Difference between revisions of "SVI (Switch Virtual Interface)"

From Bauman National Library
This page was last modified on 11 April 2018, at 19:12.
(Example of setting SVI)
(Sources)
 
(4 intermediate revisions by 2 users not shown)
Line 17: Line 17:
 
Not limited to one link. Layer 2 EtherChannels can be used between the switches to get more bandwidth.
 
Not limited to one link. Layer 2 EtherChannels can be used between the switches to get more bandwidth.
 
Latency is much lower, because it does not need to leave the switch
 
Latency is much lower, because it does not need to leave the switch
An SVI can also be known as a Routed VLAN Interface (RVI) by some vendors<ref group="Источник">ICisco Systems, 2006, "Building Cisco Multilayer Switched Networks" (Version 3.0), Cisco Systems Inc. [Электронный ресурс]/ Дата обращения: 12.05.2017. Режим доступа: https://www.juniper.net/documentation/en_US/junos11.1/topics/concept/bridging-routed-vlan-interface.html</ref>.
+
An SVI can also be known as a Routed VLAN Interface (RVI) by some vendors<ref group="Source">Cisco Systems, 2006, "Building Cisco Multilayer Switched Networks" (Version 3.0), Cisco Systems Inc. / Дата обращения: 12.05.2017. Режим доступа: https://www.juniper.net/documentation/en_US/junos11.1/topics/concept/bridging-routed-vlan-interface.html</ref>.
  
==SVI in Cisco Switch<ref group="Источник">Cisco Switch [Xgu.ru library]/ Дата обращения: 12.05.2017. Режим доступа: http://xgu.ru/wiki/Cisco_Switch</ref>==
+
==SVI in Cisco Switch<ref group="Source">Cisco Switch [Xgu.ru library]/ Дата обращения: 12.05.2017. Режим доступа: http://xgu.ru/wiki/Cisco_Switch</ref>==
 
To switch traffic between the VLANs, you need to:
 
To switch traffic between the VLANs, you need to:
 
* enable ip routing  
 
* enable ip routing  
Line 72: Line 72:
  
 
==Example of SVI setup==
 
==Example of SVI setup==
Configure SVI (Switch Virtual Interface) for each VLAN and put an IP address on it. This IP address can be used for computers as their default gateway<ref group="Источник">InterVLAN Routing [Электронный ресурс]/ Дата обращения: 12.05.2017. Режим доступа: https://networklessons.com/cisco/ccnp-switch/intervlan-routing/</ref>.  
+
Configure SVI (Switch Virtual Interface) for each VLAN and put an IP address on it. This IP address can be used for computers as their default gateway<ref group="Source">InterVLAN Routing [Электронный ресурс]/ Дата обращения: 12.05.2017. Режим доступа: https://networklessons.com/cisco/ccnp-switch/intervlan-routing/</ref>.  
 
<console>
 
<console>
 
SW1(config)#ip routing
 
SW1(config)#ip routing
Line 116: Line 116:
  
 
==Sources==
 
==Sources==
{{reflist|group=Источник}}
+
 
 +
<references group="Source" />
 +
 
 +
{{reflist|group=Source}}
  
 
==Links:==
 
==Links:==
Line 122: Line 125:
 
*https://en.wikipedia.org/wiki/Switch_virtual_interface
 
*https://en.wikipedia.org/wiki/Switch_virtual_interface
 
*[https://supportforums.cisco.com/ Cisco Support Community]
 
*[https://supportforums.cisco.com/ Cisco Support Community]
 +
 +
[[ru:SVI (Switch Virtual Interface)]]

Latest revision as of 19:12, 11 April 2018

VLAN-interface, also known as SVI (Switch Virtual Interface) or RVI (Routed VLAN Interface) - is a virtual LAN (VLAN) of switch ports represented by one interface to a routing or bridging system. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from all switch ports associated with the VLAN. It provides routing and often serves as the default gateway for the local network segment. VLAN-interface is configured as a physical router interface: it is possible to assign IP, it participates in the VRRP, can have ACL, etc. You can imagine it as a physical interface within the switch, or, on the contrary, imagine that this is the switch routing interface, which terminates the VLAN.

General

One-to-one mapping between a VLAN and SVI

There is one-to-one mapping between a VLAN and SVI, thus only a single SVI can be mapped to a VLAN. By default, an SVI is created for the default VLAN (VLAN1) to permit remote switch administration. An SVI cannot be activated unless associated with a physical port.

SVIs are generally configured for a VLAN for the following reasons:

Allow traffic to be routed between VLANs by providing a default gateway for the VLAN. Provide fallback bridging (if required for non-routable protocols). Provide Layer 3 IP connectivity to the switch. Support bridging configurations and routing protocol. SVIs advantages include:

Much faster than router-on-a-stick, because everything is hardware-switched and routed. No need for external links from the switch to the router for routing. Not limited to one link. Layer 2 EtherChannels can be used between the switches to get more bandwidth. Latency is much lower, because it does not need to leave the switch An SVI can also be known as a Routed VLAN Interface (RVI) by some vendors[Source 1].

