Router-on-a-Stick Configuration – Detailed Guide

1. Concept of Router-on-a-Stick

Definition: Router-on-a-Stick is a design where a single physical router interface is used to route between multiple VLANs using logical subinterfaces.
Purpose: Enables inter-VLAN routing in environments where deploying a Layer 3 switch or multiple router interfaces is not practical.
Use Case: Small/medium networks, labs, or cost-sensitive scenarios.

2. How a Single Router Interface Handles Multiple VLANs

Router's physical interface connects to a switch trunk port.
The interface is divided into subinterfaces (one for each VLAN).
Each subinterface is configured with its own IP address and 802.1Q VLAN tagging.

3. Requirements for Router-on-a-Stick

Router with at least one Ethernet interface
Switch with VLANs configured
Trunk link (802.1Q) between switch and router

4. Subinterfaces on the Router

A subinterface is a logical interface (e.g., GigabitEthernet0/0.10 for VLAN 10).
Each subinterface is mapped to a unique VLAN via encapsulation.

5. Encapsulation Types

802.1Q is the industry standard for VLAN tagging.
Each subinterface must be configured with the appropriate encapsulation and VLAN ID.
Native VLAN subinterface is typically for VLAN 1 (or as defined).

6. IP Addressing on Subinterfaces

Each subinterface gets an IP address from the VLAN’s subnet and acts as the default gateway for that VLAN.
Example:
- VLAN 10 (192.168.10.0/24) → Router subinterface IP: 192.168.10.1/24
- VLAN 20 (192.168.20.0/24) → Router subinterface IP: 192.168.20.1/24

7. Switch Port Configuration

The switch port connected to the router must be configured as a trunk.
All VLANs that require routing must be allowed on the trunk.

Switch(config)# interface GigabitEthernet0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20

8. Router Subinterface Configuration Example (Cisco IOS)

Suppose the router's physical interface is GigabitEthernet0/0:

Router(config)# interface GigabitEthernet0/0.10
Router(config-subif)# encapsulation dot1Q 10
Router(config-subif)# ip address 192.168.10.1 255.255.255.0

Router(config)# interface GigabitEthernet0/0.20
Router(config-subif)# encapsulation dot1Q 20
Router(config-subif)# ip address 192.168.20.1 255.255.255.0

Repeat this process for each required VLAN.

9. Routing Between VLANs

Hosts in each VLAN use the router subinterface IP as their default gateway.
When a host in VLAN 10 needs to reach VLAN 20:
- Frame is sent to the router via trunk.
- Router routes packet between subinterfaces.
- Frame returns to switch with correct VLAN tag.

10. Verification Commands

Command	Purpose
show ip interface brief	See status/IP of all interfaces
show running-config interface Gi0/0.10	Check subinterface config
show vlan	List VLANs on the switch
show interfaces trunk	View trunk status/allowed VLANs

11. Troubleshooting Common Issues

Problem	Cause	Solution
VLAN mismatch	VLAN not created/allowed on trunk	Check `show vlan`, `show interfaces trunk`
Encapsulation mismatch	Incorrect or missing dot1Q config	Use `encapsulation dot1Q [vlan-id]` on subinterface
Trunk negotiation	One end not trunk	Set `switchport mode trunk` on both ends

12. Performance Considerations

The single router interface is a bandwidth bottleneck—all inter-VLAN traffic must pass through it.
Best for smaller environments; high-traffic networks should use Layer 3 switches.

13. Security Considerations

Secure trunk ports (disable unused VLANs, set non-default native VLAN).
Apply ACLs on the router to control inter-VLAN communication as required.

14. Alternatives to Router-on-a-Stick

Layer 3 Switch Routing: Handles inter-VLAN routing directly; no single-interface bottleneck.
Multiple Physical Interfaces: Assign a separate router interface for each VLAN (rare in modern designs).

