[ CCNA · DOMAIN 2 · INTER-VLAN · PLAIN-ENGLISH ANSWER ]
WHAT IS ROUTER-ON-A-STICK?_
One router, one cable, every VLAN routed. Here's how router-on-a-stick works and the exact subinterface config.
[ ▶ SHORT ANSWER ]
Router-on-a-stick (ROAS) is a way to route between VLANs using a single physical link between a switch and a router. The link is a trunk, and the router's interface is divided into logical subinterfaces — one per VLAN. Each subinterface is tagged with that VLAN's ID using 802.1Q (encapsulation dot1q ) and is assigned the IP address that serves as the default gateway for that VLAN's subnet. Traffic from one VLAN travels up the trunk, is routed by the matching subinterface, and comes back down tagged for the destination VLAN. It's the classic single-router method of inter-VLAN routing on the CCNA.
VLANs can't talk to each other on their own — each is a separate subnet and needs a Layer 3 device to route between them. Router-on-a-stick (ROAS) is the cheapest way to do that with the gear you already have: one router and one trunked link.
The idea
Instead of dedicating a physical router port to each VLAN (you'd run out fast), you use one physical interface and slice it into subinterfaces — virtual interfaces like g0/0.10 and g0/0.20. Each subinterface handles one VLAN, tagged with 802.1Q, and holds that VLAN's gateway IP.
The config
R1(config)# interface g0/0
R1(config-if)# no shutdown
R1(config)# interface g0/0.10
R1(config-subif)# encapsulation dot1q 10
R1(config-subif)# ip address 192.168.10.1 255.255.255.0
R1(config)# interface g0/0.20
R1(config-subif)# encapsulation dot1q 20
R1(config-subif)# ip address 192.168.20.1 255.255.255.0
And the switch port facing the router must be a trunk:
SW(config-if)# switchport mode trunk
The gotchas
- Each host's default gateway must point at its VLAN's subinterface IP.
- The physical interface (
g0/0) needs no shutdown; the subinterfaces inherit its state.
- If you use a native VLAN, tag it explicitly with
encapsulation dot1q <vlan> native to avoid mismatches.
ROAS vs a Layer 3 switch
ROAS is simple and cheap but the single link can become a bottleneck. On larger networks you'd use a Layer 3 switch with SVIs instead, which routes in hardware. Both are fair game on the CCNA.
★ RELATED QUESTIONS
[ Why is it called router-on-a-stick? ]
Because all VLAN traffic enters and leaves the router over a single trunk link — the router hangs off the switch on one 'stick' instead of using a separate cable per VLAN.
[ How many subinterfaces can I create? ]
One per VLAN you want to route. The subinterface number doesn't have to match the VLAN ID, but matching them (g0/0.10 for VLAN 10) is a clean convention worth keeping.
[ Is router-on-a-stick still used? ]
It's common in small networks and labs. Larger designs prefer Layer 3 switches with SVIs for hardware-speed routing, but ROAS remains an exam favourite and a perfectly valid small-scale solution.
★ READ NEXT
[ ▶ RELATED PLAIN-ENGLISH ANSWERS ]
[ ★ PRACTICE IT, DON'T JUST READ IT ]
Concepts stick when you drill them. Run
today's Daily CCNA Drill to build a streak, or jump straight into the related labs and tools: