Networks Training

You are here: Home / Cisco Switches / How to Configure L2 and L3 InterVlan Routing on Cisco Nexus Switches

How to Configure L2 and L3 InterVlan Routing on Cisco Nexus Switches

Although we live in an era of network virtualization and software defined networking, the traditional hardware ethernet switch is still at the backbone of most networks.

cisco Nexus switch configuration

Cisco switches have been among the leaders in this field. The original Catalyst series of switches (running on IOS software) are still in production and powering millions of networked hosts.

The evolution of Data Center Networking has brought to the table new requirements for higher bandwidth, flexibility, programmability, automation, enhanced security etc. This is where Cisco Nexus switches come into play.

Nexus is the new Cisco brand of next generation switches (which include models such as 3000, 7000, 9000 series etc) for satisfying the needs of modern networks and data centers.

Cisco NX-OS (Nexus Operating System) is the software which is powering this new generation of switches and has many similarities (regarding command structure etc) with the traditional IOS software which has been in production for decades.

I have prepared this article to showcase a simple yet popular scenario using Nexus switches.

The example below will explain how to configure Layer 2 VLANs, Layer 3 Switch Virtual Interfaces (SVI) and Layer 3 Inter-VLAN routing using Nexus switches.

Note that I have published a similar scenario in the past which depicts how to implement Inter-VLAN routing using regular IOS switches in the article here.

As shown in the network diagram below, the topology includes two Nexus access switches (AccessSwitch 1 and AccessSwitch 2) and one Nexus Core Layer 3 switch for performing routing and communication between Layer 2 VLANs (i.e inter-VLAN routing).

Moreover, the Core Nexus switch is also connected to a border router with a pure Layer 3 Interface (Route Port) as we will see in the configuration below.

MORE READING:  Basic Cisco Switch Configuration

layer 2 and layer 3 inter vlan routing

 Here are the VLAN and IP Subnet details of our network topology:

  • VLAN 10 – HR Department – L3 Subnet 192.168.1.0/24
  • VLAN 20 – Finance Department – L3 Subnet 192.168.2.0/24
  • VLAN 30 – Guests – L3 Subnet 192.168.3.0/24

Note that if you only have the Layer 2 Access Switches in the network, hosts will be able to communicate only within the same VLAN but will not be able to talk to other hosts belonging to a different VLAN.

In order to establish inter-VLAN communication (i.e routing between hosts belonging to different VLANs) you need to have a Layer 3 routing engine in the network.

This L3 engine is provided by the Nexus Core Switch (which must have an appropriate Layer 3 image and license).

On the Core Switch, for each Layer 2 vlan we will configure an SVI (Switch Virtual Interface) which will serve as the default gateway for all hosts connected to that particular VLAN.

For example, hosts in VLAN 10 will have as default gateway the IP address 192.168.1.1.

Let’s now see the configuration below.

Configuration

Let’s see the configuration commands for each Nexus switch in our example scenario:

Configuration of Nexus Core L3 Switch

! First Create the Layer 2 VLANs

vlan 10
 name HR

vlan 20
 name Finance

vlan 30
 name Guests

! Now Create the Layer 3 SVI interfaces

feature interface-vlan
interface vlan 10
ip address 192.168.1.1/24
no ip redirects

feature interface-vlan
interface vlan 20
ip address 192.168.2.1/24
no ip redirects

feature interface-vlan
interface vlan 30
ip address 192.168.3.1/24
no ip redirects

! Next configure the physical interfaces (trunk ports and routed port)

interface ethernet 1/1
  description To AccessSwitch1
switchport 
switchport mode trunk
  no shutdown

interface ethernet 1/2
  description to AccessSwitch2
switchport 
switchport mode trunk
no shutdown

interface ethernet 1/3
  description to Border Router
no switchport
ip address 10.0.0.1/30
no shutdown

! Configure static default route towards the border router and save the config

ip route 0.0.0.0 0.0.0.0 10.0.0.2

copy running-config startup-config

Configuration of Nexus L2 Access Switch 1

! First Create the Layer 2 VLANs

vlan 10
 name HR

vlan 20
 name Finance

vlan 30
 name Guests

! Configure trunk port towards the Core Switch

interface ethernet 1/1
  description To CoreSwitch
  switchport mode trunk
  no shutdown

! Assign access ports to VLAN 10

interface ethernet 1/2
  switchport mode access 
  switchport access vlan 10
  no shutdown

interface ethernet 1/3
  switchport mode access
  switchport access vlan 10
  no shutdown

copy running-config startup-config

Configuration of Nexus L2 Access Switch 2

! First Create the Layer 2 VLANs

vlan 10
 name HR

vlan 20
 name Finance

vlan 30
 name Guests

! Configure trunk port towards the Core Switch

interface ethernet 1/1
  description To CoreSwitch
  switchport mode trunk
  no shutdown

! Assign access ports to VLAN 20 and VLAN 30

interface ethernet 1/2
  switchport mode access 
  switchport access vlan 20
  no shutdown

interface ethernet 1/3
  switchport mode access
  switchport access vlan 30
  no shutdown

copy running-config startup-config

NOTE

MORE READING:  Cisco Switch Layer2 Layer3 Design and Configuration

On the border router you must configure static routes towards 10.0.0.1 (core switch IP) in order to reach the 3 subnets connected to the three VLANs in the network.

Related Posts

Filed Under: Cisco Switches

Download Free Cisco Commands Cheat Sheets

Enter your Email below to Download our Free Cisco Commands Cheat Sheets for Routers, Switches and ASA Firewalls.

We use Elastic Email as our marketing automation service. By submitting this form, you agree that the information you provide will be transferred to Elastic Email for processing in accordance with their Terms of Use and Privacy Policy. Also, you allow me to send you informational and marketing emails from time-to-time.

About Harris Andrea

Harris Andrea is an Engineer with more than two decades of professional experience in the fields of TCP/IP Networks, Information Security and I.T. Over the years he has acquired several professional certifications such as CCNA, CCNP, CEH, ECSA etc.

He is a self-published author of two books ("Cisco ASA Firewall Fundamentals" and "Cisco VPN Configuration Guide") which are available on Amazon and on this website as well.

Comments

  1. Robert Wilford says

    In have applied twice for the ” Free Cisco Commands Cheat Sheets for Routers, Switches and ASA Firewalls” and I am not receiving it. Can you send a copy directly to my email.

  2. Jo Van Meter says

    Perhaps you could expand on this post with incorporating a scenario where you configure the two access switches in a VPC domain

  4. Soheil D.Amiri says

    hello Harris
    does this core configuration allow intervlan routing be happen ?
    i see that for IOS we use “ip route” command.
    thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.

Amazon Disclosure

As an Amazon Associate I earn from qualifying purchases.
Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.

Suggested Cisco Training

CISCO CERTIFICATION TRAINING
CISCO CCNA 200-120 TRAINING
CCNA SECURITY 640-554 TRAINING
CCENT ICND1 TRAINING
CISCO ICND2 TRAINING
CISCO CCNP TRAINING

BLOGROLL

Tech21Century
Firewall.cx