In this experiment the you will learn how to configure a Multi-Layer Switch (Layer-3) with some of

the main features that differentiate this equipment from the conventional switches. Multi-layer switches
can perform local network connectivity tasks that make the traditional switches, as well as being able to
perform routing of inter-network traffic that only routers can do.

In addition, the performance of a multi-layer switch is "always" better than that of any traditional router
because these multi-layer switches have high performance, performing all their tasks electronically on
carefully designed hardware for that purpose.

In the scenario presented in the figure above is poss l seen that there are four access switches
connecting the respective terminals machines and there are two VLANs (10 and 20). The access
switches are connected to a Multi-Layer Switch that is responsible for distributing connectivity across
the entire network, in addition to performing inter-VLAN routing.

An interesting feature of this scenario is that the addresses of all machines in the 192.168.10.0/24
subnet (associated with VLAN-10) and 192.168.20.0/24 (associated with VLAN-20) are distributed
automatically via DHCP. As a rule, as the DHCP service works by sending b roadcasts on the network to
locate a server, we would have to have a DHCP server unique to each subnet. However, this would be
an expensive and unfeasible option in an environment with more VLANs.

To remedy this problem the DHCP server will be installed on a subnet and administrative side apart
from the 192.168.10.0/24 and 192.168.20.0/24 subnets. This subnet will be linked to the VLAN-1
(standard are) and p ermitting the traffic broadcas t generated by the machines at the time of request
en dreços reaches the server, you must configure a function named relay-agent on the switch / router
so that it knows to forward all three áfego to broadcast to the specific address of the DHCP server on
the network Admn istrativa.

It should be noted that the DHCP server used in this lab is already properly configured with
thecorrect scope to offer addresses to the subnets. The server also already has an IP 192.168.0.1/24
assigned to it and its gateway is configured to be the address 192.168.0.254 . That is, the interface of the

1
switch that is connected to the server must be configured to be a routable port (layer-3) capable of
receiving this IP.

This can only be done in multi-layer switches that support different types of ports, which makes
essand equipment quite versatile. The ports of a multi-layer switch can be:

 Layer Port 2: This is the conventional port that has the FUNCI the nalidades b asic any port of a
switch, so it is also called and switchport. By default, the port of the multi-layer switches
always is will this mode , except in equ larger ipamentos used in the core of large networks;
 Layer 3 Port: Through the " switchport "commandin the interface configuration it is possible to
transform it into a router port, that is, a routable port in which we can configure an IP. So we can
say that a multi-layer switch is a router with high port density, since all its ports can routing .
 Virtual VLAN Port: This mode is intriguing because it allows the creation of a virtual interface
linked to a certain VLAN , so that this logical interface can be configured with an IP that will be
the gateway of all the machines that are members of this VLAN.

Note: In order for the reader to better understand the practical application of each of these types of
ports, all these options will be configured in this laboratory .

Configuring the Multi-Layer Switch (Layer-3)

Configuring the Multi-La Yer Switch in our scenario involves several aspects, and so I will exemplify this
configuration in separate steps so that the reader will better understand which task is associated with
each block of commands.

If we observe the behavior of the Spanning Tree Protocol (STP ) after the switches are already stable, it is
easy to identify that Swi tch DSW was not elected the root switch of the network. In order to create a
robust and symmetric network with the best possible performance, we will manuallyconfigure the DSW
priority so that it is the new root of the network (spanning -tree vlan ID priori ty 0), as can be observed
in the first block of commands.

Although multi-layer switches are able to route between networks, this behavior is usually not enabled
by default and we will use the "ip rout ing" command to explicitly allow it to routing between the
networks present in its routing table. We will use this step to already perform the main hostname
configurations, disable name resolution, define a domain of switches, create VLANs that will be used,
etc. In case the reader is not aware of these basic configurations, I recommend reading previous Lab06
from the book "Cisco Technology Labs" !

Switch> enable
Switch # configure terminal
Switch (config) # hostname DSW
DSW (config) # no ip domain-lookup
DSW (config) # ip routing aktifkan fungsi router
DSW (config) # vtp mode server (mengaktifkan mode server VTP) -VLAN Trunking Proto
DSW (config) # vtp domain CLASSROOM (membuat domaian vtp bernama CLASSROOM)
DSW (config) # vtp password PASSWORD memberi password domain VTP
DSW (config) # vlan 10 membuat VLAN ID baru 10
DSW (config-vlan) # name VLAN-10
DSW (config-vlan) # vlan 20
DSW (config-vlan) # name VLAN-20
DSW (config-vlan) # exit
DSW (config) # spanning-tree vlan 1,10,20 priority 0 SPT = untuk mengaktifkan mode Spaning Tree Proto
DSW (config) #

After these initial configurations have been made, in the sequence we will convert the f0 / 10 interface
(connected to the DHCP server) to a routable port ( in the switchport ) and then assign it the address
192.168.0.254/24, since this was the address gateway configured on the server. We will also
create two logical interfaces linked to each of the VLANs (labor interface vlan)and configure each IP
address to be the gateway of the subnets associated with their respectiveVLANs.
2
The logical interfaces will also use the command " helper-address ip " to redirect
traffic breaddcast generated in the respective VLAN s end to the erection of the DHCP server. Finally we
will configure the interfaces from f0 / 1 to f0 / 5 that interconnect the other access switches to load
information from all VLANs, in trunk mode .

