cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
1709
Views
5
Helpful
9
Replies

layer 3 at access layer

bluesea2010
Level 5
Level 5

Hi ,

 

I have two core switch and 25 stacked edge switches , there are around 50 vlans

 

If I want to configure layer3 at access layer

 

What is the pros and cons .

currently edge switches are in layer 2 and vlans are spanned between switches .

 

In one stack switches I have around 8 vlans are configured . If I want to change to l3 how can I do that

Thanks

 

9 Replies 9

Leo Laohoo
Hall of Fame
Hall of Fame

Stand up a new pair of core switches and configured for those VLANs.  Once it ready, move the links from the current ones to the news ones.  

Hi @Leo Laohoo 

 

What I mean currently vlan interfaces are configured on core switches and edge switces are  layer2 . I want to change to  the edge switches to layer3 ( l3 routing licenses are there )

I did not get your point , why should I have new pair of core ?

 

Thanks 

 


@bluesea2010 wrote:

 why should I have new pair of core ?


Regardless of the size of the network, think of ways to quickly roll back the config if things go sideways. 

Moving the physical link to a new pair of core with the "ideal" Layer 3 ready to go.  All new "configurations", to move from layer 2 to layer 3, will be limited to the access switches and it is easy to roll those back (reboot the switch).  

Jon Marshall
Hall of Fame
Hall of Fame

 

The two main advantages are that you limit STP to the access layer and you can use both uplinks as they are L3 although with VSS, vPC etc you can use both uplinks anyway. 

 

The main disadvantage is that you cannot have a vlan or more specifically an IP subnet on more than one access switch so you cannot span vlans as you do now. 

 

If you have 8 vlans on one access pair at the moment then you could not have any of those vlans on any other access layer switches. 

 

Jon

balaji.bandi
Hall of Fame
Hall of Fame

To do this you need downtime, convert from Layer 2 to Layer 3 at the Access level.

 

here is are the steps :

 

1.  you need to Prepare a p2p Interface between the Core and Access switch

2. Run some IGP so you Load Balance Traffic- if you have more than 1 Link to Core.

3. Configure Layer 3 interface SVI on access switches for the respected VLAN where it belongs to switch

4. bring up the Access to Core switch link to do the testing.

 

Note: to make this process work to understand if you have a spare switch, do the above steps, so you re familiar with when you doing on Live access switches.

 

Cons: if you big Block of IP and all VLAN stretched all over Access Layer same VLAN then you need to take a call for change to Layer3.

 

as you mentioned you already have a Layer3 License on Access, so you already invested money on the License here.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

@bluesea2010 
I follow your posts and I think you search for away bypass the FW "not config the FW to be GW for you Host"?
l3 access.jpg

So you think that change the Access SW to be the GW for host.
that have some limitation and you will re design all network.
Instead make the FW as Transparent Mode and this keep your design same except you need to add some VLAN where the VLAN number is different when pass FW.

This My opinion for your network.

Screen Shot 2022-04-09 at 1.38.09 PM.png

Hello
Pros - limits STP only within each access layer switch's thus no issue with stp l2 loops within the lan estate, no L2 blocking of links, host to host communication between vlans always routed, any FHRP not required, L3 convergence would be a lot quicker than L2 stp convergence

Cons - you cannot extended L2 vlan between the access-layer switches, each switch will have specific vlans assigned with a L3 addresses, meaning you cannot have the same vlans across multiple switches, so if your LAN requires vlan extension, a routed access-layer isnt viable.

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

bluesea2010
Level 5
Level 5

Hi @paul driver 

 

each switch will have specific VLANs assigned with an L3 address, you mean one VLAN on one switch ?

let's say I have a vlan 20 , the  subnet is 10.0.2.0/24 , if I split it to 10.0.2.0/25, and  one will be on one switch and another will be on second switch 

Thanks 

 

 

 

 

 

 

 

Hello

You could have multiple vlans per switch but their L3 subnets will be specific to that switch and advertised into the routing process as such now you have a routed access-layer -so you cannot have same L3 routed subnet on different switchs 


However if you cidr down a /24 into two /25 then  these two new subnets can be used on different switches so yes that’s applicable.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul