# Lab 3 - Router-on-a-stick

Users are complaining they can't access servers in other departments. Deploy a router-on-a-stick solution to enable communication between VLANs

Tip: Individual topology files are available in the diagrams folder on my Github

# Configuration Tasks

# VLAN Configuration

Create and configure the following VLANs on both switches:

VLAN 10 - Sales Department
VLAN 20 - Engineering Department
VLAN 99 - Network Management

# Host & Access Port Configuration

Host	VLAN Assignment	IP Address
Bob	10 (Sales)	10.1.10.10/24
Alice	20 (Engineering)	10.1.20.10/24
Steve	99 (IT)	10.1.99.100/24
Linda	10 (Sales)	10.1.10.20/24

# Switchport Configuration

Configure the inter-switch link (Eth0/3 on both switches) as an 802.1Q trunk to carry only VLANs 10,20, and 99.
Configure VLAN 99 SVI for sea-a1-asw1 - 10.1.99.10/24
Configure VLAN 99 SVI for sea-b1-asw1 - 10.1.99.20/24

# Router Configuration

Configure gateways as subinterfaces for inter-VLAN routing:
- Eth1.10 with IP 10.1.10.1/24
- Eth1.20 with IP 10.1.20.1/24
- Eth2.99 with IP 10.1.99.1/24
Configure Loopback0 with IP 10.255.1.1/32

While traditionally "router-on-a-stick" refers to a single physical interface carrying multiple tagged VLANs, in this lab sea-mdf-r1 utilizes two physical interfaces (Eth1 and Eth2) in a "multi-stick" design. This choice was made for visual symmetry and doesn’t necessarily reflect best-practice network design.

# Success Criteria

Bob and Alice can ping each other (Inter-VLAN routing functioning)
All hosts can ping their respective gateways
Ping Loopback0 from Linda

Run sudo tcpdump -i eth1 -n on Bob. Ping Bob from Linda and Alice.
Configure router with SSH access and local user account other than admin, SSH to it from Steve

# Verification Commands

# Show VLAN configuration
show vlan [brief]

# Show trunk interfaces and allowed VLANs
show interfaces trunk

# Show interface status and mode
show interfaces status

# Show MAC address table
show mac address-table [dynamic]

# Show ARP table
show ip arp

# Show routing table
show ip route

# Questions to Explore

Why does router-on-a-stick use sub-interfaces instead of separate physical connections?
What kind of routes are each subnet in the routing table?
What happens to the VLAN tags when traffic reaches the router sub-interface?
Why do hosts need default gateways configured now when they didn't before?
What's the purpose of an ARP table? Where is it found?
Imagine the scenario: Steve pings Loopback0 on sea-mdf-r1, when the router goes to send the return traffic how will the L2 & L3 headers look? What does the router use to build it?
When you ran tcpdump on Bob, what types of traffic did you see?

"Host Access"

If SSH isn't working: docker exec -it <container-name> bash

Configure static IP: sudo ip addr add 10.1.10.10/24 dev eth1

Note: This is the last time I will call out the host acccess and configuration commands. Either refer back or take notes for future labs!

EOS 4.34.1F - Layer 2 Configuration | Virtual VLANs (VLANS)

Arista documentation isn't nearly as ubiquitous as Cisco's, so in some cases it may be harder to find a guide for the thing you're trying to configure. In this case, there's no reference for Layer 3 subinterfaces in their user guide. The command-line syntax is extremely similar though, so finding a guide for a Cisco configuration will get you most of the way there.