📘 Example Scenario

Scenario:

VLAN 10: 192.168.10.0/24 (PCs)
VLAN 20: 192.168.20.0/24 (Printers)
Router: GigabitEthernet0/0 to Switch GigabitEthernet0/1 (trunk)

Router Config:

interface GigabitEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.1 255.255.255.0

interface GigabitEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.20.1 255.255.255.0

Switch Config:

interface GigabitEthernet0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport trunk allowed vlan 10,20

PCs in VLAN 10 use 192.168.10.1 as gateway; printers in VLAN 20 use 192.168.20.1.
Traffic between VLANs is routed by the router-on-a-stick subinterfaces.

📑 Summary Table

Element	Configuration/Role
Router Subinterfaces	One per VLAN, dot1Q encapsulation
Switchport Mode	Trunk (all VLANs to router)
Inter-VLAN Routing	Handled by router subinterfaces
Bottleneck	Yes, single physical interface
Alternatives	Layer 3 switch, multiple router interfaces

When to Use Router-on-a-Stick

Small/medium networks needing inter-VLAN routing.
Where hardware/cost prevents Layer 3 switch use.
Lab and training scenarios for VLAN/trunking demonstration.

Router-on-a-Stick Configuration Quiz

1. What is the main purpose of Router-on-a-Stick?

A. To connect multiple physical interfaces on a router B. To route traffic between multiple VLANs using a single router interface C. To replace Layer 2 switches in a network D. To provide internet access to hosts

Correct answer is B. Router-on-a-Stick allows inter-VLAN routing with one physical interface subdivided into subinterfaces.

2. How does a router handle multiple VLANs on a single physical interface in Router-on-a-Stick?

A. Using multiple physical interfaces B. By using VLAN trunks without subinterfaces C. Through NAT D. By creating logical subinterfaces, each mapped to a VLAN with 802.1Q encapsulation

Correct answer is D. Logical subinterfaces are created for each VLAN with dot1Q tagging.

3. What VLAN encapsulation protocol is used in Router-on-a-Stick?

A. IEEE 802.1Q B. ISL (Inter-Switch Link) C. MPLS D. Frame Relay

Correct answer is A. 802.1Q is the industry-standard VLAN tagging protocol used.

4. What configuration is required on the switch port connected to the router in Router-on-a-Stick?

A. Access mode with a single VLAN B. Disabled port C. Trunk mode allowing multiple VLANs D. Port channel aggregation

Correct answer is C. The switch port must be configured as a trunk to carry multiple VLANs.

5. How are IP addresses assigned on router subinterfaces in Router-on-a-Stick?

A. Same IP for all subinterfaces B. Unique IP address within the subnet of the respective VLAN C. Public IP address only D. DHCP assigned from VLAN 1

Correct answer is B. Each subinterface IP is the default gateway for its VLAN subnet.

6. What is a major disadvantage of Router-on-a-Stick?

A. Requires multiple physical router interfaces B. Cannot route between VLANs C. Does not support VLAN tagging D. Single physical interface can become a bottleneck

Correct answer is D. All routed traffic flows through one physical interface, potentially limiting throughput.

7. Which command shows the configuration of a router subinterface in Router-on-a-Stick?

A. show running-config interface GigabitEthernet0/0.10 B. show vlan brief C. show interfaces trunk D. show ip route

Correct answer is A. This command shows specific subinterface configurations.

8. What must be ensured on the switch for Router-on-a-Stick to function properly?

A. All ports in access mode B. No VLANs configured C. Trunk port configured with allowed VLANs matching router subinterfaces D. DHCP disabled on switch

Correct answer is C. Allowed VLANs on trunk must match VLANs on router subinterfaces.

9. What happens when a device in VLAN 10 communicates with a device in VLAN 20 in a Router-on-a-Stick setup?

A. Traffic is switched directly between VLANs B. Router routes the traffic between VLAN 10 and VLAN 20 subinterfaces via the trunk link C. Traffic is dropped due to VLAN separation D. Switch performs routing internally

Correct answer is B. The router routes packets between VLAN subinterfaces using the trunk.

10. What is a good alternative to Router-on-a-Stick for larger networks?

A. Using hubs instead of switches B. Disabling VLANs C. Using static IP addresses D. Using Layer 3 switches with built-in routing capabilities

Correct answer is D. Layer 3 switches scale better for inter-VLAN routing than Router-on-a-Stick.

← Back to Home