Table Of Contents

Configuring Layer 3 Features

Configuring Ethernet Interfaces

Configuring Virtual LANs

Configuring IP Routing Protocols

Configuring IP Multicast Routing

Configuring Bridging

Configuring EtherChannel

Configuring Layer 3 Features

---

This chapter explains how to configure Layer 3 features, and includes the following sections:

• Configuring Ethernet Interfaces

• Configuring Virtual LANs

• Configuring IP Routing Protocols

• Configuring IP Multicast Routing

• Configuring Bridging

• Configuring EtherChannel

---

Note For more software configuration and command syntax information, refer to the Layer 3 Software Configuration Guide.

---

Configuring Ethernet Interfaces

Layer 3 switching supports Enhanced Gigabit Ethernet, Gigabit Ethernet, and Fast Ethernet interfaces. You can configure IP addresses, transmission speeds, and duplex modes on these interfaces.

---

Note Configure Enhanced Gigabit Ethernet interfaces in the same manner as Gigabit Ethernet interfaces.

---

Perform these steps:

	Command	Purpose
Step 1	Switch> enable	Enters privileged EXEC mode.
Step 2	Switch# configure terminal Switch(config)#	Enters global configuration mode.
Step 3	Switch(config)# interface {gigabitethernet | fastethernet} card/subcard/port Switch(config-if)#	Enters Ethernet interface configuration mode to configure a Gigabit Ethernet or Fast Ethernet interface.
Step 4	Switch(config-if)# negotiation auto or Switch(config-if)# speed {10 | 100 | auto} Switch(config-if)# duplex {full | half | auto}	Specifies the transmission speed and duplex negotiation mode for a Gigabit Ethernet interface. or Specifies the transmission speed and duplex mode for a Fast Ethernet interface.
Step 5	Switch(config-if)# ip address ip-address subnet-mask	Specifies the IP address and IP subnet mask to be assigned to the Ethernet interface.
Step 6	Switch(config-if)# exit Switch(config)#	Returns to global configuration mode. Repeat Steps 3 to 5 to configure another Ethernet interface.
Step 7	Switch(config)# end	Returns to privileged EXEC mode.
Step 8	Switch# copy system:running-config nvram:startup-config	Saves your configuration changes to NVRAM.

Example

Switch> enable

Switch# configure terminal

Switch(config)# interface gigabitethernet 0/0/0

Switch(config-if)# negotiation auto

Switch(config-if)# ip address 10.1.2.3 255.0.0.0

Switch(config-if)# end

Switch# copy system:running-config nvram:startup-config

Verifying

Switch# show interface gigabitethernet 0/0/0

GigabitEthernet0/0/0 is administratively down, line protocol is down

  Hardware is K1 Gigabit Port, address is 00d0.ba1d.3207 (bia 00d0.ba1d.3207)

  Internet address is 10.1.2.3/8

  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, rely 255/255, load 1/255

  Encapsulation ARPA, loopback not set, keepalive set (10 sec)

   Full-duplex mode, 1000Mb/s, Auto-negotiation, 1000BaseSX

Configuring Virtual LANs

Virtual LANs (VLANs) enable network managers to group users logically rather than by physical location. With VLANs, switches can support more than one subnet (or VLAN) on each switch, and can give routers and switches the opportunity to support multiple subnets on a single physical link.

Layer 3 switching software supports VLAN frame encapsulation through implementation of the Inter-Switch Link (ISL) protocol and the IEEE 802.1Q standard. ISL is a Cisco protocol for interconnecting multiple switches and maintaining VLAN information as traffic travels between switches. The IEEE 802.1Q standard provides a method for secure bridging of data across a shared backbone.

Perform these steps:

	Command	Purpose
Step 1	Switch> enable	Enters privileged EXEC mode.
Step 2	Switch# configure terminal Switch(config)#	Enters global configuration mode.
Step 3	Switch(config)# interface {gigabitethernet | fastethernet} card/subcard/port.subinterface Switch(config-subif)#	Enters subinterface configuration mode.
Step 4	Switch(config-subif)# encapsulation isl vlan-id or Switch(config-subif)# encap dot1q vlan-id native	Specifies ISL encapsulation for the Ethernet frames sent from this subinterface, with a header that maintains the specified VLAN ID between network nodes. or Specifies 802.1Q encapsulation for Ethernet frames sent from the subinterface, with a header that maintains the specified native VLAN ID between network nodes.
Step 5	Switch(config-subif)# bridge-group bridge-group	Assigns the subinterface a bridge group number. Note When you are configuring VLAN routing, skip this step.
Step 6	Switch(config-subif)# interface {gigabitethernet | fastethernet} card/subcard/port Switch(config-if)#	Enters interface configuration mode to configure the Ethernet main interface.
Step 7	Switch(config-if)# bridge-group bridge-group	Assigns the main interface to the bridge group.
Step 8	Switch(config-if)# exit Switch(config)#	Returns to global configuration mode.
Step 9	Switch(config)# bridge bridge-group protocol ieee	Specifies that the bridge group will use the IEEE Ethernet Spanning Tree Protocol.

Example

Switch> enable

Switch# configure terminal

Switch(config)# interface gigabitethernet 0/0/1.1

Switch(config-subif)# encapsulation isl 50

Switch(config-subif)# bridge-group 1

Switch(config-subif)# interface gigabitethernet 11/0/0

Switch(config-if)# bridge-group 1

Switch(config-if)# exit

Switch(config)# bridge 1 protocol ieee

Switch(config)# interface fastethernet 10/0/1.2

Switch(config-subif)# encapsulation isl 100

Switch(config-subif)# bridge-group 2

Switch(config-subif)# interface fastethernet 9/0/2

Switch(config-if)# bridge-group 2

Switch(config-if)# exit

Switch(config)# bridge 2 protocol ieee

Switch(config)# exit

Switch(config)# copy system:running-config nvram:startup-config

Verifying

Switch# show vlan 50

Virtual LAN ID:  50 (Inter Switch Link Encapsulation)

   vLAN Trunk Interface:   GigabitEthernet0/0/1.

   Protocols Configured:   Address:      Received:      Transmitted:

              Bridging        Bridge Group 1        0 

Switch# more system:running-config

!

<Information deleted>

!

interface GigabitEthernet0/0/1.1

 encapsulation isl 50

 no ip redirects

 no ip route-cache

 bridge-group 1

! 

<Information deleted>

!

Configuring IP Routing Protocols

IP routing is enabled by default on the switch router. For IP routing, you must configure the following values on the interface:

•Network address

•Subnetwork address

•IP subnet mask

You must also do the following global configurations:

•Select a routing protocol, such as the Enhanced Interior Gateway Routing Protocol (EIGRP) or the Routing Information Protocol (RIP).

•Assign IP network numbers without specifying subnet values.

Perform these steps for the routing protocol you want to configure:

