Lab: VLAN Configuration & Inter-VLAN Routing

Network Segmentation using a Layer 3 Switch

1. Project Overview

Objective

This project demonstrates how to segment a network into two distinct broadcast domains using Virtual LANs (VLANs). The lab covers the creation of VLANs, assignment of switch ports, and configuration of a Layer 3 switch to enable routing between the different VLANs.

Network Environment

  • Switch: 1x Layer 3 Switch (3560-24PS)
  • End Devices: 6x PCs
  • VLAN 10 (Admin_Traffic): 192.168.10.0/24
  • VLAN 20 (Guest_Traffic): 192.168.20.0/24

2. Configuration Steps

VLAN Definition & Port Assignment

First, I created two VLANs and assigned a range of ports to each.

Switch(config)# vlan 10
Switch(config-vlan)# name Admin_Traffic
Switch(config-vlan)# exit

Switch(config)# vlan 20
Switch(config-vlan)# name Guest_Traffic
Switch(config-vlan)# exit

Switch(config)# interface range fa0/1-3
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 10

Switch(config)# interface range fa0/4-6
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 20

SVI Creation & IP Routing

Next, I created Switch Virtual Interfaces (SVIs) to act as default gateways for each VLAN and enabled IP routing on the switch.

Switch(config)# interface vlan 10
Switch(config-if)# ip address 192.168.10.1 255.255.255.0
Switch(config-if)# no shutdown

Switch(config)# interface vlan 20
Switch(config-if)# ip address 192.168.20.1 255.255.255.0
Switch(config-if)# no shutdown

Switch(config)# ip routing

3. Testing and Verification

With the configuration complete, I tested connectivity from a PC in the Admin VLAN (10) to a PC in the Guest VLAN (20) to confirm that inter-VLAN routing was working correctly.

Ping from PC1 (VLAN 10) to PC4 (VLAN 20)
C:\>ipconfig

FastEthernet0 connection:
   IPv4 Address. . . . . . . . . . . : 192.168.10.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.10.1

C:\>ping 192.168.20.2

Pinging 192.168.20.2 with 32 bytes of data:
Reply from 192.168.20.2: bytes=32 time<1ms TTL=127
Reply from 192.168.20.2: bytes=32 time<1ms TTL=127
Reply from 192.168.20.2: bytes=32 time<1ms TTL=127
Reply from 192.168.20.2: bytes=32 time<1ms TTL=127

Ping statistics for 192.168.20.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

4. Conclusion

Successful Inter-VLAN Routing

The successful ping test confirms that the Layer 3 switch is correctly routing traffic between VLAN 10 and VLAN 20. This lab successfully demonstrates the fundamental concepts of network segmentation with VLANs and the configuration of a Layer 3 switch to manage traffic between them.