Config Lab: Layer 3 Switching w/ Routed Ports
Layer 3 switches, aka multilayer switches, route packets using the same logic as IP routers. For ports connected to another layer 3 switch or a router, the layer 3 switch benefits from using that port as a routed port. In effect, the switch applies routing logic, and only routing logic, to messages flowing in and out of that physical port. This Config Lab uses a grid of four devices (two routers and two layer 3 switches) for which you configure the layer 3 switches to use routed ports.
The Lab Exercise
Lab Requirements
This lab focuses on four devices, but you need to understand the broader context as well.
First, consider two routers that connect to various WAN links. Those routers connect the site to the WAN so that devices in the local site can communicate with hosts in other sites inside the Enterprise.
Figure 1: Context for this Lab
The LAN also uses a traditional distribution/access 2-tier design, as seen at the bottom of Figure 1. The access switches act as layer 2 switches, while the distribution switches act as layer 3 switches.
Focusing on the two routers (R1 and R2) and the two distribution switches (Dist1 and Dist2), the devices each use configuration and behave like routers on the links between them. Routers route the packets received on their interfaces just because of the nature of routers. Layer 3 switches do not switch LAN frames received on an interface, as layer 2 switches do, but instead route packets received on an interface, just like a router.
For this lab, focus on four devices, as shown in Figure 2. Consider routers R1 and R2 to be pre-configured to route IP packets and learn routes with OSPF. You need to configure switches Dist1 and Dist2 to route IP packets, using the links shown in Figure 2 as routed ports and using the IP address/mask combinations as shown.
Figure 2: Specific Devices for this Lab
Once you understand the initial configuration, configure distribution switches Dist1 and Dist2 to make the ports shown in Figure 2 operate as routed ports. Use the following details:
- Enable IP routing on both Dist1 and Dist2.
- For the Dist1 and Dist2 ports per Figure 2, configure the ports as routed ports instead of as switched ports. Do NOT use Switched Virtual Interfaces (SVIs). That is, do NOT use VLAN interfaces.
- On those same ports, configure an IP address/mask as follows:
- Use the subnets shown in Figure 2.
- For the fourth octet on Dist1, use .3.
- For the fourth octet on Dist2, use .4.
- Enable OSPF on both Dist1 and Dist2 with these commands, supplied so that this lab can focus on the routed interface details:
- router ospf 1
- network 10.2.0.0 0.0.255.255 area 0
Initial Configuration
Layer 3 switches require the configuration of several IP-related features before they can route packets. None of those features come pre-configured for this lab. However, do the lab as if routers R1 and R2 have been pre-configured for all IP routing features per the design details listed in this lab. Layer 3 switches Dist1 and Dist2 should now exchange routes with R1 and R2 and be able to ping all the addresses on routers R1 and R2, and so on. To that end, the configuration on both routers already have:
- IP routing enabled (a default setting on all routers)
- OSPF enabled (assuming the use of the addressing plan for this lab)
- Interface IP addresses configured (per the addressing plan for this lab)
hostname R1
!
interface GigabitEthernet0/0
ip address 10.2.12.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 10.2.13.1 255.255.255.0
!
interface GigabitEthernet0/2
ip address 10.2.14.1 255.255.255.0
!
router ospf 1
network 10.2.0.0 0.0.255.255 area 0Example 1: R1 Config
hostname R2
!
interface GigabitEthernet0/0
ip address 10.2.12.2 255.255.255.0
!
interface GigabitEthernet0/1
ip address 10.2.23.2 255.255.255.0
!
interface GigabitEthernet0/2
ip address 10.2.24.2 255.255.255.0
!
router ospf 1
network 10.2.0.0 0.0.255.255 area 0Example 2: R2 Config
Answer Options - Click Tabs to Reveal
You can learn a lot and strengthen real learning of the topics by creating the configuration – even without a router or switch CLI. In fact, these labs were originally built to be used solely as a paper exercise!
To answer, just think about the lab. Refer to your primary learning material for CCNA, your notes, and create the configuration on paper or in a text editor. Then check your answer versus the answer post, which is linked at the bottom of the lab, just above the comments section.
You can also implement the lab using the Cisco Packet Tracer network simulator. With this option, you use Cisco’s free Packet Tracer simulator. You open a file that begins with the initial configuration already loaded. Then you implement your configuration and test to determine if it met the requirements of the lab.
(Use this link for more information about Cisco Packet Tracer.)
Use this workflow to do the labs in Cisco Packet Tracer:
- Download the .pkt file linked below.
- Open the .pkt file, creating a working lab with the same topology and interfaces as the lab exercise.
- Add your planned configuration to the lab.
- Test the configuration using some of the suggestions below.
You can also implement the lab using Cisco Modeling Labs – Personal (CML-P). CML-P (or simply CML) replaced Cisco Virtual Internet Routing Lab (VIRL) software in 2020, in effect serving as VIRL Version 2.
If you prefer to use CML, use a similar workflow as you would use if using Cisco Packet Tracer, as follows:
- Download the CML file (filetype .yaml) linked below.
- Import the lab’s CML file into CML and then start the lab.
- Compare the lab topology and interface IDs to this lab, as they may differ (more detail below).
- Add your planned configuration to the lab.
- Test the configuration using some of the suggestions below.
Download this lab’s CML file!
