Understanding Layer 3 Switches: Functionality and Configuration

Slide Note
Embed
Share

Layer 3 switches combine the features of Ethernet switches and routers, allowing them to process both MAC and IP headers. By configuring VLANs, trunking, and management interfaces, these switches can handle data forwarding across different subnets efficiently. This guide explains the basic principles behind Layer 3 switches and how to optimize their performance in a network setup.

holderman_m
holderman_m Follow

Uploaded on Oct 10, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Layer-3 Switches Campus Network Design & Operations Workshop These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/) Last updated 13th October 2020

  2. Whats a Layer 3 switch? It's an Ethernet switch! Can look at Ethernet headers Builds MAC address table And it's a router! Can look at IP headers Has IP forwarding table and ARP table Which function it performs depend on how you configure it Out-of-the-box it will default to a simple L2 Ethernet switch

  3. Factory Default vlan 1 ! interface range Gi 1 - 8 no shutdown switchport switchport mode access switchport access vlan 1 !

  4. VLANs vlan 10,20 interface range Gi 1 - 4 switchport mode access switchport access vlan 10 interface range Gi 5 - 8 switchport mode access switchport access vlan 20 Question: how does the device behave differently after this config change?

  5. VLAN trunking interface Gi1 switchport mode trunk switchport trunk allowed vlan 10,20 Question: what is different about the frames on this wire?

  6. Management IP address 192.168.1.1 vlan 1 interface range Gi 1 - 8 switchport access vlan 1 interface Vlan1 ip address 192.168.1.1 255.255.255.0 ip default-gateway 192.168.1.254 ! or: ip route 0.0.0.0 0.0.0.0 192.168.1.254

  7. The Management Interface The switch has its own IP interface on vlan 1, with its own IP address Imagine the switch's CPU is plugged into vlan 1 (but without using up a physical port) You use this to manage the switch (ssh, snmp) Like any other IP device, it needs a default gateway to be able to send packets to a destination address on a different subnet

  8. IP routing Extend this by giving the switch an IP address on multiple VLANs Each address is of course within the IP subnet for that particular VLAN Enable the internal router within the switch It can receive datagrams on one VLAN, and resend them on another You have a layer 3 switch!

  9. IP routing Routing Process 192.168.1.1 192.168.2.1 vlan 10,20 ip routing interface Vlan10 ip address 192.168.1.1 255.255.255.0 interface Vlan20 ip address 192.168.2.1 255.255.255.0 ip route 0.0.0.0 0.0.0.0 192.168.1.254

  10. Routed VLAN interfaces It's really that simple! We have an IP address on each VLAN Other devices can point their default gateway at us We will forward datagrams on their behalf based on our IP forwarding table connected routes, static routes etc.

  11. Acting as a gateway Routing Process 192.168.1.1 192.168.2.1 IP addr: 192.168.1.50 Gateway: 192.168.1.1 IP addr: 192.168.2.99 Gateway: 192.168.2.1

  12. IPv6 is the same Routing Process 2001:db8:0:10::1 2001:db8:0:20::1 ipv6 unicast-routing ! interface Vlan10 ipv6 address 2001:db8:0:10::1/64 interface Vlan20 ipv6 address 2001:db8:0:20::1/64 ! ipv6 route ::/0 2001:db8:0:10::ff

  13. Simple campus: 1 subnet/building Routing Process etc interface Gi1 switchport mode access switchport access vlan 10 interface Gi2 switchport mode access switchport access vlan 20 interface Vlan10 ip address 192.168.1.1 255.255.255.0 interface Vlan20 ip address 192.168.2.1 255.255.255.0

  14. Multiple subnets per building Routing Process interface Gi1 switchport mode trunk switchport trunk allowed vlan 10-12 interface Gi2 switchport mode trunk switchport trunk allowed vlan 20-22 interface Vlan10 ip address 10.1.0.1 255.255.255.0 interface Vlan11 ip address 10.1.1.1 255.255.255.0 interface Vlan12 ip address 10.1.2.1 255.255.255.0 interface Vlan20 ip address 10.2.0.1 255.255.255.0 interface Vlan21 ip address 10.2.1.1 255.255.255.0 interface Vlan22 ip address 10.2.2.1 255.255.255.0 Question: what has to be different at the building aggregation switch?