	Command	Purpose
Step 1	Switch(config-subif)# enable	Enters privileged EXEC mode.
Step 2	Switch(config-subif)# configure terminal Switch(config-subif)#	Enters global configuration mode.
Step 3	Switch(config-if)# interfaceSwitch(config-if)# gigabitethernetSwitch(config)# fastethernetSwitch(config)# card/subcard/port Switch(config-subif)#	Enters interface configuration mode.
Step 4	Switch(config-subif)# ip address ip-address subnet-mask	Assigns an IP address and IP subnet mask to the Ethernet interface.
Step 5	Switch(config-subif)# exit Switch(config-if)#	Returns to global configuration mode.
Step 6	Switch(config-if)# router rip Switch(config)#	Defines RIP as the routing protocol and starts the RIP routing process.
Step 7	Switch(config)# networkSwitch# network-number	Specifies the IP address of the network of directly connected networks. The routing process associates interfaces with the appropriate addresses, and begins processing packets on the specified network.
Step 8	Switch> exit Switch#	Returns to global configuration mode.
Step 9	Switch(config)#router igrpSwitch(config)# autonomous-system-number {)#	Defines IGRP1 as the IP routing protocol. The autonomous-system-number is the autonomous system to which this switch router belongs.
Step 10	| network} network-number	Defines the directly connected networks that run IGRP. The network-number is the number of the network that is advertised by this switch router.
Step 11	Switch(config-if)#exit Switch(config-if)#	Returns to global configuration mode.
Step 12	Switch(config-if)# router eigrp autonomous-system-number Switch(config)#	Defines EIGRP as the IP routing protocol. The autonomous-system-number is the autonomous system to which this switch router belongs.
Step 13	Switch(config)# networkSwitch(config-router)#network-number	Defines the directly connected networks that run EIGRP. The network-number is the number of the network that is advertised by this switch router.
Step 14	Switch(config-router)# exit	Returns to global configuration mode.
Step 15	Switch(config-router)# router ospf process-id Switch(config)#	Defines OSPF2 as the IP routing protocol. The process-id identifies a unique OSPF router process. This number is internal to the switch router only; the process ID does not have to match the process IDs on other routers.
Step 16	Switch(config)# network network-address wildcard-maskSwitch(config-routerareaSwitch(config-router)# area-id	Assigns an interface to a specific area. The network-address is the address of directly connected networks or subnets. The wildcard-mask is an inverse mask used to compare a given address with interface addressing, to determine whether OSPF will use this interface. The area parameter identifies the interface as belonging to an area. The area-id specifies the area associated with the network address.
Step 17	exit Switch(config-router)#	Returns to global configuration mode.
Step 18	Switch(config)#router bgp autonomous-system Switch(config)#	Define BGP3 as the routing protocol, and starts the BGP routing process.
Step 19	Switch(config-router)#networkSwitch(config-router)# network-number mask network-mask route-mapSwitch(config-router)# route-map-name	Flags a network as local to this autonomous system, and enters it into the BGP table.
Step 20	Switch(config)#exit Switch(config)#	Returns to global configuration mode.
Step 21	Switch(config-router)#router isis	Defines IS-IS4 as the IP routing protocol.
Step 22	Switch(config-router)# net network-entity-title	Configures network entity titles (NETs) for the routing process; you can specify a name for a NET as well as an address.
Step 23	exit	Returns to global configuration mode.
Step 24	Switch(config-router)# interfaceSwitch(config)#gigabitethernetSwitch(config)# fastethernetSwitch(config-router)#card/subcard/port Switch(config-router)#	Enters interface configuration mode.
Step 25	ip router isis tag	Specifies that this interface should run IS-IS.
Step 26	Switch(config-router)# end Switch(config)#	Returns to privileged EXEC mode.
Step 27	Switch(config)# copy system:running-config nvram:startup-config	Saves your configuration changes to NVRAM.

1 IGRP = Interior Gateway Routing Protocol 2 OSPF = Open Shortest Path First 3 BGP = Border Gateway Protocol 4 IS-IS = Intermediate System-to-Intermediate System

Example

Switch> enable

Switch# configure terminal

Switch(config)# ip routing

Switch(config)# router rip

Switch(config-router)# network 192.168.1.1

Switch(config-router)# neighbor 192.168.2.1

Switch(config-router)# end

Switch# copy system:running-config nvram:startup-config

Verifying

Switch# show ip protocols

Routing Protocol is "rip"

  Sending updates every 30 seconds, next due in 18 seconds

  Invalid after 180 seconds, hold down 180, flushed after 240

  Outgoing update filter list for all interfaces is

  Incoming update filter list for all interfaces is

  Redistributing: rip

  Neighbor(s):

    192.168.2.1

  Default version control: send version 1, receive any version

  Routing for Networks:

    192.168.1.0

  Routing Information Sources:

    Gateway         Distance      Last Update

Distance: (default is 120)

Configuring IP Multicast Routing

IP multicast is a routing technique that allows IP traffic to be propagated from one source to a number of destinations, or from many sources to many destinations. Rather than sending one packet to each destination, one packet is sent to the multicast group identified by a single IP destination group address.