Network Device Info:
This table lists the interfaces listed in the lab exercise documentation versus those used in the sample CML file.
| Device | Lab Port | Â CML Port |
| Dist1 | G1/0/1 | G1/1 |
| Dist1 | G1/0/2 | G1/2 |
| Dist1 | G1/0/4 | G1/0 |
| Dist2 | G1/0/1 | G1/1 |
| Dist2 | G1/0/2 | G1/2 |
| Dist2 | G1/0/3 | G1/3 |
Lab Answers Below: Spoiler Alert
Lab Answers: Configuration (Click Tab to Reveal)
Lab Answers
Figure 1: Layer 3 Topology for this Lab
ip routing
!
interface GigabitEthernet1/0/1
no switchport
ip address 10.2.13.3 255.255.255.0
!
interface GigabitEthernet1/0/2
no switchport
ip address 10.2.23.3 255.255.255.0
!
interface GigabitEthernet1/0/4
no switchport
ip address 10.2.34.3 255.255.255.0
!
router ospf 1
network 10.2.0.0 0.0.255.255 area 0Example 1: Dist1 Config
ip routing
!
interface GigabitEthernet1/0/1
no switchport
ip address 10.2.14.4 255.255.255.0
!
interface GigabitEthernet1/0/2
no switchport
ip address 10.2.24.4 255.255.255.0
!
interface GigabitEthernet1/0/3
no switchport
ip address 10.2.34.4 255.255.255.0
!
router ospf 1
network 10.2.0.0 0.0.255.255 area 0Example 2: Dist2 Config
Commentary, Issues, and Verification Tips (Click Tabs to Reveal)
Lab Commentary
Although you configure a pair of switches for this lab, the configuration uses commands associated more with routing than switching because the lab enables routing on the switches.
First, most Cisco switches capable of routing – that is, layer 3 switching – require the ip routing global command. Note that in some switch models, you may also need to use another command to enable some low-level hardware functions in the switch ASIC so that the ASIC will perform routing. Because those commands vary from device to device, this lab does not require adding any such command.
Next, the lab specifically asks you not to use Switched Virtual Interfaces (SVIs) but instead use the physical ports as routed ports instead of as switch ports. Using the no switchport interface subcommand, you tell the switch to stop using layer 2 switching logic on the port but instead use layer 3 routing logic, making that port a routed port.
Once the switch treats a port as a routed port, it allows the direct configuration of an IP address and mask on the port. Note that before you issue the no switchport command, the ip address interface subcommand is rejected.
Finally, the two commands suggested to enable OSPF should enable OSPF on all three ports on each distribution switch, placing those in OSPF area 0. Both R1 and R2 use identical OSPF configuration. Once OSPF has time to form neighbor relationships and converge, all four devices should learn routes to all six subnets and be able to ping all other devices’ interface IP addresses.
Known Issues in this Lab
This section of each Config Lab Answers post hopes to help with those issues by listing any known issues with Packet Tracer related to this lab. In this case, the issues are:
| # | Summary | Detail |
| 1 | ASIC configuration | To perform this lab in Cisco PT, you do not need to use any hardware-focused command to enable IP routing entries in the switch ASIC, eg, sdm prefer lanbase-routing. On real switches, you might need to enable L3 switching with such a command. |
Why Would Cisco Packet Tracer Have Issues?
(Note: The below text is the same in every Config Lab.)
Cisco Packet Tracer (CPT) simulates Cisco routers and switches. However, CPT does not run the same software that runs in real Cisco routers and switches. Instead, developers wrote CPT to predict the output a real router or switch would display given the same topology and configuration – but without performing all the same tasks, an actual device has to do. On a positive note, CPT requires far less CPU and RAM than a lab full of devices so that you can run CPT on your computer as an app. In addition, simulators like CPT help you learn about the Cisco router/switch user interface – the Command Line Interface (CLI) – without having to own real devices.
CPT can have issues compared to real devices because CPT does not run the same software as Cisco devices. CPT does not support all commands or parameters of a command. CPT may supply output from a command that differs in some ways from what an actual device would give. Those differences can be a problem for anyone learning networking technology because you may not have experience with that technology on real gear – so you may not notice the differences. So this section lists differences and issues that we have seen when using CPT to do this lab.
Beyond comparing your answers to this lab’s Answers post, you can test in Cisco Packet Tracer (CPT) or Cisco Modeling Labs (CML). In fact, you can and should explore the lab once configured. For this lab, once you have completed the configuration, try these verification steps.Â
- The distribution switches act as layer 3 switches, routing IP packets. The links between the routers and layer 3 switches include six subnets. Confirm each switch has routes to all six of those subnets using the show ip route command.
- For each distribution switch, ping the IP address of the device on the other end of each link.
For those who copy the initial configs(just like me) :), don’t forget to enable the router interfaces.
Good tip almeidajoaodealmeida!
I thought “ip routing” would allow me to enter the IPs for the layer 3 switch but the key was actually “no switchport”. This is my big takeaway here.
Hi Wendell,
Once the Dist switches have learnt all of the different routes in the ospf area, should it not be possible to ping interfaces in the other subnets? For example, from Dist 1, should it not be possible to ping Dist 2’s G1/0/2 (10.2.24.3)? Just because I wasn’t able to do so after completing the lab on PT.
Thanks,
Sam
Sam,
I was able to ping just now. Maybe check the IP addresses again? I think it’s 10.2.24.4 for instance, not .3. I could ping 10.2.24.4 but not .3. From Dist1, I pinged 10.2.12.2, 10.2.13.3, 10.2.14.4, the addresses on the far side of the other three devices.
hello Grand Master,
thank you for your time, effort, and due diligence in managing content and questions via this method – greatly appreciated. tryna take the CCNA at the end of the month, so just running through some labs.
just one call out for this one –
“… area 0” missing from network command for OSPF.
TY!
You’re quite welcome, David.
Thanks for the tech edit assist! It’s just me, plus all ya’ll… appreciate the help!