WiFi Router HelpWiFi Router Help
Router Setup

Router on a Stick: Inter-VLAN Routing Explained

A practical guide to router on a stick for inter-VLAN routing, with step-by-step configurations, real-world examples, and troubleshooting tips for reliable home networks.

WiFi Router Help
WiFi Router Help Team
·5 min read
UPnPNATDHCPRouter HardwareIP Address
Router on Stick Guide - WiFi Router Help
Quick AnswerDefinition

Router on a stick is a method for inter-VLAN routing using subinterfaces on a single router port, with a trunk to a switch. Each subinterface handles one VLAN, enabling traffic to route between VLANs without multiple routers. This keeps small networks simple and scalable, especially when you need separate guest, IoT, and admin networks but limited hardware. WiFi Router Help notes success hinges on consistent trunking and careful VLAN planning.

What is Router on a Stick and Why It Matters

Router on a stick is a widely used technique for inter-VLAN routing in modern small networks. It lets you route traffic between multiple VLANs through a single router interface by creating subinterfaces, each mapped to a different VLAN. According to WiFi Router Help, this approach keeps hardware simple while preserving flexible network segmentation. You might choose this method when your switch already handles VLAN tagging and you want centralized routing without buying a dedicated router for every VLAN. The concept relies on trunk links and meticulous VLAN planning to prevent routing loops and misrouting. In practice, you design the VLANs you need (for example, 10 for IoT, 20 for guests, 30 for admin) and assign IP subnets to each subinterface. The router acts as the gateway for all VLANs, performing inter-VLAN routing and, if necessary, DHCP relay or server duties for each network.

Bash
# Cisco IOS-like subinterface example (conceptual) interface Gi0/0 no shutdown ! interface Gi0/0.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ! interface Gi0/0.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0

The code above demonstrates the basic pattern: a single uplink interface with multiple dot1Q subinterfaces, each carrying traffic for its VLAN and presenting a gateway for devices in that VLAN. If you use a different vendor, translate the syntax accordingly.

  • This section introduces the core concept, the role of trunking and subinterfaces, and sets expectations for hardware and design choices. It also includes a practical example to illustrate the pattern.

Steps

Estimated time: 45-60 minutes

  1. 1

    Define VLANs and plan IPs

    Choose VLAN IDs and assign IP subnets for each VLAN. This step sets the scope for the router-on-a-stick design.

    Tip: Document VLAN names and subnet ranges to avoid conflicts.
  2. 2

    Prepare uplinks and trunking

    Configure the uplink between the router and the switch as a trunk that carries all planned VLANs. Ensure the native VLAN aligns across devices.

    Tip: Keep the native VLAN consistent to prevent untagged traffic leakage.
  3. 3

    Create router subinterfaces

    Create one subinterface per VLAN on the router uplink and assign the corresponding IP gateway.

    Tip: Verify encapsulation type matches the switch’s VLAN tagging.
  4. 4

    Configure DHCP and gateways

    Decide whether the router or a central DHCP server will assign addresses for each VLAN and set the default gateways accordingly.

    Tip: Test DHCP relay if using a central DHCP server.
  5. 5

    Test inter-VLAN routing

    Verify connectivity across VLANs with pings and traceroutes. Check routing tables and interface statuses.

    Tip: Look for asymmetric paths that may indicate misconfigurations.
  6. 6

    Document and review

    Record your final IP plan, VLAN mapping, and device roles. Review firewall rules that govern inter-VLAN traffic.

    Tip: Schedule periodic reviews after network changes.
Pro Tip: Use a consistent VLAN naming scheme across devices to reduce confusion.
Warning: Mismatched trunk native VLANs can cause traffic leakage.
Note: Verify DHCP relay configuration if you rely on central DHCP.

Prerequisites

Required

  • Router with subinterface support (e.g., Cisco IOS, Junos, or Linux with VLANs)
    Required
  • Managed switch with VLAN tagging and trunking
    Required
  • Formal VLAN plan and IP subnet scheme
    Required
  • Administrative access to devices (console/SSH)
    Required

Optional

  • DHCP server or relay knowledge (optional)
    Optional

Commands

ActionCommand
Show trunk and VLANsOn router/switch to verify trunkingshow interfaces trunk
Create subinterface for VLAN 10Replace with appropriate VLAN/IPinterface Gi0/0.10\n encapsulation dot1Q 10\n ip address 192.168.10.1 255.255.255.0
Create subinterface for VLAN 20Replace with appropriate VLAN/IPinterface Gi0/0.20\n encapsulation dot1Q 20\n ip address 192.168.20.1 255.255.255.0
Configure switch uplink trunkEnsure native VLAN matchesinterface Gi1/0\n switchport mode trunk\n switchport trunk allowed vlan 10,20

People Also Ask

What is router on a stick, and when should I use it?

Router on a stick provides inter-VLAN routing by using router subinterfaces on a single uplink. It works well in small networks with VLAN segmentation and limited hardware.

Router on a stick uses one router to connect multiple VLANs via subinterfaces so devices on different VLANs can communicate.

Do I need a switch that supports VLAN tagging?

Yes. A VLAN-capable switch is required to tag and forward traffic across VLANs. The router-on-a-stick setup relies on a trunk link to carry multiple VLANs between the router and the switch.

A VLAN-capable switch makes trunking possible, which is essential for router-on-a-stick routing.

Can Linux be used for router-on-a-stick?

Absolutely. Linux can perform inter-VLAN routing using VLAN subinterfaces and iproute2. This approach is flexible and cost-effective for DIY networks.

You can run RoS on Linux by creating VLAN interfaces and enabling IP routing.

What are common pitfalls with RoS?

Common pitfalls include trunk misconfigurations, native VLAN mismatches, and DHCP relay mistakes. Careful VLAN planning and verification steps help avoid these problems.

Watch out for trunking issues and make sure the VLANs and IPs line up across devices.

How do I verify inter-VLAN routing works?

Use pings between gateways in different VLANs, check routing tables, and verify that devices have appropriate default gateways. Use traceroute to diagnose path issues.

Test with pings across VLAN gateways and check your routes to confirm inter-VLAN routing is active.

What to Remember

  • Plan VLANs before configuring
  • Use trunk links with dot1Q tagging
  • Test inter-VLAN routing with pings
  • Document IP schemes and device roles
  • Keep native VLANs consistent across devices

Related Articles

← More in Router Setup