Hello, my name is Tyler McMinn with Aruba networks, and this is Part 3 of our Network Essentials series of videos. In this video, we're going to continue on with inter-VLAN routing, where we're picking up on the last video talking about routing in general and a review of what addressing is used when doing IPv4 or even IPv6 that you would assign to your devices. Without further ado, let's jump into inter-VLAN routing. Inter-VLAN routing is this concept of taking your switch and using it as a router. Here is a multi-layer switch, we've got some ports facing our hosts, we might be doing some internal switching where some of these hosts are going to be assigned to say, VLAN 99. Other ports might be assigned to say, VLAN 20. They gave the example of VLAN 10. So I guess we can stick with that as well. So VLAN 10 here. Ultimately what the internal SVIs or Switch Virtual Interfaces will do is they will allow us to act as a default gateway for those hosts in those particular subnets without requiring an external router, like you would see here. Instead, what we can end up doing is routing from our internal process or an ARP link to another router on the other side. We can do this either by enabling this interface as an actual routed interface, just simply go under the port and use the command routing, or this is available on CX, or on CX you could do a more traditional Aruba way of assigning a specific VLAN like say, I don't have to VLAN 209 or whatever and then dedicate your IP address to use Azure Layer 3 point-to-point between this switch and the router's switch. The router is more than likely going to just use an IP address right on its interface. So maybe it's using the address 10.1.1.1 and we might use the address 10.1.1.2. A completely different subnet between anything we're doing over on these guys but that allows us to route between point-to-point between routers. We need to have our own unique address, our own unique subnet there. So we can just make these slash 24s, just like we've been sticking with and instead of assigning the IP address right under the port, like the router's doing which you could do. Instead, you might have a dedicated VLAN and put the IP address under the VLAN, just like we did with VLAN 1 in our previous lab steps. So a lot of options there for being able to get your routing setup but you want to think of these multilayer switches as switches that can do routing as well. In some cases better than even dedicated routers, depending on which switch you're talking about. So we call this Switch Virtual Interface an SVI, and it's typically just a VLAN that you create first, and then you go back under it and you assign an IP address. By assigning the Layer 3 address, it's now a Layer 3 interface. Pretty much all there is to it. What makes it a little bit odd is that it's not like a physical port, like you would expect on a router. So let's take a look here. A VLAN is going to contain its own broadcast domain. I've been saying this for the last 12 or 15 videos, so to speak off and on. But yeah, every VLAN you have is going to restrict your broadcast domains, which means each hosts that are in those VLANs are only going to be able to reach other hosts in that VLAN for doing ARP request or for doing any readability without using the gateway. So if you move a host from one VLAN like the sales VLAN, and let's say we move this host over here just for argument's sake, and plug it into a port that is shared by the human resources, we can't use the same address we had before. We would need to assign a new address in that same subnet in order for this host to be able to reach the same members of that local area or that subnets, and to be able to reach its own routing on the upstream router. In order to allow routing between these different subnets, what you would do is traditionally, with Layer 2 switches only not multi-layer switches, you could go in and provide your normal access layer connectivity here, so red over here to the left, blue over here to the right and then you could trunk those different VLANs along this link. You just simply allow VLAN 10 for sales 24, whatever that is over there, so 10 and 20, and then the router itself would run what they call a routing on a stick method here to be able to route between those. So a packet that was coming in from the HR could then be rerouted out to the VLAN 10 for sales and vice versa. But they would need the Layer 3 function of the router to make that transition between one subnet and another, to one route and another. You can combine the best of the router with the switch in and of itself, you just pop that router inside the switch not literally, but you get a switch that can support both functions and you are set. You don't need to have a whole second up link, you don't need to have a second expensive router there, you can just utilize the functionality that you're multilayer switch provides. So whether it's a multilayer switch or a dedicated router, they both achieve the same goal, which is ultimately to provide routing. Routing means you need to have a routing table, just like a switch has a Layer 2 MAC address table to connect Layer 1 ports to what MAC addresses they've learned on those interfaces. Routers carry routing tables, and routing tables are tables full of destinations that the router knows how to get to. What is the Next-Hop if you want to go to that destination and