Re: InterVlan routing on two L3 Switches

Gip · ‎12-19-2021

Hi, I'm trying to figure out how I should configure my two L3 switches in order to have interVlan routing.

At the moment only 2 VLAN exists on each switch, VLAN 1 and VLAN 2.

The two switches are connected by trunking and hosts within each VLAN can communicate even when connected on different switches, so it's all good from this point of view.

I then started configuring InterVlan routing by enabling ip routing, creating a SVI for each Vlan (interface vlan 1 already existed by default) to use as vlan gateway and setting up the default route toward the interface with Internet connectivity.

The problem I'm having is that when I do the same on the second switch, I cannot use the same ip addresses for the

SVI interfaces otherwise it will conflict with the SVI of the other switch, so now I'm wondering, do I need to create the SVI on the second switches or its hosts will use the first switch SVI as their gateway? If instead I should create the SVI, is it OK to use a different ip address and have therefore two gateways in each VLAN? and finally, should I replicate the same access lists and default route on the second switch?

I hope my questions make sense!

Thanks

Georg Pauwen · ‎12-19-2021

Hello,

are both switches supposed to be configured as layer 3 switches, or just one ? A switch with ip routing enabled essentially becomes a router. You need one SVI on both switches to connect, then you need different subnets on the Vlans connected to the switch (since you cannot do NAT with a switch). So basically the configs would look like this:

Switch 1

ip routing

!

interface GigabitEthernet0/0

description Link to Switch 2

switchport mode trunk

!

interface Vlan 1

ip address 192.168.1.1 255.255.255.0

!

interface Vlan 2

ip address 192.168.2.1 255.255.255.0

Switch 2

ip routing

!

interface GigabitEthernet0/0

description Link to Switch 1

switchport mode trunk

!

interface Vlan 1

ip address 192.168.1.2 255.255.255.0

!

interface Vlan 3

ip address 192.168.3.1 255.255.255.0

Gip · ‎12-19-2021

Ok I see it now, thanks!

I don't think I need both switches configured as layer 3 since it's the same vlans configured on both, right?

In your example both have ip routing enabled cause vlan 3 is not known to switch 1 and vlan 2 is not on switch 2,correct?

paul driver · ‎12-19-2021

Hello

@Gip wrote:

I don't think I need both switches configured as layer 3 since it's the same vlans configured on both, right?

Well that’s up to you and if you have a need to have gateway resiliency for your vlan users, if you do then you chould have L3 svi addressing on both L3 switches running a FHRP such as HSRP, this way either switch will have a specific ip address in the same vlan and also share a "Virtual" ip address so that you end users will use for their default gateway, if either svi interface faile then user won’t lose connectivity.

example:
sw1

interface Vlan 1
ip address 192.168.1.1 255.255.255.0
standby 1 preempt
standby 1 ip address 192.168.1.254
standby 1 priority 115

interface Vlan 3
ip address 192.168.3.1 255.255.255.0
standby 3 preempt
standby 3 ip address 192.168.3.254
standby 3 priority 115

etc..

sw2

interface Vlan 1
ip address 192.168.1.2 255.255.255.0
standby 1 preempt
standby 1 ip address 192.168.1.254

interface Vlan 3
ip address 192.168.3.2 255.255.255.0
standby 3 preempt
standby 3 ip address 192.168.3.254
etc..

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎12-20-2021

Hello,

--> In your example both have ip routing enabled cause vlan 3 is not known to switch 1 and vlan 2 is not on switch 2,correct?

Not really sure what you mean by that. A layer 3 switch with 'ip routing' enabled essentially becomes a router. In order to accomplish the inter-Vlan routing, you need just one of the switches to be a layer 3 switch. The configs would look something like below:

Switch 1

ip routing
!
interface GigabitEthernet0/0
description Link to Switch 2
switchport mode trunk
!
interface Vlan 1

ip address 192.168.1.1 255.255.255.0
!
interface Vlan 2
ip address 192.168.2.1 255.255.255.0
!
interface Vlan 3
ip address 192.168.3.1 255.255.255.0

Switch 2

interface GigabitEthernet0/0
description Link to Switch 1
switchport mode trunk
!
interface GigabitEthernet0/1
description Link to PC_1
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/2
description Link to PC_2
switchmode mode access
switchport access vlan 2
spanning-tree portfast
!
interface GigabitEthernet0/3
description Link to PC_3
switchmode mode access
switchport access vlan 3
spanning-tree portfast

paul driver · ‎12-20-2021

Hello

@Gip wrote:
At the moment only 2 VLAN exists on each switch, VLAN 1 and VLAN 2.

This is viable also, You can have multiple switches layer 3 routing in fact what you mention above could relate with a routed access layer design in which no vlan is extended to another switch and all communication from host/access switch and distribution/.core is done at layer3 , no spanning-tree to contend with?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul