Configuring virtual routing interfaces

1 of 3

http://www.brocade.com/downloads/documents/html_product_manuals/...

Multi-Service IronWare Switching Configuration Guide

R05.5.00
Part Number: 53-1002820-02

documentation@brocade.com
VLANs : Configuring virtual routing interfaces

Configuring virtual routing interfaces

The Brocade device sends Layer 3 traffic at Layer 2 within a protocol-based VLAN. However, Layer 3
traffic from one protocol-based VLAN to another must be routed. If you want the device to be able to send
Layer 3 traffic from one protocol-based VLAN to another on the same device, you must configure a virtual
routing interface on each protocol-based VLAN, then configure routing parameters on the virtual routing
interfaces.
A virtual routing interface is a logical routing interface that the Brocade device uses to route Layer 3
protocol traffic between protocol-based VLANs. It is a logical port on which you can configure Layer 3
routing parameters.
For example, to enable a Brocade device to route IP traffic from one IP protocol VLAN to another, you
must configure a virtual routing interface on each IP protocol VLAN, then configure the appropriate IP
routing parameters on each of the virtual routing interfaces.
Example
Brocade(config)# vlan 2
Brocade(config-vlan-2)# tagged e 1/1 to 1/2
Brocade(config-vlan-2)# router-interface ve 1

The Brocade device can locally route IP packets between VLANs that are defined within a single device.
If you do not need to further partition the port-based VLAN into protocol-based VLANs, you can define a
single virtual routing interface at the port-based VLAN level and enable routing on a single virtual routing
interface.
Brocade(config)# vlan 2
Brocade(config-vlan-2)# tagged e 1/1 to 1/2
Brocade(config-vlan-2)# router-interface ve 2
Brocade(config-vlan-2)# exit
Brocade(config)# interface ve 2
Brocade(config-ve-2)# ip address 10.1.1.1/24

Syntax:router-interface ve ve-number
Enter 1 to the maximum number of virtual routing interfaces supported on the device for ve-number.

Integrated Switch Routing (ISR)

Integrated Switch Routing (ISR) feature enables VLANs configured on the Brocade device to route
Layer 3 traffic from one protocol-based VLAN to another instead of forwarding the traffic to an external
router. The VLANs provide Layer 3 broadcast domains for the protocols, but do not in themselves provide
routing services. This is true even if the source and destination protocols are on the same device.
ISR eliminates the need for an external router by allowing you to route between VLANs using virtual
routing interfaces (ves). You configure a separate virtual routing interface on each VLAN that you want to
use to route packets. For example, if you configure two IP protocol VLANs on a Brocade device, you can
configure a virtual routing interface on each of the IP protocol VLAN, then configure IP routing parameters

28/10/2014 10:29 AM

Configuring virtual routing interfaces

http://www.brocade.com/downloads/documents/html_product_manuals/...

for the IP protocol VLAN. Thus, the Brocade device forwards IP broadcasts within each VLAN at Layer 2
but routes Layer 3 traffic between the VLANs using the virtual routing interfaces.
NOTE: The Brocade device uses the lowest MAC address on the device (the MAC address of port 1/1) as
the MAC address for all ports within all virtual routing interfaces you configure on the device.
The routing parameters and the syntax for configuring them are the same as when you configure a
physical interface for routing (for example, interface ve 10). The logical interface allows the Brocade
device to internally route traffic between the protocol-based VLANs without using physical interfaces.
All the ports within a protocol-based VLAN must be in the same port-based VLAN. The protocol-based
VLAN cannot have ports in multiple port-based VLANs, unless the ports in the port-based VLAN to which
you add the protocol-based VLAN are 802.1q tagged.
You can configure multiple protocol-based VLANs within the same port-based VLAN. In addition, a port
within a port-based VLAN can belong to multiple protocol-based VLANs of the same type or different
types. For example, if you have a port-based VLAN that contains ports 1/1 1/10, you can configure port
1/5 as a member of an AppleTalk protocol VLAN, an IP protocol VLAN, and an IPX protocol VLAN, and so
on.
If the router interface for IP is configured on physical ports, then routing occurs independent of the
Spanning Tree Protocol (STP). However, if the router interfaces are defined for IP VLAN, they are virtual
routing interfaces and are subject to the rules of STP.
If your backbone consists of virtual routing interfaces all within the same STP domain, it is a bridged
backbone, not a routed one. This means that the set of backbone interfaces that are blocked by STP will
be blocked for routed protocols as well. The routed protocols will be able to cross these paths only when
the STP state of the link is FORWARDING. This problem is easily avoided by proper network design.
When designing an ISR network, pay attention to your use of virtual routing interfaces and the
spanning-tree domain. If Layer 2 switching of your routed protocols (IP, IPX, AppleTalk) is not required
across the backbone, then the use of virtual routing interfaces can be limited to edge switch ports within
each router. Full backbone routing can be achieved by configuring routing on each physical interface that
connects to the backbone. Routing is independent of STP when configured on a physical interface.
If your ISR design requires that you switch IP, IPX, or Appletalk at Layer 2 while simultaneously routing
the IP protocol over a single backbone, then create multiple port-based VLANs and use VLAN tagging on
the backbone links to separate your Layer 2 switched and Layer 3 routed networks.
There is a separate STP domain for each port-based VLAN. Routing occurs independently across
port-based VLANs or STP domains. You can define each end of each backbone link as a separate tagged
port-based VLAN. Routing will occur independently across the port-based VLANs. Because each
port-based VLANs STP domain is a single point-to-point backbone connection, you are guaranteed to
never have an STP loop. STP will never block the virtual router interfaces within the tagged port-based
VLAN, and you will have a fully routed backbone.
A Brocade device offers the ability to create a virtual routing interface within a Layer 2 STP port-based
VLAN or within each IP protocol VLAN. This combination of multiple Layer 2 or Layer 3 broadcast
domains and virtual routing interfaces are the basis for the very powerful Integrated Switch Routing (ISR)
technology. ISR is very flexible and can solve many networking problems.

FIGURE 10 Example of two separate backbones for the same protocol

2 of 3

28/10/2014 10:29 AM

Configuring virtual routing interfaces

http://www.brocade.com/downloads/documents/html_product_manuals/...

The following is a sample configuration for the illustration above.

Brocade(config)# vlan 2
Brocade(config-vlan-2)# tagged e 1/1 to 1/2
Brocade(config-vlan-2)# router-inter ve 2
Brocade(config-vlan-2)# exit
Brocade(config)# vlan 3
Brocade(config-vlan-3)# tagged e 1/13 to 1/24
Brocade(config-vlan-3)# router-int ve 3
Brocade(config-vlan-3)# exit
Brocade(config)# interface ve 2
Brocade(config-ve-2)# ip address 10.1.1.1/24
Brocade(config-if-e1000-2/1)# exit
Brocade(config)# interface ve 3
Brocade(config-ve-3)# ip address 10.2.1.1/24

IP packets are bridged (switched) within the same protocol VLAN if they are on the same subnet; they are
routed if they are on a different VLAN.

VLANs : Configuring virtual routing interfaces

3 of 3

28/10/2014 10:29 AM