Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1989
Views
0
Helpful
4
Replies

L3 sub-interfaces and VLANs

Patrick Colbeck
Level 3
Level 3

‎07-09-2019 10:44 AM - edited ‎07-09-2019 10:45 AM

This is one that's just occurred to me and I have no L3 switches to lab it on.

I am planning a large scale VRF-Lite rollout and the following has occurred to me:

Are L3 sub-interfaces dot1q tags tied to the VLAN database on a L3 switch in anyway ?

Say I have an L2 access port assigned to VLAN 7 along with an associated SVI "interface VLAN 7" with and Ip address of 10.1.7.1/24. Can I then configure a L3 sub-interface with a dot11 tag of 7 and give it an IP address of 10.1.8.1/30 ?

If so can I then create another L3 sub-interface on a different physical port and also tag that with 7 and give it an IP address of 10.1.9.1/30?

What I suppose I am asking here is are the dot1q tags on L3 sub-interfaces only of local significance to that physical port or is the traffic exiting or arriving on them or even the VLAN allocation tied back to a normal L2 VLAN with the same ID on that switch or even other L3 sub-interfaces with the same dot1q id ?

If the VLAN IDs only have local significance on L3 sub-interfaces it would save on using a lot of VLANs up with say 20 VRFs and 20 L3 aggregation switch pairs under the core switches.

 

Labels:
0 Helpful
4 Replies 4

ElQueue
Level 1
Level 1

‎07-09-2019 11:26 AM

dotQ tags only matter in L2. Yes, the SVIs are tagged with that VLAN (so interface vlan 7 is tagged for VLAN 7). Traffic destined for that VLAN from outside that VLAN will "enter" there, and any traffic heading out of that VLAN to another will "exit" here. The SVIs are most useful when inter-vlan routing is concerned, where traffic can be routed from one SVI to another that's from the destination VLAN. So if VLAN 7 and VLAN 3 are on the same router, you can route traffic between them.
0 Helpful

Patrick Colbeck
Level 3
Level 3
In response to ElQueue

‎07-09-2019 11:14 PM

I know that. This question was more about L3 sub-interfaces such as those used when doing vrf-lite between L3 switches.

So below VLAN 7 and its access port ten 1/1 and SVI are all related but what about the sub-interface on ten 1/2.7 ?.

As ten 1/2 is not a switchport does this mean that the dot1q tagging it is using on the sub-interfaces is completely disconnected from the L2 switching on the rest of the switch ?

I have a hunch the answer depends on the particular switch architecture.

vlan 7

 

interface vlan 7

 ip address 10.1.8.1 255.255.255.0

 

int ten 1/1

 switchport access vlan 7

 

int ten 1/2

 no switchport

 int ten 1/2.7

  encap dot1q 7

  ip 10.1.7.1 255.255.255.0

 

 

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Patrick Colbeck

‎07-09-2019 11:47 PM

 

Can't give a definitive answer for your switch but I know that with 6500s and IOS 12.2 (old I know) that vlan IDs were global to the switch which meant you could not reuse vlan IDs as you want to here. 

 

I have not come across a switch where you can reuse vlans but then to be honest I have never tried to do what you are doing so need to look. 

 

Jon

0 Helpful

Patrick Colbeck
Level 3
Level 3
In response to Jon Marshall

‎07-10-2019 03:31 AM - edited ‎07-10-2019 03:39 AM

Me too Jon. Been a CCIE for nearly 25 years and the question never occurred to me before. I always just used different VLAN IDs. Its only the fact that this customer needs a large number of VRFs and they have a hundreds of VLANs already that got me thinking about a logical VLAN range for VRF dot1q tagging and then why have I always done it that way before and what's really going on.

0 Helpful
Customers Also Viewed These Support Documents