Perform these steps:

	Command	Purpose
Step 1	Switch(config-router)# enable	Enters privileged EXEC mode.
Step 2	configure terminal Switch(config-router)#	Enters global configuration mode.
Step 3	Switch(config)# ip multicast-routing	Enables IP multicast on the switch router.
Step 4	Switch(config)# interface {gigabitethernet | fastethernet} card/subcard/port Switch(config-if)	Enters interface configuration mode.
Step 5	Switch(config-if)# ip address ip-address subnet-mask	Assigns an IP address and subnet mask to the interface.
Step 6	[ip pim]dense-mode Switch(config-if)# sparse-modeSwitch#sparse-dense-modeSwitch#	Enables IP multicast routing on the interface. You can specify dense mode, sparse mode, or sparse-dense mode (for internetworks that include both cases).
Step 7	Switch> end Switch#	Returns to privileged EXEC mode.
Step 8	Switch(config)#copy system:running-config nvram:startup-config	Saves your configuration changes to NVRAM.

Example

Switch> enable

Switch# configure terminal

Switch(config)# ip multicast-routing

Switch(config)# interface fastethernet 1/0/0

Switch(config-if)# ip address 192.168.1.1 255.255.255.0

Switch(config-if)# ip pim dense-mode

Switch(config-if)# end

Switch# copy system:running-config nvram:startup-config

Verify

8540MSR# more system:running-config

!

<Information deleted>

!

ip multicast-routing

!

<Information deleted>

!

interface FastEthernet1/0/0

 ip address 192.168.1.1 255.255.255.0

 ip pim dense-mode

!

<Information deleted>

!

Configuring Bridging

Cisco IOS software bridging functionality combines the advantages of a spanning tree bridge and a full multiprotocol router. This combination provides the speed and protocol transparency of an adaptive spanning tree bridge, along with the functionality, reliability, and security of a router. Cisco IOS software supports transparent bridging for Ethernet.

Perform these steps:

	Command	Purpose
Step 1	Switch(config)#enable	Enters privileged EXEC mode.
Step 2	Switch(config)# configure terminal {	Enters global configuration mode.
Step 3	| bridge} bridge-groupSwitch(config-if)protocol ieee	Assigns a bridge group number, and defines a IEEE 802.1D standard Spanning Tree Protocol.
Step 4	Switch(config-if)# bridgeSwitch(config-if)# bridge-group [priority| number	Assigns a specific priority to the bridge, which assists the definition of the spanning tree root. The lower the priority, the more likely the bridge will be selected as the root. (Optional)
Step 5	| interface]gigabitethernetSwitch(config-router)# fastethernetSwitch#card/subcard/port Switch#	Enters interface configuration mode to configure the interface.
Step 6	bridge-groupSwitch> bridge-group	Assigns a network interface to a bridge group.
Step 7	Switch# bridge-groupSwitch(config)#bridge-groupSwitch(config)#path-cost value	Assigns a specific path cost to the bridged interface, which assists the definition of the spanning tree root. The lower the path-cost value, the more likely the bridge is selected as the root. (Optional)
Step 8	exit Switch(config)#	Returns to global configuration mode. Repeat Steps 5 to 7 to assign additional interfaces to a bridge group.
Step 9	end	Returns to privileged EXEC mode.
Step 10	copy system:running-config nvram:startup-config	Saves your configuration changes to NVRAM.

Example

Switch> enable

Switch# configure terminal

Switch(config)# interface port-channel 5

Switch(config-if)# ip address 209.165.200.225 255.255.255.224 

Switch(config-if)# no shutdown 

Switch(config-if)# exit

Switch(config)# bridge 5 protocol ieee

Switch(config)# bridge 5 priority 100

Switch(config)# interface gigabitethernet 0/0/7 

Switch(config-if)# bridge-group 5

Switch(config-if)# bridge-group 5 path-cost 250

Switch(config-if)# end

Switch# copy system:running-config nvram:startup-config

Verify

Switch# show bridge group

Bridge Group 5 is running the IEEE compatible Spanning Tree protocol

      Port 13 (GigabitEthernet0/0/7) of bridge group 5 is down 

Switch# more system:running-config

Building configuration...

