Rustyice Solutions Blog
Read All About It

Search Our Site

Our Newsletter

Our Ramblings

Layer 3 interfaces on Cisco Catalyst switches

Cisco Catalyst multilayer switches support three different types of Layer 3 interfaces:

Routed Port – A pure Layer 3 interface similar to a routed port on a Cisco IOS router.

Switch Virtual Interface (SVI) – A virtual VLAN interface for inter-VLAN routing. In other words, SVI’s are the virtual routed VLAN interfaces.

Bridge Virtual Interface (BVI) – A Layer 3 virtual bridging interface.

With the advent of high-performance switches such as the Catalyst 6500 and 4500, almost every function from spanning tree to routing is done through hardware switching using features such as MLS and Cisco Express Forwarding (CEF)-based MLS.

All Layer 3 Cisco Catalyst switches support routing protocols, but several models of Catalyst switches require enhanced software for specific routing protocol features.

Routed Ports

A routed port is a physical port that acts similarly to a port on a traditional router with Layer 3 addresses configured. Unlike an access port, a routed port is not associated with a particular VLAN. A routed port behaves like a regular router interface, except that it does not support subinterfaces as with Cisco IOS routers. Routed ports are used for point-to-point links; connecting WAN routers and security devices are examples of the use of routed ports.

To configure routed ports, make sure to configure the respective interface as a Layer 3 interface using the no switchport interface command, if the default configurations of the interfaces are Layer 2 interfaces as with the Catalyst 3550 family of switches. In addition, assign IP addresses and other Layer 3 parameters as necessary. After assigning the IP address, make certain that IP routing is globally enabled and that applicable routing protocols are configured. Note that routed ports are available only in Cisco IOS.

Take note: Issuing the no switchport command shuts down the interface and then re-enables it, which might generate messages on the device to which the interface is connected. When you use this command to put the interface into Layer 3 mode, you delete any Layer 2 characteristics configured on the interface.

Switch Virtual Interfaces (SVI)

Switch Virtual Interfaces (SVI) areLayer 3 interfaces that are configured on multilayer Catalyst switches that are used for inter-VLAN routing. An SVI is a VLAN interface that is associated with only one VLAN-ID to enable routing capability on that VLAN.

To configure an SVI for inter-VLAN routing on a Catalyst switch, such as the Catalyst 6000 series, perform these steps:

  1. (Optional) Enable IP routing on the router.
    Switch (config) #ip routing
  2. (Optional) Specify an IP routing protocol or use static routes.
    Switch (config) #router ip_routing_protocol options
  3. Specify an SVI by using a VLAN interface command.
    Switch (config) #interface vlan vlan-id
  4. Assign an IP address to the VLAN.
    Switch (config-if) #ip address ip_address subnetmask
  5. Enable the interface.
    Switch (config-if) #no shutdown

Note: Make sure that VLAN’s are present in the VLAN database before creating SVI (VLAN) interfaces. Interfaces do not forward traffic for a VLAN until the VLAN is present in the VLAN database.

The number of routed ports and SVI’s supported by the Layer 3 Catalyst switches is not limited by software; however, the relationship between the number of routed ports and the number of Layer 3 interfaces and other features might affect CPU utilisation because of hardware limitations. One such example is NAT, because several models of Catalyst switches do not support NAT in hardware. Most Catalyst families have different limitations with regard to the number of SVI’s supported. In addition the number of VLAN’s and SVI’s supported per Catalyst family is not always the same. For example, a switch may support 256 VLAN’s, but only 64 SVI’s (routed VLAN interfaces). Always refer to product release notes for the latest details about the number of VLAN’s and SVI’s supported per Catalyst family of switch.

Bridge Virtual Interfaces (BVI)

A bridge virtual interface (BVI) is a Layer 3 virtual interface that acts like a normal SVI to route packets across bridged or routed domains. Bridging Layer 2 packets across Layer 3 interfaces is a legacy method of moving frames in a network. To configure a BVI to route, use the integrated routing and bridging (IRB) feature, which makes it possible to route a given protocol between routed interfaces and bridge groups within the same device. Specifically, routable traffic is routed to other routed interfaces and bridge groups, while local or unroutable traffic is bridged among the bridged interfaces in the same bridge group. As a result, bridging creates a single instance of spanning tree in multiple VLAN’s or routed subnets. This type of configuration complicates spanning tree and the behaviour of other protocols, which in turn makes troubleshooting difficult.

In todays network, however, bridging across routed domains is highly discouraged. A BVI is useful for migrating bridged networks to routed networks, while hosts on the bridged network can reach hosts on the routed network during the migration phase.

Only Cisco IOS routers support BVI’s. The exceptions to this rule are the Catalyst 2948G-L3 and 4908G-L3 switches and the WS-X4232 Layer 3 module for the Catalyst 4000 switches. These switches use BVI’s in place of SVI’s for configuration. However these switches are the only models to use BVI’s instead of SVI’s. In addition, Cisco intends to have all future models of Catalyst switches use the SVI method of configuring inter-VLAN routing. Again, except for the Catalyst 2948G-L3 and 4908G-L3 switches and the WS-X4232 Layer 3 module, BVI’s are not supported on multilayer switches, and the use of BVI’s on Cisco IOS routers is discouraged.

Moreover, several Catalyst multilayer switches support fallback bridging methods of forwarding traffic between VLAN’s. Fallback bridging forwards traffic not routed by the switch such as SNA, and connects multiple VLAN’s into one bridge domain by bridging between two or more SVI’s or routed ports. As a result, bridging the spanning tree in multiple VLAN’s creates a single instance of spanning tree for all VLAN’s. When configuring fallback bridging, you assign SVI’s or routed ports to bridge groups, with each SVI or routed port assigned to only one bridge group. All interfaces in the same group belong to the same bridge domain. Cisco does not recommend this practice however. Instead it recommends using fallback bridging exclusively for migration because of the hardware-switching limitations of fallback bridging, confusing spanning tree topologies, and other factors that make troubleshooting difficult.

1 Comments

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Do You Have a Tip or an Idea for a Story? Tell Us About It.

About Isotope

Isotope is available for purchase or part of a club membership from RocketTheme, inclusive of the RocketLauncher, theme, plugins and sources.

Subscribe Here

Subscribe to our newsletter and stay updated on the latest developments and special offers!