08-20-2012 05:56 AM - edited 03-07-2019 08:26 AM
I have layer3 switch with 3 vlans on it. One of the 3 vlans, I don't want to it be used for intervlan routing. So I need it not to show up as conneted in the routing. This one vlan is really just Layer 2 traffic, but since I am running DHCP for that vlan on the switch, I need to create a L3 interface. Is there a way to turn intervlan routing for a vlan?
08-20-2012 06:03 AM
Hi,
you'll have to configure an ACL and apply it inbound on this SVI denying IP for the other vlans subnets as destination.
Regards.
Alain
Don't forget to rate helpful posts.
08-20-2012 06:10 AM
Use the passive interface command in case of OSPF, EIGRP or IGP
https://supportforums.cisco.com/thread/30240
Alessio
08-20-2012 06:45 AM
If your switch supports it put the VLAN in a new VRF. You will need to edit the DHCP scope on the switch but its just to add the VRF name. Other option is as cadet alain says and write some ACLs and apply them to the SVI. I'd write both inbound & outbound ACLs just to be sure. Make sure you allow BootP so DHCP continues to work - you will need to allow both broadcast & unicast for the informs it sends at half the renew time.
access-list 100 permit udp host 0.0.0.0 eq bootpc host 255.255.255.255 eq bootps
access-list 100 permit udp 10.1.1.0 0.0.0.255 eq bootpc host 10.1.1.1 eq bootps
Where 10.1.1.0/24 is the subnet and 10.1.1.1 is the SVI interface IP address.
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide