Basic configurations of L3 Switches

Basic configurations of L3 Switches
L3 switches play an important role in the replacement of common L2 switches in large and medium-sized networks. The reason is very simple. When there are a large number of computers in the network, it is necessary to divide them into several virtual networks to improve network security and reduce the consumption of network bandwidth by broadcast, this improves network transmission efficiency and computer performance. Communication between virtual networks must be achieved through a layer-3 switch. In addition, many security access policies can only be implemented on layer-3 switches.


Configure IP addresses for layer-3 Interfaces
With Cisco ios ip and IP routing protocols, Cisco Catalyst 4000/4500/6500 series switches support layer-3 interfaces for data exchange between Logical Networks in an enterprise's internal network. The Cisco L3 switch provides two types of L3 interfaces: Logical L3 VLAN Interface and physical L3 interface. The logical layer-3 VLAN Interface integrates the routing and bridging functions to implement line rate routing between VLANs. With the help of the physical layer-3 interface, it can implement functions similar to traditional routing on layer-3 switches, implement routing between ports.

Before configuring a logical layer-3 interface, you must create and configure a VLAN on the switch and specify the VLAN members to the layer-2 interface. In addition, you must enable IP routing and specify the IP routing protocol.

1. Step 1: Enter the global configuration mode.
   
2. Switch # configure terminal
   
3. 
   
4. Step 2: Specify the VLAN to be configured.
   
5. Switch (config) # vlan ID
   
6. 
   
7. Step 3: Specify IP address information for the VLAN. The computer in this VLAN uses this IP address as the default gateway.
   
8. Switch (config-if) # ip address ip_address subnet_mask
   
9. 
   
10. Step 4: Enable the logical layer-3 interface.
    
11. Switch (config-if) # no shutdown
    
12. 
    
13. Step 5: exit the configuration mode.
    
14. Switch (config-if) # end
    
15. 
    
16. Step 6: Save the configuration to NVRAM.
    
17. Switch # copy running-config startup-config
    
18. 
    
19. Step 7: Verify the configuration.
    
20. Switch # show interfaces [type slot/interface]
    
21. Switch # show ip interfaces [type slot/interface]
    
22. Switch # show running-config interfaces [type slot/interface]
    
23. Switch # show running-config interfaces vlan vlan_ID

Before configuring a physical layer-3 interface, you must enable IP routing and specify the IP routing protocol.

1. Step 1: Enter the global configuration mode.
   
2. Switch # configure terminal
   
3. 
   
4. Step 2: Enable IP routing.
   
5. Switch (config) # ip routing
   
6. 
   
7. Step 3: Specify the interface to be configured. It can be a physical interface or EtherChannel.
   
8. Switch (config) # interface-id
   
9. 
   
10. Step 4: convert a physical L2 interface to a physical L3 interface.
    
11. Switch (config-if) # no switchport
    
12. 
    
13. Step 5: Configure IP address information for this interface.
    
14. Switch (config-if) # ip address ip_address subnet_mask
    
15. 
    
16. Step 6: Enable the physical layer-3 interface.
    
17. Switch (config-if) # no shutdown
    
18. 
    
19. Step 7: exit the configuration mode.
    
20. Switch (config-if) # end
    
21. 
    
22. Step 8: Save the configuration to NVRAM.
    
23. Switch # copy running-config startup-config
    
24. 
    
25. Step 9: Verify the configuration.
    
26. Switch # show interfaces [type slot/interface]
    
27. Switch # show ip interfaces [type slot/interface]
    
28. Switch # show running-config interfaces [type slot/interface]

Set Static Routing if the Telnet terminal or SNMP Network Management site is in a different network with the switch, and no routing protocol is configured, you need to add a static route table to achieve communication with each other.

1. Step 1: Enter the global configuration mode.
   
2. Switch # configure terminal
   
3. 
   
4. Step 2: configure the static route to the remote network.
   
5. Switch (config) # ip route dest_IP_address mask {forwarding_IP | vlan vlan_ID}
   
6. 
   
7. Step 3: return the privileged configuration mode.
   
8. Switch (config) # end
   
9. 
   
10. Step 4: Verify the current settings.
    
11. Switch # show running-config
    
12. 
    
13. Step 5: Save the current configuration.
    
14. Switch # copy running-config startup-config

Instance analysis
I. network topology:

Ii. vro configuration: interface FastEthernet0/0
Ip address 10.66.88.222 255.255.255.0
Ip nat outside
Duplex auto
Speed auto
Interface FastEthernet0/1
Ip address 192.168.1.1 255.255.255.0
Ip nat inside
Duplex auto
Speed auto
Interface Vlan1
No ip address
Shutdown
Ip nat inside source list 1 interface FastEthernet0/0 overload
Ip classless
Ip route 192.168.2.0 255.255.255.0 192.168.1.222
Ip route 192.168.3.0 255.255.255.0 192.168.1.222
Access-list 1 permit 192.168.0.0 0.255.255

Three, layer-3 Switch configuration: hostname L3-SW
Ip dhcp pool vlan2pool
Network 192.168.3.0 255.255.255.0
Default-router 192.168.3.1
Dns-server 202.101.172.35
Ip dhcp pool vlan1pool
Network 192.168.2.0 255.255.255.0
Default-router 192.168.2.1
Dns-server 202.101.172.35
Interface FastEthernet0/1
No switchport
Ip address 192.168.1.222 255.255.255.0
Duplex auto
Speed auto
Interface FastEthernet0/2
Switchport mode trunk
Interface FastEthernet0/5
Switchport mode trunk
Interface Vlan1
Ip address 192.168.2.1 255.255.255.0
Interface Vlan2
Ip address 192.168.3.1 255.255.255.0
Ip classless
Ip route 0.0.0.0 0.0.0.0 192.168.1.1

Iv. L2 Switch configuration: 1. switch0 Configuration:
Hostname sw0
Interface FastEthernet0/1
Switchport mode trunk
Interface FastEthernet0/2
Switchport mode access
2. switch1 Configuration:
Hostname sw1
Interface FastEthernet0/1
Switchport mode trunk
Interface FastEthernet0/2
Switchport access vlan 2
Switchport mode access

Reference: http://book.51cto.com/art/200709/55729.htm