[c-nsp] 7600/6500 L3 vs SVI

Ian Cox icox at cisco.com
Fri Aug 5 20:05:45 EDT 2005 

At 12:15 PM 8/5/2005 -0400, Jon Lewis wrote:
>It's my understanding that on one of these swouters (I'm running
>Sup2/MSFC2/PFC2) a layer 3 interface is handled internally as an SVI.
>For flexibility, I think I'd prefer to actually configure all my layer 3
>interfaces as SVIs...since that makes it so much easier to transition them
>from one physical port to another, and AFAIK makes some more ACL features
>available.

No more ACL features are available for a L3 interface than for a SVI. 
The only thing you get with an SVI is the ability to apply VACLs to 
the VLAN, which may or may not be useful. A vlan gets used internally 
for an L3 interface but it gets special propertied of being made 
point to point, and MAC address learning does not take place on it, 
since it only present on one port. If you use SVIs MAC address 
learning is enabled because there can be more than one port in the vlan.

>Where I'm confused though, is if I define an SVI (say vlan 2000), and
>connect another switch to it (say a 3550), the 3550 sees that its on vlan
>2000.  If I configure the port as a layer 3 port, the 6500 still assigns a
>vlan number to it (perhaps vlan 4000), but the 3550 sees the connection as
>vlan 1.
>
>What config option am I overlooking that lets me configure the SVI as
>interface vlan2000, yet have connected switches think it's vlan 1?  I
>assume this is possible since it's what the 6500 does automatically when I
>configure the port as a layer 3 port.

Set the port to be an access port and turn off CDP since it will 
complain of vlan mismatch.
When the port is an L3 port CDP has no knowledge of the vlan, where 
with an switchport it does.

Ian

>----------------------------------------------------------------------
>   Jon Lewis                   |  I route
>   Senior Network Engineer     |  therefore you are
>   Atlantic Net                |
>_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list