- Preface
- Product Overview
- Virtual Switching Systems (VSS)
- IP Unicast Layer 3 Switching
-
- Cisco IOS ACL Support
- Cisco TrustSec (CTS)
- AutoSecure
- MAC Address-Based Traffic Blocking
- Port ACLs (PACLs)
- VLAN ACLs (VACLs)
- Policy-Based Forwarding (PBF)
- Denial of Service (DoS) Protection
- Control Plane Policing (CoPP)
- Dynamic Host Configuration Protocol (DHCP) Snooping
- IP Source Guard
- Dynamic ARP Inspection (DAI)
- Traffic Storm Control
- Unknown Unicast Flood Control
- IEEE 802.1X Port-Based Authentication
- Configuring Web-Based Authentication
- Port Security
- Lawful Intercept
- Online Diagnostic Tests
- Migrating From a 12.2SX QoS Configuration
- Index
Layer 3 Interfaces
Note ● For complete syntax and usage information for the commands used in this chapter, see these publications:
http://www.cisco.com/en/US/products/ps11846/prod_command_reference_list.html
- Cisco IOS Release 15.1SY supports only Ethernet interfaces. Cisco IOS Release 15.1SY does not support any WAN features or commands.
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum
Restrictions for Layer 3 Interfaces
When configuring Layer 3 interfaces, follow these guidelines and restrictions:
- We recommend that you configure no more than 2,000 Layer 3 VLAN interfaces.
- The ip unnumbered command is supported on Layer 3 VLAN interfaces.
- To support VLAN interfaces, create and configure VLANs and assign VLAN membership to Layer 2 LAN ports. For more information, see Chapter 16, “Virtual Local Area Networks (VLANs)” and Chapter15, “VLAN Trunking Protocol (VTP)”
- Use bridge groups on VLAN interfaces, sometimes called fall-back bridging, to bridge nonrouted protocols. Bridge groups on VLAN interfaces are supported in software on the route processor (RP).
- Cisco IOS Release 15.1SY does not support the IEEE bridging protocol for bridge groups. Configure bridge groups to use the VLAN-bridge or the DEC spanning-tree protocol.
- The PFC supports these features on LAN port Layer 3 subinterfaces:
– IPv4 unicast forwarding, including MPLS VPN
– IPv4 multicast forwarding, including MPLS VPN
– Counters for subinterfaces in MIBS and with the show vlans command
– Unidirectional link routing (UDLR)
– Multicast routing monitor (MRM)
– Multicast source discovery protocol (MSDP)
- Always use the native keyword when the VLAN ID is the ID of the IEEE 802.1Q native VLAN. Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword.
- The VLAN IDs used for Layer 2 VLANs and Layer 3 VLAN interfaces are separate from any VLAN IDs configured on Layer 3 subinterfaces. You can configure the same VLAN ID on a Layer 2 VLAN or Layer 3 VLAN interface and on a Layer 3 subinterface.
- You can configure subinterfaces with any normal range or extended range VLAN ID in VTP transparent mode. Because VLAN IDs 1 to 1005 are global in the VTP domain and can be defined on other network devices in the VTP domain, you can use only extended range VLANs with subinterfaces in VTP client or server mode. In VTP client or server mode, normal range VLANs are excluded from subinterfaces.
Note If you configure normal range VLANs on subinterfaces, you cannot change the VTP mode from transparent.
How to Configure Subinterfaces on Layer 3 Interfaces
To configure a subinterface, perform this task:
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.html
Participate in the Technical Documentation Ideas forum