Should small offices run OSPF or just static routes?

Up to 4-5 routers in a stable topology, static routes win — predictable, easy to troubleshoot, no protocol surprises. Beyond that, OSPF auto-recovers from link failures while you sleep. The crossover is around the size at which "I will just SSH in and fix it" becomes "I will be on a flight when this fails."

What is the difference between an L3 switch and a router?

Functionally the same for IP routing. Architecturally the L3 switch does line-rate forwarding in ASIC and is built for many high-bandwidth ports; routers prioritise feature richness (advanced QoS, deep ACLs, MPLS, IPSec termination) over raw port count. Use L3 switches for the campus core; use routers at the WAN edge.

Why do most enterprises avoid VLAN 1?

Because every switch ships with VLAN 1 as the default management VLAN, default native VLAN on trunks, and default for any unconfigured port. An attacker who plugs into an unconfigured port lands in VLAN 1 next to your management plane. Best practice: leave VLAN 1 unused, set native VLAN to a dedicated unused number on every trunk.

Are private VLANs (PVLANs) still useful?

Yes for hotel-style network designs (each guest gets isolation while sharing the same gateway VLAN), DMZ designs where servers must not talk to each other, and MDU/co-tenant infrastructure. Most modern designs prefer micro-segmentation tools (cloud SGs, host-based firewalls) but PVLANs remain the right answer in some campus-LAN cases.

Do I need to learn OSPF if my company runs everything in cloud?

AWS Transit Gateway, Azure Virtual WAN, GCP NCC all hide routing protocols from you — but they implement BGP underneath. You will not write OSPF configs, but understanding link-state and path selection makes hybrid-cloud routing problems debuggable instead of mysterious. Module 8 (BGP) is the more important follow-up for cloud practitioners.

Should I memorise OSPF area types or look them up?

Memorise: standard area, stub area, totally stubby, NSSA. Lookup the precise LSA-type behaviour. Recognising area types from a topology diagram is design-interview-grade; reciting LSA filtering rules is configuration-time work.

Why do enterprise networks still mix OSPF and BGP?

OSPF inside the enterprise (fast convergence, simple config, multi-vendor); BGP for the internet edge and large fabric architectures. They do not compete; they live at different scopes. Modern data-centre fabrics (Clos, BGP-EVPN) increasingly use BGP all the way down for consistency.

Advanced Routing and VLANs — Networking Module 4

Read as

Last updated: May 1, 2026

Routing is how packets find their way across networks larger than a single broadcast domain. This module is the working introduction to routing tables, longest-prefix match, static routes, OSPF, EIGRP, redistribution, and the VLAN model that segments a single switch into multiple broadcast domains. By the end you can read a route table on any router, design a small multi-VLAN office network, and explain VLAN-hopping attacks.

Most “the network is broken” tickets are routing tickets. A bad static route, a redistribution loop, an OSPF metric mismatch, an asymmetric path through a stateful firewall — every one of them ends with a packet that reaches its destination but cannot find its way back. This module gives you the mental model for routing decisions, the protocols (static, OSPF, EIGRP, RIP for completeness), and how VLANs slice a single switch into separate Layer-2 domains for segmentation.

The forwarding table — what every router actually does

A router’s job is short: receive packet, look up destination IP in forwarding table, send to next-hop, repeat. Lookup uses

longest-prefix matchamong all matching prefixes, the most specific wins. If your table has 0.0.0.0/0 via 1.1.1.1 (default route), 10.0.0.0/8 via 10.0.0.1, and 10.10.10.0/24 via 10.10.0.1, then a packet for 10.10.10.5 matches all three but the /24 wins because /24 is more specific than /8 which is more specific than /0. The Linux command ip route get 10.10.10.5 performs exactly this lookup.

Cisco IOSshow ip route 10.10.10.5.

Juniper Junosshow route 10.10.10.5. Memorise these — they are the first thing you type when something is broken.

Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants

Advanced Routing and VLANs — Static, OSPF, EIGRP, and Where Trust Boundaries Actually Live

The forwarding table — what every router actually does

Custom team training + practitioner advisory

Other modules in this track

Networking Fundamentals — OSI, TCP/IP, and Why Layers Actually Matter

Packet Analysis with Wireshark — From “Open the PCAP” to Diagnosing Real Incidents

Network Protocols Deep Dive — ARP, DHCP, ICMP, DNS, HTTP and the Trust They Assume