SVI in Cisco Switch[Source 2]

To switch traffic between the VLANs, you need to:

  • enable ip routing
  • VLAN must be created
  • must be created corresponding VLAN interface (switched virtual interfaces)

SVI-interface

It is, belonging to VLAN ports as one interface to the routing and switching functions in the system; created when the interface vlan; It supports routing protocols. SVI-interface is in state up, if the three conditions are satisfied: VLAN, which corresponds SVI, and there is an active switch in VLAN database SVI is not turned off administrative At least one level 2 interface belongs to the corresponding VLAN, it is in the up state and the STP forward.

Creating SVI interface and state

If you create a VLAN interface, but does not create the corresponding VLAN and does not include ip routing, the port will be able to "down down". After you create the corresponding VLAN, the port is able to "up down".

SVI autostate

Default SVI-interface switches to "down", if all of the interfaces that go into VLAN'a "down" state. Port can be excluded from checking the availability of the SVI-interface. To do this, use switchport autostate exclude command. Once the command applies to all VLAN, which are included in the interface. This can be useful for when a switch port is connected to the traffic analyzer or IDS.

Port exclusion: -sw(conf-if)# switchport autostate exclude

Layer 3 interface

Switch port to Layer 3 mode: switch(-if)# no switchport

Useful commands Cisco Switch

switchport host

sw(config-if)# switchport host

Commands of switchport host:

  • switches to access mode
  • switch on spanning-tree PortFast
  • switch off EtherChannel

switchport block

Reject unknown unicast and multicast packages: sw(config-if)# switchport block unicast sw(config-if)# switchport block multicast

mac address-table

Change the storage time of addresses in the switching table (default 300 seconds): sw(config)# mac address-table aging-time <0 | 10-1000000> [vlan <vlan-id>]

Create a static entry: sw(config)# mac address-table static <mac-addr> vlan <vlan-id> interface <int-id>

Command mac address-table static drop allows you to configure filtering by unicast MAC address. After specifying the MAC address, the switch will discard the traffic, which indicates the address of the sender or recipient. Syntax:

sw(config)# mac address-table static <mac-addr> vlan <vlan-id> drop 

Checkup: sw# show mac address-table static

Example of SVI setup

Configure SVI (Switch Virtual Interface) for each VLAN and put an IP address on it. This IP address can be used for computers as their default gateway[Source 3].

SW1(config)#ip routing
SW1(config)#interface vlan 10
SW1(config-if)#no shutdown
SW1(config-if)#ip address 192.168.10.254 255.255.255.0
SW1(config)#interface vlan 20
SW1(config-if)#no shutdown
SW1(config-if)#ip address 192.168.20.254 255.255.255.0
Status: "UP"

Start by enabling routing using the ip routing command. If you forget this your switch won’t build a routing table. Next step is to create a SVI for VLAN 10 and 20 and configure IP addresses on them.

Once you create a SVI and type no shutdown it will normally be “up” since it’s only a virtual interface, there are however a number of requirements or it will show up as “down”:

  • The VLAN has to exist in the VLAN database and it should be active.
  • At least one access or trunk port should use this VLAN actively and it should be in spanning-tree forwarding mode.

We have two computers in VLAN 10 and created a SVI for VLAN 10.:

SW1#show ip interface brief vlan 10
Interface              IP-Address      OK? Method Status                Protocol
Vlan10                 192.168.10.254  YES manual up         up
"UP/UP" while one interface shutdown

If we shutdown one interface nothing will change, the SVI will still show up/up because interface fa0/2 is still active.

Status of SVI when shutdown both interfaces

Once we shut both interfaces we don’t have anything active anymore in VLAN 10. As a result the SVI will go to up/down.

SW1#show ip interface brief vlan 10
Interface              IP-Address      OK? Method Status                Protocol
Vlan10                 192.168.10.254  YES manual up         down

Now if we want to exclude an interface from the SVI state. Make sure that whatever happens to interface fa0/2 doesn’t influence the SVI state:

SW1(config)#interface fa0/2
SW1(config-if)#switchport autostate exclude

You can use the switchport autostate exclude command. This means it won’t influence the state of the SVI interface anymore. Fa0/1 is the only interface that can now influence the SVI state, as soon as it goes down you’ll see that SVI state go down as well, even though fa0/2 is still up and running.

Sources

  1. Cisco Systems, 2006, "Building Cisco Multilayer Switched Networks" (Version 3.0), Cisco Systems Inc. / Дата обращения: 12.05.2017. Режим доступа: https://www.juniper.net/documentation/en_US/junos11.1/topics/concept/bridging-routed-vlan-interface.html
  2. Cisco Switch [Xgu.ru library]/ Дата обращения: 12.05.2017. Режим доступа: http://xgu.ru/wiki/Cisco_Switch
  3. InterVLAN Routing [Электронный ресурс]/ Дата обращения: 12.05.2017. Режим доступа: https://networklessons.com/cisco/ccnp-switch/intervlan-routing/

Cite error: Invalid <references> tag; parameter "group" is allowed only.

Use <references />, or <references group="..." />

Links: