Cisco Routing/Switching – Layer 3 Switching, Routed VLANS

Configure a layer 3 switch design with two VLANs that can communicate with each other, negate the use of a router by using a layer 3 switch.

We need to follow a simple design, get two machines talking to each other across different VLANs, see design below:

 

 

 

 

 

 

 

 

 

 

 

 

Following the simple process of:

  1. Connect the devices as shown
  2. Create VLAN 23 (Clients) and VLAN 24 (Servers) on the switch and assign ports as shown
  3. Configure a Layer 3 Switch design. The SVI’s (Switch Virtual Interface) should have the first IP address on each subnet
  4. The computer in VLAN 23 should be able to ping the computer in VLAN 24 and vice versa

 

Create the layer 2 VLANS as per the CLI below:

L3-Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L3-Switch(config)#vlan 23
L3-Switch(config-vlan)#Name Clients
L3-Switch(config-vlan)#exit
L3-Switch(config)#vlan 24
L3-Switch(config-vlan)#Name Servers
L3-Switch(config-vlan)#exit
L3-Switch(config)#exit
L3-Switch#
%SYS-5-CONFIG_I: Configured from console by console

L3-Switch#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gig0/1, Gig0/2
23   Clients                          active    
24   Servers                          active    
51   ENG                              active    
52   MGMT                             active    
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
 --More--

As you can see my Vlans have been created, then assign the interfaces you have connected to the switch ports to the specified VLANS, in my example I’m using interfaces 0/1 and 0/2:

L3-Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L3-Switch(config)#int fa0/1
L3-Switch(config-if)#sw
L3-Switch(config-if)#switchport mode access
L3-Switch(config-if)#switchport access vlan 23
L3-Switch(config-if)#exit
L3-Switch(config)#int fa0/2
L3-Switch(config-if)#sw
L3-Switch(config-if)#switchport mode access
L3-Switch(config-if)#switchport access vlan 24
L3-Switch(config-if)#exit
L3-Switch(config)#end
L3-Switch#
%SYS-5-CONFIG_I: Configured from console by console

L3-Switch#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/3, Fa0/4, Fa0/5, Fa0/6
                                                Fa0/7, Fa0/8, Fa0/9, Fa0/10
                                                Fa0/11, Fa0/12, Fa0/13, Fa0/14
                                                Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                Fa0/23, Fa0/24, Gig0/1, Gig0/2
23   Clients                          active    Fa0/1
24   Servers                          active    Fa0/2
51   ENG                              active    
52   MGMT                             active    
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
23   enet  100023     1500  -      -      -        -    -        0      0
 --More--

Next you will need to enable your layer 3 mode and create the interface vlans, these are pretty much VLANS but working on a layer 3 interface:

L3-Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
L3-Switch(config)#ip routing
L3-Switch(config)#int vlan 23
L3-Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan23, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan23, changed state to up

L3-Switch(config-if)#ip address 10.1.51.1 255.255.255.0
L3-Switch(config-if)#description Client Routed Interface
L3-Switch(config-if)#exit
L3-Switch(config)#int vlan 24
L3-Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan24, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan24, changed state to up

L3-Switch(config-if)#ip address 10.1.52.1 255.255.255.0
L3-Switch(config-if)#description Servers Routed Interface
L3-Switch(config-if)#exit
L3-Switch(config)#do sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol 
FastEthernet0/1        unassigned      YES unset  up                    up 
FastEthernet0/2        unassigned      YES unset  up                    up 
FastEthernet0/3        unassigned      YES unset  down                  down 
FastEthernet0/4        unassigned      YES unset  down                  down 
FastEthernet0/5        unassigned      YES unset  down                  down 
FastEthernet0/6        unassigned      YES unset  down                  down 
FastEthernet0/7        unassigned      YES unset  down                  down 
FastEthernet0/8        unassigned      YES unset  down                  down 
FastEthernet0/9        unassigned      YES unset  down                  down 
FastEthernet0/10       unassigned      YES unset  down                  down 
FastEthernet0/11       unassigned      YES unset  down                  down 
FastEthernet0/12       unassigned      YES unset  down                  down 
FastEthernet0/13       unassigned      YES unset  down                  down 
FastEthernet0/14       unassigned      YES unset  down                  down 
FastEthernet0/15       unassigned      YES unset  down                  down 
FastEthernet0/16       unassigned      YES unset  down                  down 
FastEthernet0/17       unassigned      YES unset  down                  down 
FastEthernet0/18       unassigned      YES unset  down                  down 
FastEthernet0/19       unassigned      YES unset  down                  down 
FastEthernet0/20       unassigned      YES unset  down                  down 
FastEthernet0/21       unassigned      YES unset  down                  down 
FastEthernet0/22       unassigned      YES unset  down                  down 
FastEthernet0/23       unassigned      YES unset  down                  down 
FastEthernet0/24       unassigned      YES unset  down                  down 
GigabitEthernet0/1     unassigned      YES unset  down                  down 
GigabitEthernet0/2     unassigned      YES unset  down                  down 
Vlan1                  unassigned      YES unset  administratively down down 
Vlan23                 10.1.51.1       YES manual up                    up 
Vlan24                 10.1.52.1       YES manual up                    up
L3-Switch(config)#

As you can see from the above the SVI’s are configured with the first IP address on each subnet and are now showing up in our sh ip int brief list, they will also appear in the routing table on the switch if you run a sh ip route:

L3-Switch#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.51.0 is directly connected, Vlan23
C       10.1.52.0 is directly connected, Vlan24

L3-Switch#

Now this is done configure your two PC’s with their specified IP’s:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Make sure your setting the default gateway to the SVI address.

You should then be able to ping your SVI:

 

 

 

 

 

 

 

Then on that device ping the other device and run a tracert to it:

 

 

 

 

 

 

 

 

 

Then you will see that communicating between devices is successful and tracert show’s that the route it takes is through the Layer 3 switches routed interface.

 

Leave a Reply

Your email address will not be published. Required fields are marked *