Within the Router Interfaces and Swap Ports weblog put up, I described why we have now swap ports and routed interfaces on layer-3 switches. One other weblog put up in the identical collection described the conceptual structure of a layer-3 swap:
- All interfaces are related to a VLAN-aware swap
- The swap interfaces might be entry or trunk interfaces.
- Every VLAN in a VLAN-aware swap could be related to an inside router via a VLAN interface.
Nevertheless, that’s not how we configure layer-3 switches. There’s a big hole between the conceptual configuration mannequin and the interior structure:
Configuration mannequin and inside structure of a layer-3 swap
That is how a layer-3 swap creates a routed interface:
- It takes a VLAN and declares it off-limits (an inside VLAN).
- It configures the bodily (routed) interface as a VLAN entry interface.
- It applies the configuration of the routed interface to the VLAN interface of the interior VLAN.
Routed interfaces on a layer-3 swap carried out with (yellow and blue) inside VLANs
Most trendy switching ASICs are restricted to 4096 VLANs, that means the interior VLANs overlap with the VLANs you configure. Fortuitously, most switches show the interior VLAN allocation with a command just like present vlan inside, permitting you to configure the VLAN vary reserved for the interior VLANs.
Lastly, how does a layer-3 swap implement subinterfaces on a routed interface? As anticipated:
- An inside VLAN is allotted for every routed subinterface.
- The VLAN tag specified for the routed subinterface is remapped into the interior VLAN tag.
Most switches help bidirectional remapping of port-level VLANs into inside VLANs, that are then used within the L2 lookups. This performance is just like the native VLAN implementation however makes use of VLAN-to-VLAN mapping as an alternative of no-tag-to-VLAN transformation.
The VLAN remapping performance should be used to implement routed subinterfaces (you might use the identical VLAN tag on completely different routed subinterfaces). It may also be uncovered on the switched ports and configured as VLAN translation or VLAN mapping.
- The configuration of the routed subinterface is utilized to the VLAN interface of its inside VLAN.
For instance, I configured two routed interfaces and two VLAN subinterfaces on an Arista EOS swap:
interface Ethernet1
no switchport
ip handle 172.16.2.1/24
!
interface Ethernet2
no switchport
!
interface Ethernet2.1
encapsulation dot1q vlan 1001
ip handle 10.1.0.1/30
!
interface Ethernet2.2
encapsulation dot1q vlan 1000
ip handle 10.1.0.5/30
The swap allotted 4 inside VLANs to cope with that configuration:
r1#present vlan inside utilization
1006 Ethernet2.1
1007 Ethernet2.2
1008 Ethernet2
1009 Ethernet1
It’s price noting that:
- A VLAN is allotted to the Ethernet2 interface though the interface has no IP addresses.
- The VLAN allotted to the Ethernet2.1 and Ethernet2.2 interfaces doesn’t match the encapsulation (VLAN tag) configured on the VLAN subinterfaces.
