Hosts in a VLAN are within their own broadcast domain and communicate freely. VLANs create network partitioning and traffic separation at layer 2 of the OSI specifications. To have hosts or any device communicate between VLANs, a layer-3 device is absolutely necessary.
You can use a router that has an interface for each VLAN, or a router that supports ISL routing. The least expensive router that supports ISL routing is the 2600 series router. The 1600, 1700, and 2500 series do not support ISL routing.
If you only had a few VLANs (two or three), you could get a router with two or three 10BaseT or FastEthernet connections. 10BaseT is OK, but FastEthernet will work really well. However, if you have more VLANs available than router interfaces, you can either run ISL routing on one FastEthernet interface or buy a route switch module (RSM) for a 5000 series switch. The RSM can support up to 1005 VLANs and run on the backplane of the switch. If you use one Fast-Ethernet interface and run ISL routing, Cisco calls this a router-on-a-stick.
VLAN Trunk Protocol (VTP)
Cisco created VLAN Trunk Protocol (VTP) to manage all the configured VLANs across a switched internetwork and to maintain consistency throughout the network. VTP allows an administrator to add, delete, and rename VLANs, which are then propagated to all switches.
VTP provides the following benefits to a switched network:
- Consistent VLAN configuration across all switches in the network
- Allowing VLANs to be trunked over mixed networks, like Ethernet to
- ATM LANE or FDDI
- Accurate tracking and monitoring of VLANs
- Dynamic reporting of added VLANs to all switches
- Plug-and-Play VLAN adding
A VTP domain can be used if you have more than one switch connected in a network. If all switches in your network are in only one VLAN, then you don’t need to use VTP. VTP information is sent between switches via a trunk port.
Switches advertise VTP-management domain information, as well as a configuration revision number and all known VLANs with any specific parameters. You can configure switches to forward VTP information through trunk ports but not accept information updates, nor update their VTP database. This is called VTP transparent mode.
If you are having problems with users adding switches to your VTP domain, you can add passwords, but remember that every switch must be set up with the same password, which may be difficult.
Switches detect the additional VLANs within a VTP advertisement and then prepare to receive information on their trunk ports with the newly defined VLAN in tow. The information would be VLAN ID, 802.10 SAID fields, or LANE information. Updates are sent out as revision numbers that are the notification plus 1. Anytime a switch sees a higher revision number, it knows the information it is receiving is more current and will overwrite the current database with the new one.