Understanding Routed VLAN Interfaces on EX Series Switches

Virtual LANs (VLANs), by definition, divide a LAN’s broadcast environment into isolated virtual broadcast domains, thereby limiting the amount of traffic flowing across the entire LAN and reducing the possible number of collisions and packet retransmissions within the LAN. For example, you might want to create a VLAN that includes the employees in a department and the resources that they use often, such as printers, servers, and so on.

Of course, you also want to allow these employees to communicate with people and resources in other VLANs. To forward packets between VLANs, you traditionally needed a router that connected the VLANs. However, you can also accomplish this forwarding with a switch by configuring a routed VLAN interface (RVI). Using this approach reduces complexity and avoids the costs associated with purchasing, installing, managing, powering, and cooling a router.

RVIs route only VLAN traffic. An RVI works by logically dividing a switch into multiple virtual routing instances, thereby isolating VLAN traffic traveling across the network into virtual segments. Routed VLAN interfaces allow switches to recognize which packets are being sent to another VLAN’s MAC addresses—then, packets are bridged (switched) whenever the destination is within the same VLAN and are only routed through the RVI when necessary. Whenever packets can be switched instead of routed, several layers of processing are eliminated. The switches rely on their Layer 3 capabilities to provide this basic RVI routing between VLANs:

• Two VLANs on the same switch
• Two VLANs on different switches (Routing is provided by an intermediary third switch.)

Figure 1 illustrates a switch routing VLAN traffic between two access layer switches.

Figure 1: An RVI on a Switch Providing Routing Between Two Other Switches

When Should I Use an RVI?

In addition to providing communication between VLANs, an RVI binds specific VLANs to specific Layer 3 interfaces, allowing you to track RVI use for billing purposes. Configure an RVI for a VLAN if you need to:

• Allow traffic to be routed between VLANs.
• Provide Layer 3 IP connectivity to the switch.
• Monitor individual VLANs for billing purposes. Service providers often need to monitor traffic for this purpose, but this capability can be useful for enterprises where various groups share the cost of the network.

How Does an RVI Work?

An RVI is a special type of Layer 3 virtual interface named vlan. Like all Layer 3 interfaces, the vlan interface requires a logical unit number with an IP address. In fact, to be useful, an RVI requires at least two logical units and two IP addresses—you must create units with addresses in each of the subnets associated with the VLANs between which you want traffic to be routed. That is, if you have two VLANs (for example, VLAN red and VLAN blue) with corresponding subnets, your RVI must have a logical unit with an address in the subnet for red and a logical unit with an address in the subnet for blue. The switch automatically creates direct routes to these subnets and uses these routes to forward traffic between VLANs.

The RVI interface on the switch detects both MAC addresses and IP addresses and then routes data to other Layer 3 interfaces on routers or other switches. RVIs detect both IPv4 and IPv6 unicast and multicast virtual routing and forwarding (VRF) traffic. Each logical Layer 3 subinterface can belong to only one routing instance. An RVI is subdivided into logical interfaces, each with a logical interface number appended as a suffix to vlan —for example, vlan.10.

Creating an RVI

There are four basic steps when creating an RVI, as shown in Figure 2.

Figure 2: Creating an RVI

The following explanations correspond to the four steps for creating a VLAN, as depicted in Figure 2.

• Configure VLANs—Virtual LANs are groups of hosts that communicate as if they were attached to the same broadcast stream. VLANs are created with software and do not require a physical router to forward traffic. VLANs are Layer 2 constructs.
• Create RVIs for the VLANs—The switch's RVI uses Layer 3 logical interfaces on the switch (unlike routers, which can use either physical or logical interfaces).
• Assign an IP address to each VLAN—An RVI cannot be activated unless it is associated with a physical interface.
• Bind the VLANs to the logical interfaces—There is a one-to-one mapping between a VLAN and an RVI, so only one RVI can be mapped to a VLAN.

For more specific instructions for creating an RVI, see Configuring Routed VLAN Interfaces (CLI Procedure).

Viewing RVI Statistics

Some switches automatically track RVI traffic statistics. Other switches allow you to turn that tracking on or off. Table 1 illustrates the RVI tracking capability on various switches.

You can view RVI input (ingress) and output (egress) totals with the command show interfaces vlan extensive. Look at the input and output values in the field Logical Unit Transit Statistics for RVI activity values.

RVI Functions and Other Technologies

RVIs are similar to IRBs, SVIs, and BVIs. They can also be combined with other functions:

• RVIs are similar to integrated routing and bridging (IRB) interfaces supported on Juniper routers and switch virtual interfaces (SVIs) and bridge-group virtual interfaces (BVIs) supported on other vendors’ devices.
• VRF is often used in conjunction with Layer 3 subinterfaces, allowing traffic on a single physical interface to be differentiated and associated with multiple virtual routers. For more information about VRF, see Understanding Virtual Routing Instances on EX Series Switches .
• For redundancy, you can combine an RVI with implementations of the Virtual Router Redundancy Protocol (VRRP) in both bridging and virtual private LAN service (VPLS) environments. For more information about VRRP, see Understanding VRRP on EX Series Switches.