!

<Information deleted>

!

interface GigabitEthernet0/0/7

 no ip address

 no ip directed-broadcast

 no ip route-cache cef

 no ip route-cache

 no ip mroute-cache

 shutdown

 bridge-group 5

 bridge-group 5 path-cost 250

 bridge-group 5 spanning-disabled

end

Configuring EtherChannel

EtherChannel is a trunking technology that groups together multiple full-duplex 802.3 Ethernet interfaces to provide fault-tolerant high-speed links between switches, routers, and servers. EtherChannel is a logical aggregation of multiple Ethernet interfaces. EtherChannel is designed primarily for host-to-switch connectivity or Inter-Switch Link (ISL) switch-to-switch connectivity (for example, connectivity to a Catalyst 5500 switch).

Configuring a Fast EtherChannel (FEC) or a Gigabit EtherChannel (GEC) consists of the following two-step process:

---

Step 1 Create an EtherChannel interface (port channel) and assign a network address.

Step 2 Assign the Fast Ethernet or Gigabit Ethernet interfaces (up to four) to the port channel.

---

---

Note When assigning interfaces to a specific port channel, the interfaces must all be Fast Ethernet, Gigabit Ethernet, or Enhanced Gigabit Ethernet. You cannot mix interface types within a single port-channel.

---

Perform these steps:

	Command	Purpose
Step 1	Switch(config)# enable	Enters privileged EXEC mode.
Step 2	{configure terminal |	Enters global configuration mode.
Step 3	} interfaceSwitch(config-if)port-channelSwitch(config-if)#channel-number	Creates the EtherChannel interface and enters interface configuration mode. The channel number can be from 1 to 64 for FECs and GECs.
Step 4	Switch(config-if)# ip address ip-address subnet-mask	Assigns an IP address and subnet mask to the EtherChannel interface.
Step 5	no shutdown	Enables the EtherChannel interface.
Step 6	exit	Exits interface configuration mode. Optionally, you can remain in interface configuration mode and enable other supported interface commands to meet your requirements.
Step 7	Switch(config-if)# interfaceSwitch(config)#gigabitethernetSwitch(config)# fastethernetSwitch#card/subcard/port Switch#	Enters interface configuration mode.
Step 8	Switch> no ip address	Disables the IP address. Note If the Fast Ethernet or Gigabit Ethernet interface already exists and has an IP address assigned, you must disable it before performing the next step. The Ethernet interface uses the IP address assigned to the EtherChannel interface.
Step 9	Switch# channel-groupSwitch(config)#channel-number	Assigns the Fast Ethernet or Gigabit Ethernet interfaces to the EtherChannel. The channel number must be the same channel number you assigned to the EtherChannel interface.
Step 10	Switch(config)# exit	Returns to global configuration mode. Repeat Steps 7 through 9 to add up to four Fast Ethernet or Gigabit Ethernet interfaces to the Fast EtherChannel.
Step 11	end Switch(config-if)#	Returns to privileged EXEC mode.
Step 12	Switch(config-if)# copy system:running-config nvram:startup-config	Saves your configuration changes to NVRAM.

Example

Switch> enable

Switch# configure terminal

Switch(config)# interface port-channel 5

Switch(config-if)# ip address 209.165.200.225 255.255.255.224 

Switch(config-if)# no shutdown 

Switch(config-if)# exit

Switch(config)# interface fastethernet 0/0/0

Switch(config-if)# no ip address

Switch(config-if)# channel-group 5

Switch(config-if)# end

Switch# copy system:running-config nvram:startup-config

Verify

Switch# more system:running-config

Building configuration...

Current configuration:

!

<Information deleted>

!

interface FastEthernet1/0/2

 no ip address

 no ip directed-broadcast

 no ip mroute-cache

 channel-group 5

end

!

<Information deleted>

!

interface Port-channel5

 ip address 209.165.200.225 255.255.255.224

 no ip directed-broadcast

 hold-queue 300 in

end 

!

<Information deleted>

!