Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
0
Helpful
2
Replies

Basics of Layer 3 switches

chief1200
Level 1
Level 1

‎11-19-2004 07:39 AM - edited ‎03-02-2019 08:04 PM

I'm the network admin at a small college. At a recent Cisco event I heard about Layer 3 switches and became curious about them. I know that they do routing based on IP address as opposed to switching based on MAC address on Layer 2 switches. Right now I'm trying to get my brain around this new power and if it would benefit my network, either now or down the line.

I currently have a Sonicwall 6 port firewall that may be replaced soon due to faulty design and their tech support's inability or lack of motivation to help us. I have a WAN link, DMZ, employee network, student network, and public network (one port is not used). The DMZ has only a few devices which all have static IP addresses. The employee, student, and public network each run at a different subnet range and the firewall access rules permit or deny users from one subnet accessing devices on another that they shouldn't have access to.

Since I've only got three subnets with clients, and the college is only at one campus, how could a Layer 3 switch help? I remember one of the other college's IT guys commenting that each of his buildings are running a different subnet. In that case I can see how a Layer 3 switch would help as it would be bringing together multiple subnets with similar access rights.

I noticed that in the manual for one of the Cisco Layer 3 switches that it can do some access rules. Are they fairly basic and not to the level that a firewall provides? In other words, could I have the employee, student, and public subnets go back to a single powerful Layer 3 switch and have one line go from there back to the firewall, thereby allowing me to use a 3 port firewall instead of a 6 port firewall?

Can you point me towards web sites or sections of sites that would be beneficial to understanding this?

Matthew

Labels:
0 Helpful
2 Replies 2

glen.grant
VIP Alumni
VIP Alumni

‎11-19-2004 07:58 AM

they are considered l2 ,l3 switches . You can use them as a standard l2 switch or configure them as layer 3 which is really what gives them added functionality . L3 switches are basically routers and you can do any type of ACL's that you need to deny or permit certain users on to a particular subnet .

0 Helpful

smif101
Level 4
Level 4

‎11-19-2004 07:59 AM

The easiest way to think about layer 3 switches is that it is a router with a lot of ethernet ports. You can say I want this port to be a regular layer 3 interface just like on a router and then the next 4 ports can just belong to a vlan. One useful thing is the use of Switched Virtual Interfaces too. Cisco has a lot of documents you can look at such as this page.

http://www.cisco.com/en/US/customer/tech/tk389/tk815/technologies_configuration_example09186a008019e74e.shtml

0 Helpful
Customers Also Viewed These Support Documents