Difference between revisions of "SVI (Switch Virtual Interface)"

From Bauman National Library
This page was last modified on 11 April 2018, at 19:12.
Line 116: Line 116:
<references group="Source" />

Latest revision as of 19:12, 11 April 2018

VLAN-interface, also known as SVI (Switch Virtual Interface) or RVI (Routed VLAN Interface) - is a virtual LAN (VLAN) of switch ports represented by one interface to a routing or bridging system. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from all switch ports associated with the VLAN. It provides routing and often serves as the default gateway for the local network segment. VLAN-interface is configured as a physical router interface: it is possible to assign IP, it participates in the VRRP, can have ACL, etc. You can imagine it as a physical interface within the switch, or, on the contrary, imagine that this is the switch routing interface, which terminates the VLAN.


One-to-one mapping between a VLAN and SVI

There is one-to-one mapping between a VLAN and SVI, thus only a single SVI can be mapped to a VLAN. By default, an SVI is created for the default VLAN (VLAN1) to permit remote switch administration. An SVI cannot be activated unless associated with a physical port.

SVIs are generally configured for a VLAN for the following reasons:

Allow traffic to be routed between VLANs by providing a default gateway for the VLAN. Provide fallback bridging (if required for non-routable protocols). Provide Layer 3 IP connectivity to the switch. Support bridging configurations and routing protocol. SVIs advantages include:

Much faster than router-on-a-stick, because everything is hardware-switched and routed. No need for external links from the switch to the router for routing. Not limited to one link. Layer 2 EtherChannels can be used between the switches to get more bandwidth. Latency is much lower, because it does not need to leave the switch An SVI can also be known as a Routed VLAN Interface (RVI) by some vendors[Source 1].

SVI in Cisco Switch[Source 2]

To switch traffic between the VLANs, you need to:

  • enable ip routing
  • VLAN must be created
  • must be created corresponding VLAN interface (switched virtual interfaces)


It is, belonging to VLAN ports as one interface to the routing and switching functions in the system; created when the interface vlan; It supports routing protocols. SVI-interface is in state up, if the three conditions are satisfied: VLAN, which corresponds SVI, and there is an active switch in VLAN database SVI is not turned off administrative At least one level 2 interface belongs to the corresponding VLAN, it is in the up state and the STP forward.

Creating SVI interface and state

If you create a VLAN interface, but does not create the corresponding VLAN and does not include ip routing, the port will be able to "down down". After you create the corresponding VLAN, the port is able to "up down".

SVI autostate

Default SVI-interface switches to "down", if all of the interfaces that go into VLAN'a "down" state. Port can be excluded from checking the availability of the SVI-interface. To do this, use switchport autostate exclude command. Once the command applies to all VLAN, which are included in the interface. This can be useful for when a switch port is connected to the traffic analyzer or IDS.

Port exclusion: -sw(conf-if)# switchport autostate exclude

Layer 3 interface

Switch port to Layer 3 mode: switch(-if)# no switchport

Useful commands Cisco Switch

switchport host

sw(config-if)# switchport host

Commands of switchport host:

  • switches to access mode
  • switch on spanning-tree PortFast
  • switch off EtherChannel

switchport block

Reject unknown unicast and multicast packages: sw(config-if)# switchport block unicast sw(config-if)# switchport block multicast

mac address-table

Change the storage time of addresses in the switching table (default 300 seconds): sw(config)# mac address-table aging-time <0 | 10-1000000> [vlan <vlan-id>]

Create a static entry: sw(config)# mac address-table static <mac-addr> vlan <vlan-id> interface <int-id>

Command mac address-table static drop allows you to configure filtering by unicast MAC address. After specifying the MAC address, the switch will discard the traffic, which indicates the address of the sender or recipient. Syntax:

sw(config)# mac address-table static <mac-addr> vlan <vlan-id> drop 

Checkup: sw# show mac address-table static

Example of SVI setup

Configure SVI (Switch Virtual Interface) for each VLAN and put an IP address on it. This IP address can be used for computers as their default gateway[Source 3].

SW1(config)#ip routing
SW1(config)#interface vlan 10
SW1(config-if)#no shutdown
SW1(config-if)#ip address
SW1(config)#interface vlan 20
SW1(config-if)#no shutdown
SW1(config-if)#ip address
Status: "UP"

Start by enabling routing using the ip routing command. If you forget this your switch won’t build a routing table. Next step is to create a SVI for VLAN 10 and 20 and configure IP addresses on them.

Once you create a SVI and type no shutdown it will normally be “up” since it’s only a virtual interface, there are however a number of requirements or it will show up as “down”:

  • The VLAN has to exist in the VLAN database and it should be active.
  • At least one access or trunk port should use this VLAN actively and it should be in spanning-tree forwarding mode.

We have two computers in VLAN 10 and created a SVI for VLAN 10.:

SW1#show ip interface brief vlan 10
Interface              IP-Address      OK? Method Status                Protocol
Vlan10         YES manual up         up
"UP/UP" while one interface shutdown

If we shutdown one interface nothing will change, the SVI will still show up/up because interface fa0/2 is still active.

Status of SVI when shutdown both interfaces

Once we shut both interfaces we don’t have anything active anymore in VLAN 10. As a result the SVI will go to up/down.

SW1#show ip interface brief vlan 10
Interface              IP-Address      OK? Method Status                Protocol
Vlan10         YES manual up         down

Now if we want to exclude an interface from the SVI state. Make sure that whatever happens to interface fa0/2 doesn’t influence the SVI state:

SW1(config)#interface fa0/2
SW1(config-if)#switchport autostate exclude

You can use the switchport autostate exclude command. This means it won’t influence the state of the SVI interface anymore. Fa0/1 is the only interface that can now influence the SVI state, as soon as it goes down you’ll see that SVI state go down as well, even though fa0/2 is still up and running.


  1. Cisco Systems, 2006, "Building Cisco Multilayer Switched Networks" (Version 3.0), Cisco Systems Inc. / Дата обращения: 12.05.2017. Режим доступа: https://www.juniper.net/documentation/en_US/junos11.1/topics/concept/bridging-routed-vlan-interface.html
  2. Cisco Switch [Xgu.ru library]/ Дата обращения: 12.05.2017. Режим доступа: http://xgu.ru/wiki/Cisco_Switch
  3. InterVLAN Routing [Электронный ресурс]/ Дата обращения: 12.05.2017. Режим доступа: https://networklessons.com/cisco/ccnp-switch/intervlan-routing/

Cite error: Invalid <references> tag; parameter "group" is allowed only.

Use <references />, or <references group="..." />