Configuring Routed Ports On Cisco L3 Switches
A Cisco CCNP SWITCH Exam Tutorial (642-813)
By Chris Bryant, CCIE #12933
In the first installment of this multilayer switching tutorial designed for CCNP candidates, we saw how to create switched virtual interfaces (SVIs) and how to use them on Cisco multilayer switches.
Ports on multilayer switches can also be configured as routing ports, and have IP addresses assigned directly to them. If we add a router to our network as shown below, that's what we'll need to do.
The ports on a multilayer switch will all be running in L2 mode by default. To configure a port as a routing port, use the no switchport command, followed by the appropriate IP address. Note that in the following configuration, the line protocol on the switch port goes down and comes back up in just a few seconds.
SW1(config)#interface fast 0/5
SW1(config-if)#no switchport
02:19:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down
02:19:30: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
SW1(config-if)#ip address 210.1.1.11 255.255.255.0
We verify the IP address assignment with show int fast 0/5.
SW1#show int fast 0/5
FastEthernet0/5 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0012.7f02.4b43 (bia 0012.7f02.4b43)
Internet address is 210.1.1.5/24
The switch can now ping 210.1.1.1.
SW1#ping 210.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
Now let's take this just one step further - what if we wanted the hosts in the VLANs to be able to communicate with the router? In the previous tutorial, we saw that the hosts can ping 210.1.1.11. They cannot ping 210.1.1.1, though.
HOST_1#ping 210.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
The router has no path to either 20.1.1.0 /24 or 30.1.1.0/24, so there's no way for the pings to get back to Host 1 or Host 3.
ROUTER_TO_INTERNET#show ip route
< code table removed for clarity >
Gateway of last resort is not set
C 210.1.1.0/24 is directly connected, FastEthernet0/0
To remedy that, we'll now configure a dynamic routing protocol between the L3 switch and the router. We'll use EIGRP in this case.
SW1(config)#router eigrp 100
SW1(config-router)#no auto-summary
SW1(config-router)#network 210.1.1.0 0.0.0.255
SW1(config-router)#network 20.1.1.0 0.0.0.255
SW1(config-router)#network 30.1.1.0 0.0.0.255
ROUTER_TO_INTERNET(config)#router eigrp 100
ROUTER_TO_INTERNET(config-router)#no auto-summary
ROUTER_TO_INTERNET(config-router)#network 210.1.1.0 0.0.0.255
The router now has the VLAN subnets in its routing table...
ROUTER_TO_INTERNET#show ip route
< code table removed for clarity >
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
D 20.1.1.0 [90/28416] via 210.1.1.11, 00:01:01, FastEthernet0/0
C 210.1.1.0/24 is directly connected, FastEthernet0/0
30.0.0.0/24 is subnetted, 1 subnets
D 30.1.1.0 [90/28416] via 210.1.1.11, 00:01:01, FastEthernet0/0
... and the hosts now have two-way IP connectivity with the router.
HOST_1#ping 210.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
HOST_3#ping 210.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 210.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
It never hurts to make sure the pings can go the other way, too! The router can successfully ping both hosts.
ROUTER_TO_INTERNET#ping 20.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
ROUTER_TO_INTERNET#ping 30.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
As you've seen, the choice of using SVIs and/or routed ports depends on what devices are on the other end of the connection. You've also seen that even a relatively simple network topology can require the use of both!
For dozens of additional videos, practice exams, and tutorials for the three CCNP exams, just follow these links...
CCNP ROUTE 640-902 Exam Training
CCNP SWITCH 642-813 Exam Training
CCNP TSHOOT 642-832 Exam Training
Over 8,250 students are now in my Video Boot Camps - and we're celebrating by offering 60% off ALL my courses on Udemy!
Just follow these links for full course descriptions and samples - your discount code BULLDOG60 has already been applied!
CCNA Video Boot Camp - Just $44!
CCNA Security 640-554 Video Boot Camp - $39!
CCNP ROUTE Video Boot Camp - $44
CCNP SWITCH Video Boot Camp - $44
CCNP TSHOOT Video Boot Camp - $44
CCNP All-in-One Course -- All 3 CCNP courses, just $99!
______________________________________________________
My CCNP SWITCH, CCNP ROUTE, and CCNP TSHOOT Study Guides Are Here!
  
___________________________________________________
To your success,
Chris Bryant
CCIE #12933
"The Computer Certification Bulldog"
chris@thebryantadvantage.com
|
