Solved: Re: Layer 3 device connected to a port on a switch connected upstream as layer 2? - Page 2

CiscoPurpleBelt · ‎09-24-2019

So if you have a multi-layer switch which is connected via layer 2 switchport to another switch heading to main campus and/or out to core network devices, can you install another device let's say router or FW on a port configured for Layer 3 and traffic will be able to communicate fine as long as the layer 3 IP on the device and "NO Switchport" are in same subnet?

Joseph W. Doherty · ‎10-08-2019

Yes, if you have the SVI and the L3 port, that should work fine as long as routing is enabled on the L3 switch and the SVi and L3 link are in different networks.

As to whether to keep the path all L2, or not, much depends on how you want to manage your networks. Using a L3 to a FW or router would be better if you want to "share" that device with other parts of your network and/or want to implement ACL(s).

CiscoPurpleBelt · ‎10-08-2019

Just realized SVI and L3 port would be in same network so that would not work.
Yes the FW or RT still would have L3 interface with IP connecting to the L2 switchport.

Joseph W. Doherty · ‎10-08-2019

"Just realized SVI and L3 port would be in same network so that would not work."

Correct.

"Yes the FW or RT still would have L3 interface with IP connecting to the L2 switchport. "

That's fine; the FW or router would be like any other host connected to a L2 switch port.

CiscoPurpleBelt · ‎10-11-2019

Hi thanks! Is it better idea to just do L3 port on switch and l3 interface on FW/Rt or L2 switchport on switch and L3 interface on Rt/FW?