Configuring Routed Ports On Cisco L3 Switches

A Cisco CCNP SWITCH Exam Tutorial (642-813)

By Chris Bryant, CCIE #12933

In the first installment of this multilayer switching tutorial designed for CCNP candidates, we saw how to create switched virtual interfaces (SVIs) and how to use them on Cisco multilayer switches.

Ports on multilayer switches can also be configured as routing ports, and have IP addresses assigned directly to them. If we add a router to our network as shown below, that's what we'll need to do.

The ports on a multilayer switch will all be running in L2 mode by default. To configure a port as a routing port, use the no switchport command, followed by the appropriate IP address. Note that in the following configuration, the line protocol on the switch port goes down and comes back up in just a few seconds.

SW1(config)#interface fast 0/5
SW1(config-if)#no switchport

02:19:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down

02:19:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up

SW1(config-if)#ip address 210.1.1.11 255.255.255.0

We verify the IP address assignment with show int fast 0/5.

SW1#show int fast 0/5
FastEthernet0/5 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0012.7f02.4b43 (bia 0012.7f02.4b43)
Internet address is 210.1.1.5/24

The switch can now ping 210.1.1.1.

SW1#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

Now let's take this just one step further - what if we wanted the hosts in the VLANs to be able to communicate with the router? In the previous tutorial, we saw that the hosts can ping 210.1.1.11. They cannot ping 210.1.1.1, though.

HOST_1#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

The router has no path to either 20.1.1.0 /24 or 30.1.1.0/24, so there's no way for the pings to get back to Host 1 or Host 3.

ROUTER_TO_INTERNET#show ip route
< code table removed for clarity >

Gateway of last resort is not set

C 210.1.1.0/24 is directly connected, FastEthernet0/0

To remedy that, we'll now configure a dynamic routing protocol between the L3 switch and the router. We'll use EIGRP in this case.

SW1(config)#router eigrp 100
SW1(config-router)#no auto-summary
SW1(config-router)#network 210.1.1.0 0.0.0.255
SW1(config-router)#network 20.1.1.0 0.0.0.255
SW1(config-router)#network 30.1.1.0 0.0.0.255

ROUTER_TO_INTERNET(config)#router eigrp 100
ROUTER_TO_INTERNET(config-router)#no auto-summary
ROUTER_TO_INTERNET(config-router)#network 210.1.1.0 0.0.0.255

The router now has the VLAN subnets in its routing table...

ROUTER_TO_INTERNET#show ip route

< code table removed for clarity >

Gateway of last resort is not set

20.0.0.0/24 is subnetted, 1 subnets
D 20.1.1.0 [90/28416] via 210.1.1.11, 00:01:01, FastEthernet0/0
C 210.1.1.0/24 is directly connected, FastEthernet0/0
30.0.0.0/24 is subnetted, 1 subnets
D 30.1.1.0 [90/28416] via 210.1.1.11, 00:01:01, FastEthernet0/0

... and the hosts now have two-way IP connectivity with the router.

HOST_1#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

HOST_3#ping 210.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

It never hurts to make sure the pings can go the other way, too! The router can successfully ping both hosts.

ROUTER_TO_INTERNET#ping 20.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

ROUTER_TO_INTERNET#ping 30.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

As you've seen, the choice of using SVIs and/or routed ports depends on what devices are on the other end of the connection. You've also seen that even a relatively simple network topology can require the use of both!

For dozens of additional videos, practice exams, and tutorials for the three CCNP exams, just follow these links...

CCNP ROUTE 640-902 Exam Training

CCNP SWITCH 642-813 Exam Training

CCNP TSHOOT 642-832 Exam Training

... and just follow this next set of links to watch a full hour of any of my CCNP Video Boot Camp DVDs at a very reasonable price - free!

CCNP SWITCH DVD

CCNP TSHOOT DVD

CCNP ROUTE DVD

CCNP Video Boot Camp Bundle (50 hours of training!)

Here's a complete course outline for each CCNP DVD -- click on the first two lessons in any of the courses to watch for free!

______________________________________________________

My CCNP SWITCH, CCNP ROUTE, and CCNP TSHOOT Study Guides Are Here!

___________________________________________________

To your success,

Chris Bryant

CCIE #12933

"The Computer Certification Bulldog"

chris@thebryantadvantage.com