If your Layer 3 switch can function as a DHCP server, configure a DHCP server for each VLAN. The M4100 switch has DHCP server functionality, so I set up DHCP servers for VLANs 7 and 8. The screenshot shows my configuration for the DHCP pool for VLAN 7.
My DHCP server configurations for VLAN 8 are basically the same, but using the 192.168.8.0 subnet. I did not configure a DHCP pool for VLAN 1 on the switch, as my router already provides a DHCP server for VLAN 1.
When configuring a DHCP Pool, it is also important to configure an exclusion list. The exclusion list is a list of statically assigned IP addresses that you don't want to be given out by the DHCP server, such as the Gateway or VLAN Interface IP address.
If your Layer 3 switch doesn't provide DHCP server functionality, you can either statically address devices in each VLAN, or use a separate DHCP server. If you use a separate DHCP server, you may need to enable DHCP Relay on the Layer 3 switch so DHCP requests are forwarded to the DHCP server.
Create VLAN interfaces for VLAN 7 and 8 on the Layer 3 switch as shown below. As you can see in the steps so far, the table I created at the beginning is providing all the values I need to complete my configuration.
Create a default route from the Layer 3 switch to the gateway router. My default route is pointing all traffic not matching a specific route in the route table at my gateway router, 192.168.199.1.
This step may be different on some Layer 3 switches, it depends on whether the managment VLAN is routable. On the M4100, the managememt interface isn't routable and it is configured by default to use VLAN 1. I have to make a few changes if I want VLAN 1 to be routable.
I connected my PC to port 7, which is now on VLAN 7 and logged into the switch through its VLAN 7 interface, 192.168.7.254. Shown below, I created VLAN 99 and changed the M4100's management interface to VLAN 99 and gave it an IP address from an unused IP address range, 192.168.99.10. VLAN 99 is a "dummy" VLAN as I won't be using it on my network.
Create the VLAN 1 interface on the switch. Now that VLAN 1 is not used for the management interface, you can create a routable interface for this VLAN 1. In the screen shot shown under step 5, I gave the VLAN 1 interface an address of 192.168.199.254 as planned from my chart.
Connect your devices and test. Put a PC on each of the VLANs, make sure it gets an IP address in the appropriate subnet. (Note, you need to have an active device on each VLAN for the switch's VLAN interface to be active.) Use the chart you created at the beginning and ping all the addresses listed, as well as ping an Internet address, such as google.com. Check the route table in your router and switch to ensure both have routes to all the subnets. Check the default route destination on the switch is set correctly.
If all your tests have passed, you've successfully set up VLANs and inter-VLAN routing on a Layer 3 switch. Network performance should increase as you've now separated broadcast domains, yet you're able to route between broadcast domains at near wire speed. Security of your network can now be more easily managed as you can implement filters to control traffic based on subnet addreses.
If your network isn't working, go back to your chart. Make sure you've assigned the correct addresses on each VLAN. Also, go back to your router and make sure your static routes are properly configured. Most routers have a ping utility, verify your router can ping each of the switch's VLAN interfaces.
I used NETGEAR's M4100 as my Layer 3 switch, but there are many other options out there, such as Cisco's SG300 series switches. I reviewed the Cisco SG500-28P not too long ago, which also is a Layer 3 switch.
I hope this guide is helpful in growing and managing your network. The bottom line is a Layer 3 switch can make it easier to implement VLANs and separate subnets on your network without investing in a new router.