable-range 4-4 4.2
 appletalk zone 4
!

Banyan VINES Routing over ISL Configuration Example

To configure routing of the Banyan VINES protocol over ISL trunks, you need to define ISL as the encapsulation type. This example shows Banyan VINES configured to be routed over an ISL trunk:

Example Banyan VINES Configuration
vines routing
interface fastethernet 0.1
 encapsulation isl 100
 vines metric 2

DECnet Routing over ISL Configuration Example

To configure routing the DECnet protocol over ISL trunks, you need to define ISL as the encapsulation type. This example shows DECnet configured to be routed over an ISL trunk:

Example DECnet Configuration
decnet routing 2.1
interface fastethernet 1/0.1
 encapsulation isl 200
 decnet cost 4

HSRP over ISL Configuration Example

The configuration example shown in Figure 13 shows HSRP being used on two VLAN routers sending traffic to and from ISL VLANs through a Catalyst 5000 switch. Each router forwards its own traffic and acts as a standby for the other.


Figure 13: Hot Standby Router Protocol Sample Configuration



The topology shown in Figure 13 illustrates a Cisco Catalyst VLAN switch supporting Fast Ethernet connections to two routers running HSRP. Both routers are configured to route HSRP over ISLs.

The standby conditions are determined by the standby commands used in the configuration. Traffic from Host 1 is forwarded through Router A. Because the priority for the group is higher, Router A is the active router for Host 1. Because the priority for the group serviced by Host 2 is higher in Router B, traffic from Host 2 is forwarded through Router B, making Router B its active router.

In the configuration shown in Figure 13, if the active router becomes unavailable, the standby router assumes active status for the additional traffic and automatically routes the traffic normally handled by the router that has become unavailable.

Host 1 Configuration
interface Ethernet 1/2
 ip address 110.1.1.25 255.255.255.0
 ip route 0.0.0.0 0.0.0.0 110.1.1.101
Host 2 Configuration
interface Ethernet 1/2
 ip address 110.1.1.27 255.255.255.0
 ip route 0.0.0.0 0.0.0.0 110.1.1.102
!
Router A Configuration
interface FastEthernet 1/1.110
 encapsulation isl 110
 ip address 110.1.1.2 255.255.255.0
 standby 1 ip 110.1.1.101
 standby 1 preempt
 standby 1 priority 105
 standby 2 ip 110.1.1.102
 standby 2 preempt
!
end
!
Router B Configuration
interface FastEthernet 1/1.110
 encapsulation isl 110
 ip address 110.1.1.3 255.255.255.0
 standby 1 ip 110.1.1.101
 standby 1 preempt
 standby 2 ip 110.1.1.102
 standby 2 preempt
 standby 2 priority 105
router igrp 1
!
network 110.1.0.0
network 120.1.0.0
!
VLAN Switch Configuration
set vlan 110 5/4
set vlan 110 5/3
set trunk 2/8 110
set trunk 2/9 110

IPX Routing over ISL Configuration Example

Figure 14 shows IPX interior encapsulations configured over ISL encapsulation in VLAN configurations. Note that three different IPX encapsulation formats are used. VLAN 20 uses sap encapsulation, VLAN 30 uses arpa, and VLAN 70 uses novell-ether encapsulation. Prior to the introduction of this feature, only the default encapsulation format, "novell-ether," was available for routing IPX over ISLlinks in VLANs.


Figure 14: Configurable IPX Encapsulations Routed over ISL in VLAN Configurations



VLAN 20 Configuration
ipx routing
interface FastEthernet 2/0 
 no shutdown
interface FastEthernet 2/0.20
 encapsulation isl 20
 ipx network 20 encapsulation sap
VLAN 30 Configuration
ipx routing
interface FastEthernet 2/0 
 no shutdown
interface FastEthernet 2/0.30
 encapsulation isl 30
 ipx network 30 encapsulation arpa
VLAN 70
ipx routing
interface FastEthernet 3/0
 no shutdown
interface Fast3/0.70
 encapsulation isl 70
 ipx network 70 encapsulation novell-ether

VIP Distributed Switching over ISL Configuration Example

Figure 15 illustrates a topology in which Catalyst VLAN switches are connected to routers forwarding traffic from a number of ISL VLANs. With the VIP distributed ISL capability in the Cisco 7500 series router, each VIP card can route ISL-encapsulated VLAN IP traffic. The inter-VLAN routing capacity is increased linearly by the packet-forwarding capability of each VIP card.


Figure 15: VIP Distributed ISL VLAN Traffic



In Figure 15, the VIP cards forward the traffic between ISL VLANs or any other routing interface. Traffic from any VLAN can be routed to any of the other VLANs, regardless of which VIP card receives the traffic.

These commands show the configuration for each of the VLANs shown in Figure 15:

interface FastEthernet1/0/0
 ip address 20.1.1.1 255.255.255.0
 ip route-cache distributed
 full-duplex
interface FastEthernet1/0/0.1
 ip address 22.1.1.1 255.255.255.0
 encapsulation isl 1
interface FastEthernet1/0/0.2
 ip address 22.1.2.1 255.255.255.0
 encapsulation isl 2
interface FastEthernet1/0/0.3
 ip address 22.1.3.1 255.255.255.0
 encapsulation isl 3
interface FastEthernet1/1/0
 ip route-cache distributed
 full-duplex
interface FastEthernet1/1/0.1
 ip address 77.1.1.1 255.255.255.0
 encapsulation isl 4
interface Fast Ethernet 2/0/0
 ip address 30.1.1.1 255.255.255.0
 ip route-cache distributed
 full-duplex
interface FastEthernet2/0/0.5
 ip address 33.1.1.1 255.255.255.0
 encapsulation isl 5
interface FastEthernet2/1/0
 ip address 40.1.1.1 255.255.255.0
 ip route-cache distributed
 full-duplex
interface FastEthernet2/1/0.6
 ip address 44.1.6.1 255.255.255.0
 encapsulation isl 6
interface FastEthernet2/1/0.7
 ip address 44.1.7.1 255.255.255.0
 encapsulation isl 7

XNS Routing over ISL Configuration Example

To configure routing of the XNS protocol over ISL trunks, you need to define ISL as the encapsulation type. This example shows XNS configured to be routed over an ISL trunk.

Example XNS Configuration
xns routing 0123.4567.adcb
interface fastethernet 1/0.1
 encapsulation isl 100
 xns network 20