ultimately what physical or in this case, Switch Virtual Interface do you want to use? It could actually be a physical port or it could be a dedicated VLAN on a Switch Virtual Interface that will allow you to bridge yourself out, so it doesn't really matter. With CX, we could actually assign our IP addresses right to the port, but then only one subnet would cross over there, meaning that all of your routes would use the same physical interface to go out, which is not necessarily a bad thing. You could do that, you could have thousands of routes use the same physical port. There's no real restriction there, but in some cases when you want to do some more advanced networking designs, will take advantage of these SPIs. I'll just leave it at that. Pop quiz again. I know I keep hitting with these. A router's IP address table has an entry with a Next-Hop IP address of 10.30.233.1. Let me go back a moment. The Next-Hop address from Core-1's perspective, this is Core-1's routing table to reach this 172 network. This 172 network here is reachable through its neighbor Core-2. Router one knows that, either we told it or it learned it through exchanging a dynamic routing protocol like OSPF, but one way or another, that destination ends up in the routing table, so whenever a pack it wants to go to that destination and it arrives on the router, the router then does a lookup to see if going to the destination 192.168.0.50, as long as it can match the 24-bits of that destination address, then that's going to be probably it's best match to reach that destination. Really what the router needs is a way to understand where does it send it. Right now there's only one possible route across to Core-2, but there's certainly many designs where we might have a second router here that also knows how to get to that subnet. The question for Core-1 is which one is the best route? Which one ultimately is it going to use? The quick and easy answer is, if it's in the routing table, it's the best route. That's just how it is. So all the math, all the metrics, and all the logic is figured out ahead of time, and the results are in the routing table. Then how does the Core-1, when it does look up, how does it know which one did it actually was the best? Well, it's scribed by the address in the Next-Hop. The Next-Hop in this case is going to be 172.16.0.253. What is that? That is the IP address that Core-1 uses to get to Core-2 and the Core-2 to get back to Core-1. Core-1 would go to.253, Core-2, if it was going to Core-1, would use.254. This 253 is Core-1's Next-Hop. The places is going to forward it's frames, it's packets to continue along this journey, and it may be that the route is right on the other side of Core-2, and maybe that the route is 50 routers away across seven different ISPs and 13 different countries or whatever. I don't know how that works, but anyway, it doesn't matter. As far as Core-1's concerned, it's job is to just get it to the Next-Hop. Whether that's Core-2 or whether it's this router down here, whichever one is the best route that's the one is going to use. Let's go back to the question then because the question was about our Next-Hop address. If the router's IP routing table has an entry with a Next-Hop address of 10.30.223.1. What does this number represent? Now, I showed you the answer. It is the next Layer 3 address that should receive the packet, and that is correct, but it's not necessarily the packet destination. The destination may be several hops away or B, the next Layer 2 switch that should receive the packet. This is not for Layer 2 switches. There might be 12 Layer 2 switches between those routers. We don't care, it doesn't matter, those aren't hops. The router that is the next Layer 3 device, that's what our Next-Hop is. Layer 2, while it could bridge that traffic is not a destination in and of itself. C, the cached ARP or address resolution protocol entry for the destination MAC address. We're not actually routing based upon destination MAC addresses, we switch based on that, but the MAC address is just telling us whether we go to this Next-Hop or whether we go when we complete the frame to go to our Next-Hop router, that's the MAC address we use. But in and of itself, it's not the final destination, so that's not entirely correct. Then the router's own egress interface for routing. It has this entry. What does this number represent? It's not our own address. Our own address was.254 on our router. The Next-Hop was.253, and so in our Next-Hop table, we don't see our own IP addresses, we see the Next-Hop address, our neighbors IP addresses, so that would be incorrect as well. Good question, and I feel like it's hard enough that is worth showing the answer first and then going through and showing all the explanations. I think the explanations of the wrong answers tells us more than just the right answer. I apologize if I gave that one away, I promise the next one I won't do that. This video has been covering essentially the very basics of what a routing table is, what a routing function is, what the Next-Hop addresses, and a little bit of a pop quiz on it. Break time is probably a good idea. When we come back in the next video, we're going to jump into a lab where we're actually going to finally enable routing and be one step closer to getting our PC 1 to ping PC 4. Again, thank you very much for your time. I'll see you guys in the next video.