Overview

When configuring a Layer 3 switch, it is important to properly understand the concept of ports on a Layer 3 switch.

Inside a Layer 3 switch there is a virtual router. And inside the Layer 3 switch, a virtual switch can be created by configuring VLANs. It is important to understand the concept of a port in a Layer 3 switch by imagining how the following three elements are related inside the Layer 3 switch.

  • Virtual Router
  • VLAN(Virtual Switch)
  • Port (Interface)

This page summarizes the association of the above elements inside the Layer 3 switch and the classification of ports.

Figure: Key Points of Layer 3 Switch Port Concept
Figure: Key Points of Layer 3 Switch Port Concept

Layer 2 ports and Layer 3 ports (interfaces)

First of all, the ports of a Layer 3 switch can be categorized into Layer 2 ports and Layer 3 ports(interfaces).

Layer 2 port(switchport)

A Layer 2 port is a port that connects to a VLAN (virtual switch) and is used to forward Ethernet frames.A port connected to one VLAN is called an access port. And a port connected to multiple VLANs is called a trunk port.

Layer 2 ports, access ports and trunk ports are collectively called “switchport”.

Layer3 port

A Layer 3 port is a port that is connected to the virtual router and configured with an IP address.Configuring IP addresses, in other words, interconnects IP networks. By configuring IP addresses on Layer 3 ports, Layer 3 switches interconnect networks.

The port that connects the VLAN to the virtual router is the Switched Virtual Interface (SVI). And the port that connects directly to the virtual router is called a routed port.

Figure: Layer 2 ports and Layer 3 ports (interfaces)
Figure: Layer 2 ports and Layer 3 ports (interfaces)

Access port

An access port is a port that is assigned to only one VLAN. And it is a port for forwarding Ethernet frames of the assigned VLAN.

To configure the access port, enter the following command in interface configuration mode.

Access Port Configuration

(config)#interface <interface-name>
(config-if)#switchport mode access
(config-if)#switchport access vlan <vlan-id>

<interface-name> : Interface name
<vlan-id> : VLAN ID to be assigned

The key point is that with the switchport access vlan command, “You’re connecting the port (interface) to the VLAN.”

Figure: Access port
Figure: Access port

Trunk port

A trunk port is a port that is assigned to more than one VLAN. It can forward Ethernet frames for multiple assigned VLANs. To separate the Ethernet frames of each VLAN, a VLAN tag is added to the Ethernet frames sent out from the trunk port. Note that Ethernet frames in the native VLAN are an exception, and no VLAN tag is added when they are sent out of the trunk port.

To configure the trunk port, enter the following command in interface configuration mode.

Trunk port configuration

(config)#interface <interface-name>
(config-if)#switchport trunk encapsulation {dot1q | isl}
(config-if)#switchport mode trunk

<interface-name> : Interface name

The key point is that with the switchport mode trunk command, “You’re connecting the port (interface) to the all VLANs in the switch.”

Figure: Trunk port
Figure: Trunk port

In the figure, the addition of VLAN tags is represented by the color of the Ethernet frames.

In Cisco, if you make a port a trunk port, that port will be assigned to all VLANs in the switch. You can also choose to limit the assignment to only certain VLANs.

SVI(Switched Virtual Interface)

SVI is a virtual interface connecting VLANs and the virtual router. A VLAN is mapped to an IP network; the appropriate IP address in the IP network corresponding to the VLAN is configured in the SVI. The VLAN (IP network) can then be connected by the virtual router inside the Layer 3 switch.

To create an SVI and configure its IP address, enter the following command.

SVI Configuration

(config)#interface vlan <vlan-id>
(config-if)#ip address <address> <subnetmask>

<vlan-id> : VLAN ID
<address> : IP Address
<subnetmask> : Subnet mask

The important point is that “SVI is an interface of the virtual router.”

Figure: SVI
Figure: SVI

Routed port

A routed port is a port that is directly connected to the virtual router. Since it is directly connected to the virtual router, the IP address can be configured directly as well as the router interface.

To use a port on a Layer 3 switch as a routed port directly connected to the virtual router, enter the following command in interface configuration mode.

Routed port Configuration

(config)#interface <interface-name>
(config-if)#no switchport
(config-if)#ip address <address> <subnetmask>

<interface-name> : Interface name you want to use as a routed port
<address> : IP address
<subnetmask> : subnet mask

Figure: Routed port
Figure: Routed port

Summary

Points

  • It is important to imagine how ” the virtual router,” “VLAN (virtual switch),” and “port (interface)” are associated inside the Layer 3 switch.
  • Ports that connect to VLANs are Layer 2 ports. Ports that connect to virtual routers are Layer 3 ports.
  • The access port is connected to only one VLAN and forwards only Ethernet frames in that VLAN.
  • Trunk ports are connected to multiple VLANs and forward Ethernet frames of multiple VLANs. In doing so, a VLAN tag is added.
  • SVI is a virtual interface that is created by configuration to connect the VLAN and the virtual router; the SVI is configured with an IP address corresponding to the VLAN.
  • The routed port is a port directly connected to the virtual router and can be directly configured with an IP address.

Related articles

ネットワークのおべんきょしませんか?
Access port : Port to be assigned to only one VLAN
https://www.n-study.com/en/vlan-detail/accessport/
There are two types of ports on a switch: access ports and trunk ports, depending on how the ports and VLANs are assigned. This section explains access ports in detail.

ネットワークのおべんきょしませんか?
Trunk port : Port assigned to multiple VLANs
https://www.n-study.com/en/vlan-detail/trunkport/
A trunk port is a port that can be assigned to multiple VLANs. When you want to create VLANs across switches, it is efficient to use trunk ports to connect between switches.

ネットワークのおべんきょしませんか?
Native VLAN
https://www.n-study.com/en/vlan-detail/native-vlan/
Ethernet frames with native VLANs do not have a VLAN tag added when they are forwarded over the trunk. This section explains how native VLANs work.

ネットワークのおべんきょしませんか?
Cisco Configuring and Verifying VLAN
https://www.n-study.com/en/vlan-detail/cisco-vlan-configuration/
This section describes how to configure and verify VLANs in Cisco.Let's imagine how VLANs and ports are connected inside the switch by VLAN configuration.

N-Study
Cisco VLAN Detailed Configuration Example | N-Study
https://www.n-study.com/en/vlan-detail/cisco-vlan-detailed-configuration-example/
This is an example of VLAN configuration in Cisco. The detailed step-by-step procedure will help you create a separate network with VLANs.

N-Study
Inter-VLAN routing by Layer 3 switch | N-Study
https://www.n-study.com/en/vlan-detail/intervlanrouting-l3swith/
In order to interconnect VLANs (networks) with Layer 3 switches, it is important to know how to configure IP addresses.There are two ways to configure an IP address on a Layer 3 switch.

ネットワークのおべんきょしませんか?
Cisco Configuring Inter-VLAN routing using Layer3 switch : SVI/routed port
https://www.n-study.com/en/vlan-detail/cisco-svi-routedport/
This is the configuration of a Layer 3 switch in Cisco, where the VLAN (network) is connected by configuring the IP address on the SVI or routed port.

N-Study
Cisco Layer3 Switch Basic Configuration Example | N-Study
https://www.n-study.com/en/vlan-detail/layer3switch-basic-configuration-example/
On a Layer 3 switch, configure IP addresses on the SVI/routed ports to interconnect the network (VLAN). Then, enable EIGRP so that it can exchange route information with other routers.

VLAN(Virtual LAN)