Switching Networking Theory

L3 Switch

Understanding Layer 3 switches that combine switching and routing capabilities for wire-speed inter-VLAN forwarding

L3 Switching

  • Layer 3 switch combines traditional switching (Layer 2) with routing capabilities (Layer 3) - operates at both data link and network layers
  • Performs inter-VLAN routing natively without requiring external router (eliminates router-on-a-stick bottleneck)
  • Uses hardware-based forwarding through specialized ASICs (Application Specific Integrated Circuits) for wire-speed routing
  • Maintains separate MAC address table for Layer 2 forwarding and routing table for Layer 3 decisions

Key Capabilities

  • VLAN Creation and Management: Creates broadcast domains and assigns ports to VLANs
  • Inter-VLAN Routing: Routes between VLANs using Switched Virtual Interfaces (SVIs)
  • Hardware-Based Routing: Processes routing decisions in hardware rather than software (much faster than traditional routers)
  • Layer 2 Switching: Standard switching functions within VLANs using MAC address table

Configuration Components

  • SVIs (Switched Virtual Interfaces): Virtual interfaces representing VLANs for routing purposes
    • Each VLAN needing Layer 3 connectivity requires an SVI
    • SVI acts as default gateway for devices in that VLAN
  • Routing Protocols: Can run OSPF, EIGRP, RIP, or static routing between VLANs and external networks
  • Access/Trunk Ports: Layer 2 port configurations remain the same as traditional switches

Comparison: L3 Switch vs Router vs L2 Switch

Feature L2 Switch L3 Switch Router
Primary Function MAC-based forwarding MAC + IP forwarding IP-based routing
Speed Wire-speed L2 Wire-speed L2 + L3 Software-based routing
Inter-VLAN Routing No Yes (hardware) Yes (software)
Port Density High (24-48+ ports) High (24-48+ ports) Low (2-8 ports)
Cost per Port Lowest Medium Highest
Routing Protocols No Yes Yes
WAN Interfaces No Limited Extensive

Use Cases and Deployment

Ideal Scenarios

  • Campus Networks: Core/distribution layer where high-speed inter-VLAN routing needed
  • Data Centers: Server farms requiring low-latency communication between subnets
  • Branch Offices: Single device providing both switching and routing (reduces equipment count)
  • High-Density Environments: When many devices need Layer 3 connectivity (wire-speed advantage critical)

When NOT to Use

  • WAN Connectivity: Limited WAN interface options compared to dedicated routers
  • Complex Routing: Advanced routing features may be limited compared to enterprise routers
  • Small Networks: Cost may not justify benefits over router-on-a-stick

Vocabulary

  • SVI (Switched Virtual Interface): Virtual Layer 3 interface representing a VLAN for routing purposes
  • ASIC (Application Specific Integrated Circuit): Specialized hardware chip designed for specific networking functions
  • Wire-Speed: Processing packets at full interface speed without introducing delay
  • CEF (Cisco Express Forwarding): Hardware-based forwarding mechanism used in L3 switches
  • FIB (Forwarding Information Base): Hardware table containing routing information for fast packet forwarding

Notes

  • L3 switches excel at high-speed inter-VLAN routing but may lack advanced WAN features - choose based on primary use case
  • SVI configuration requires ip routing command to be enabled globally on the switch
  • Not all switch models support Layer 3 functionality - verify licensing and hardware capabilities
  • Hardware-based routing performance degrades when using software-based features (ACLs, QoS, NAT)
  • Consider port licensing costs - some platforms require additional licenses for Layer 3 functionality
  • L3 switches typically support fewer routing table entries than dedicated routers (important for BGP environments)
  • Default gateway for each VLAN should point to the corresponding SVI IP address - critical for proper inter-VLAN communication

L3 Switch Basic and Common Commands

L3 Switch Commands

Global Configuration

ip routing

  • Enables Layer 3 routing globally
  • Required for inter-VLAN routing

interface vlan [vlan-id]

  • Creates SVI for specified VLAN
  • Enters VLAN interface config mode

SVI Configuration

ip address [ip] [subnet-mask]

  • Assigns IP to SVI interface
  • Acts as default gateway for VLAN

no shutdown

  • Activates the SVI interface
  • Must be enabled for routing

VLAN Assignment

vlan [vlan-id]

  • Creates VLAN in database
  • Required before creating SVI

switchport access vlan [id]

  • Assigns port to access VLAN
  • Standard L2 configuration

Routing Protocols

router ospf [process-id]

  • Enables OSPF routing process
  • Enters OSPF configuration mode

network [network] [wildcard] area [area]

  • Advertises networks in OSPF
  • Include SVI subnets

Verification

show ip route

  • Displays routing table
  • Shows connected VLAN subnets

show ip interface brief

  • Lists all interfaces and status
  • Shows SVI IP addresses

show vlan brief

  • VLAN database and port assignments
  • Verify VLAN exists before SVI

show interface vlan [id]

  • Detailed SVI interface information
  • Status, IP, MAC address

show ip route connected

  • Shows directly connected routes
  • Includes active SVI networks

Troubleshooting

ping [destination-ip]

  • Tests Layer 3 connectivity
  • Source from SVI if specified

show arp

  • ARP table entries
  • Verify L2/L3 address resolution

debug ip routing

  • Routing process debugging
  • Use cautiously in production

Example Configuration 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20

ip routing

vlan 10
 name Sales
vlan 20
 name Engineering

interface vlan 10
 ip address 192.168.10.1 255.255.255.0
 no shutdown

interface vlan 20
 ip address 192.168.20.1 255.255.255.0
 no shutdown

interface gi0/1
 switchport access vlan 10

interface gi0/2
 switchport access vlan 20