Layer 3 Switching 1

By certskills July 18, 2016 09:05

This next lab asks you to enable layer 3 switching in a couple of distribution layer switches. This lab is pretty far reaching as well, asking for some VLAN trunking configuration and VLAN creation. Because it is such a comprehensive lab, rather than the usual 5-10 minute exercise, plan on 15 minutes to do this one in a text editor. Dig in and enjoy!


In this design, you will create the routing configuration required to support four user VLANs. Two user VLANs exist on switch Access1 (VLANs 10 and 20), and two user VLANs exist on switch Access2 (VLANs 30 and 40). The two distribution switches route between those VLANs, using a link between the two switches to route packets between the distribution switches.

The specific rules for this lab are:

  • Configure the access switches (Access1 and Access2):
    • As layer 2 switches
    • Create the necessary VLANs per the figure
    • Assume VTP Transparent mode is in use on all switches
    • Configure the ports on the bottom of the access switches (in the figure) to be access ports in the listed VLANs
  • Configure trunks:
    • Make the link from switch Dist1 to Access1 a manual 802.1Q trunk
    • Make the link from switch Dist2 to Access2 a manual 802.1Q trunk
    • (Do NOT make the Dist1 to Dist2 link a trunk)
  • Configure the distribution switches (Dist1 and Dist2)
    • As layer 3 switches
    • Use SVIs for the switches’ layer 3 interfaces (that is, VLAN interfaces)
    • Use the IP addresses listed in the figure
    • Create the necessary VLANs per the figure
    • Assume VTP transparent mode
  • Configure the link between the distribution switches
    • Do not trunk on this link
    • Make this link an access link in VLAN 50
    • Route between switches Dist1 and Dist2 over this link between the switches
  • Administratively enable all SVI/VLAN interfaces
  • Note that RIPv2 has been pre-configured in preparation for your layer 3 switching configuration


Figure 1: Switch Square Topology


Initial Configuration

Examples 1, 2, 3 and 4 shows the beginning configuration state of Dist1, Dist2, Access1 and Access2.


Example 1: Dist1 Config


Example 2: Dist2 Config


Example 3: Access1 Config


Example 4: Access2 Config


Answer on Paper, or Maybe Test in Lab

Next, write your answer on paper. Or if you have some real gear, or other tools, configure the lab with those tools.

To test your solution if you happen to try it with CML/VIRL or real gear, you can check using a couple of different commands. On the Distribution switches check that the VLANs have been created by using the show vlan brief command, then check that the VLAN interfaces were configured with the show ip interfaces brief and/or show running-config commands. Also check that the trunks are operational using the show interfaces trunk command. On the Access switches, check that the VLANs have been created and assigned properly using the show vlan brief command and verify that the trunks are operational using the show interfaces trunk command.


Do this Lab with Cisco’s CML (Formerly VIRL)

You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for Cisco Modeling Lab – Personal (CML-P). CML-P replaces Cisco Virtual Internet Routing Lab (VIRL) software, in effect serving as VIRL Version 2.

Below, find two files: a file useful with CML-P and another useful with VIRL. (Note that the CML-P file has a .yaml filetype, while the older VIRL file has a VIRL filetype.) Once the file is loaded, CML-P or VIRL will create a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well.

This lab’s CML file!

This lab’s VIRL file!

All interfaces in topology match the lab figure. The CML/VIRL topology also includes hosts to allow testing of the design. For instance, you can ping between the four PCs to test your configuration.

Configuration Note:

If you do use CML/VIRL, note that to make trunking work, you need to also choose the trunking protocol with the switchport trunk encapsulation dot1q interface subcommand. The CML/VIRL switch IOS image happens to be based on a Cisco switch that supports both the older ISL and the new 802.1Q, so you have to specify which protocol to use.

Host device info:

This table lists host information pre-configured in CML/VIRL, information that might not be required by the lab but may be useful to you.

Device IP Address Gateway User/password
PC1 cisco/cisco
PC2 cisco/cisco
PC3 cisco/cisco
PC4 cisco/cisco


Handy Host Commands:

To see PC IP address: ifconfig eth1

Ping example: ping -c 4

Trace example: tracepath

To connect to another node within the topology: telnet

Answers: PAT w/ a Pool 1
PPP over Ethernet 2
By certskills July 18, 2016 09:05
Write a comment


  1. Mit September 15, 03:49

    Hi Wendell,

    Can you please briefly tell why we really need to have Routers when we are already having L3 switches available.

    As it turns out, the Multi-layer switches are faster when it comes to routing mechanisms since the same is hardware based, unlike traditional routers. There must be reason(s) which I am not having a clue of why we can’t replace the existence of Routers with ML Switches.

    Reply to this comment
    • Dan November 26, 14:19

      Layer 3 switches are hardware based, and can only mainly be used to route between VLANs within a LAN. Routers are software based, and have features that enable them to route outside a LAN, as well as inside it. Since Routers they’re software based, they have many more features than a Layer 3 switch, but they’re slower. Layer 3 switches lack the software features of a Router, but they’re much faster. If you have a network with many VLANs, Layer 3 switches make much more sense because they can route between VLANs way faster, rather than going to a slower Router every time. This way they only hit the router if they need to exit the LAN. There’s some other reasons but those are some main ones i’ve read.

      Reply to this comment
  2. Homero October 6, 19:21

    Hi Wendell,

    Why using layer 2 switch symbol for Dist1 and 2 in the image if they are layer 3 switches?


    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email


Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.