  15. Hints and tips Remember, one subnet = one VLAN Don't use vlan 1 It's the "default vlan" and often has special default behaviour It may appear by default on all ports It's often hard to use with tagging Better to ignore it or remove it completely VLANs 2 to 4094 are usable

  16. Hints and tips Don't enable the same VLAN on links to different buildings! A layer 3 switch lets you do this but that doesn't mean it's a good idea. VLAN spaghetti" Implies: a wired VLAN per building, a wifi VLAN per building etc Choose a consistent scheme e.g. vlan 2-9 for NOC, vlan 10-19 for building 1, vlan 20-29 for building 2 etc.

  17. Routed interfaces / subinterfaces Some layer 3 switches let you configure routed ports This makes it work exactly like a router instead of a switch They may also have routed sub-interfaces with VLAN tags Cisco s Nexus switches can work like this This means you can route multiple subnets to each building, without having to create any actual VLANs Avoids running out of VLANs You can re-use the same VLAN tags for different subnets in different buildings! Makes the distribution/edge switch configs almost identical everywhere

  18. Fully routed interfaces Routing Process interface Gi1 no switchport interface Gi2 no switchport interface Gi1.10 encapsulation dot1q 10 ip address 10.1.0.1 255.255.255.0 interface Gi2.10 encapsulation dot1q 10 ip address 10.2.0.1 255.255.255.0 interface Gi1.11 encapsulation dot1q 11 ip address 10.1.1.1 255.255.255.0 interface Gi2.11 encapsulation dot1q 11 ip address 10.2.1.1 255.255.255.0 Both buildings use vlan tags 10-11 but these are different, isolated subnets

  19. Questions?

Related


Understanding the OSI Model and Layered Tasks in Networking

Understanding the OSI Model and Layered Tasks in Networking

brock
Understanding Software Switches in Computer Networks

Understanding Software Switches in Computer Networks

daan_27
Enhancing Efficiency in Sketch-based Monitoring for Programmable Switches

Enhancing Efficiency in Sketch-based Monitoring for Programmable Switches

abdurah
Workshop on Fine-grained Measurements App with P4 Programmable Switches

Workshop on Fine-grained Measurements App with P4 Programmable Switches

jream
Understanding ARP, ICMP, and DHCP in TCP/IP Protocol Stack

Understanding ARP, ICMP, and DHCP in TCP/IP Protocol Stack

kori_594
Understanding ZFS: Structure and Operations

Understanding ZFS: Structure and Operations

rerpe
Understanding Three-Way and Four-Way Switches in Electrical Systems

Understanding Three-Way and Four-Way Switches in Electrical Systems

eckhardt_y
Understanding Controllable Switches and Basic Logic Gates

Understanding Controllable Switches and Basic Logic Gates

kaya
Understanding Crossbar Switch Interconnection Structures

Understanding Crossbar Switch Interconnection Structures

val_so
Hands-On Training with P4 and Hardware Switches at University of South Carolina

Hands-On Training with P4 and Hardware Switches at University of South Carolina

bellarose
Evolution of Programmable Switches and Routers

Evolution of Programmable Switches and Routers

dart938
Understanding Communication Layers in Computer Networks

Understanding Communication Layers in Computer Networks

prairie
Understanding the Planetary Boundary Layer in Atmospheric Science

Understanding the Planetary Boundary Layer in Atmospheric Science

khard
Understanding Internet Transport Layer Services and Protocols

Understanding Internet Transport Layer Services and Protocols

daless
Understanding Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Understanding Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

ambell
Understanding the Link Layer in Computer Communication and Networks

Understanding the Link Layer in Computer Communication and Networks

jayliann
Understanding Link Layer in Computer Networking

Understanding Link Layer in Computer Networking

schifano_d
Understanding VLAN Trunking Protocol (VTP) in Networking

Understanding VLAN Trunking Protocol (VTP) in Networking

ionalo
NASA Platform Layer Updates for the CAELUM (7.0) Release

NASA Platform Layer Updates for the CAELUM (7.0) Release

arnie
Automated Mobile App QoE Diagnosis with Cross-layer Analysis

Automated Mobile App QoE Diagnosis with Cross-layer Analysis

eyad
Basic Switch Configuration Guide for Setting Up VLANs

Basic Switch Configuration Guide for Setting Up VLANs

ztal
WHONET Training Course: Laboratory Configuration and Setup

WHONET Training Course: Laboratory Configuration and Setup

aaron
Understanding Data Link Layer in Computer Networking

Understanding Data Link Layer in Computer Networking

keon_625
Updates on iKAGRA Installation and Configuration Changes

Updates on iKAGRA Installation and Configuration Changes

lyke_ari

More Related Content