DSW> enable
DSW # configure terminal
DSW (config) # int f0 / 10
DSW (config-if) # on switchport
DSW (config-if) # ip address 192.168.0.254 255.255.255.0
DSW (config-if) # int vlan 10
DSW (config-if) # ip address 192.168.10.254 255.255.255.0
DSW (config-if) # ip helper-address 192.168.0.1
DSW (config-if) # int vlan 20
DSW (config-if) # ip address 192.168.20.254 255.255.255.0
DSW (config-if) # ip helper-address 192.168.0.1
DSW (config-if) # int range f0 / 1 - 5
DSW (config-if-range) # switchport trunk encapsulation dot1q
DSW (config-if-range) # switchport mode trunk

Note: From this point on, you can use the "show ip route" command to display the routing table of the multi-
layer switch and note that the subroutines already exist for the interfaces in which we assign IPs.

Finally , note that in the interconnection between DSW and AS W4 we use two redundant links on
purpose so that we can now configure an aggregation of the two links, forming a logical port (calledport-
chann el ) equivalent to the sum of the two physical interfaces , according to commands insequence.

Iss is interesting for ensuring greater bandwidth between switches by balancing load across physical
links. Because STP blocks one of the ports to prevent loops from occurring , then one of the physical
links is idle, which may be a poor performance point of view on the network.

DSW> enable
DSW # configure terminal
DSW (config) # int range f0 / 4 - 5
DSW (config-if-range) # channel-group 1 mode on
DSW (config-if-range) # end
DSW #

Note : We will create the port-channel manually and note that we will repeat this procedure later on ports f0 /
23 and f0 / 24 of ASW4. It is also interesting to note that since we have created the aggregate logical port, then
STP does not block any of the individual links anymore, since for it there is only the logical port from that
configuration ...

Once you have done the above procedures, then our multi-layer switch is properly configured. In the
next step we will do the settings of dema is access switches for sociar its doors to its r espectivas VLANs.

Configuring the Convenient Access Switches

The configuration of the other access switches is simple enough and it is only a matter of their insertion
in the AULA (VTP) domain and the association of the ports with their respective VLANs.Specifi cally in
ASW4 esteremos setting manu almente aggregation with DSW. These settings are all brought in the
blocks below:

Switch> enable
Switch # configure terminal
Switch (config) # hostname ASW1
ASW1 (config) # ip domain lookup
ASW1 (config) # vtp domain CLASS
3
ASW1 (config) # vtp mode client
ASW1 ( config) # vtp password PASSWORD
ASW1 (config) # interface f0 / 24
ASW1 (config-if) # switchport mode trunk
ASW1 (config-if) # interface f0 / 1
ASW1 (config-if) # switchport mode access
ASW1 (config-if) # switchport access vlan 10
ASW1 (config-if) # interface f0 / 2
ASW1 (config-if) # switchport mode access
ASW1 (config-if) #switchport access vlan 20
ASW1 (config-if) # end
ASW1 #

Switch> enable
Switch # configure terminal
Switch (config) # hostname ASW2
ASW2 (config) # ip domain lookup
ASW2 (config) # VTP domain CLASS
ASW2 (config) # VTP mode client
ASW2 (config) # VTP password of password
ASW2 (config) # interface f0 / 24
ASW2 (config-if) # switchport mode trunk
ASW2 (config-if) # interface f0 / 1
ASW2 (config-if) # switchport mode access
ASW2 (config-if) # switchport access vlan 10
ASW2 (config-if) # interface f0 / 2
ASW2 (config-if) # switchport mode access
ASW2 (config-if) # switchport access vlan 20
ASW2 (config-if) # end
ASW2 #

Switch> enable
Switch # configure terminal
Switch (config) # hostname ASW3
ASW3 (config) # ip domain lookup
ASW3 (config) # vtp domain CLASS
ASW3 (config) # vtp mode client
ASW3 (config) # vtp password PASSWORD
ASW3 (config ) # interface f0 / 24
ASW3 (config-if) # switchport mode trunk
ASW3 (config-if) # interface f0 / 1
ASW3 (config-if) # switchport mode access
ASW3 (config-if) # switchport access vlan 10
ASW3 ( config-if) # interface f0 / 2
ASW3 (config-if) # switchport mode access
ASW3 (config-if) # switchport access vlan 20
ASW3 (config-if) # end
ASW3 #

Switch> enable
Switch # configure terminal
Switch (config) # hostname ASW4
ASW4 (config) # ip domain lookup
ASW4 (config) # vtp domain CLASS
ASW4 (config) # vtp mode client
ASW4 (config) # vtp password PASSWORD
ASW4 (config ) # range interface f0 / 23 - 24th
ASW4 (config-if-range) # switchport mode trunk

4
ASW4 (config-if-range) # channel-group 1 mode on
ASW4 (config-if-range) # interface f0 / 1
ASW4 (config-if) # switchport mode Access
ASW4 (config-if) # switchport access VLANs 10
ASW4 (config-if) # interface f0 / second
ASW4 (config-if) # switchport mode Access
ASW4 (config-if) # switchport access vlan 20
ASW4 (config-if-range) # end
ASW4 #

Great! THEow that have been performed the steps described above ness the ACTIVITY ade laboratory, it
is expected that the reader has a m ETTER understanding of the SPECTS practical involving the
configuration of a Multi-Layer Switch (Layer-3). The following commands can be used to check the status
of the settings:

Switch # show vlan

Switch # show interface trunk
Switch # show ip interface brief
Switch # show ip route
Switch # show ether-channel summary
Switch # show ether-channel port-channel

Source:

http://labcisco.blogspot.com/2013/03/configuracao-de-switch-multi-layer.html