Difference between revisions of "Cisco weird interfaces"
| Line 48: | Line 48: | ||
;Example configuration on a switch or EtherSwitch card | ;Example configuration on a switch or EtherSwitch card | ||
! create SVI interface for VLAN10 | <span style="color: blue">! create SVI interface for VLAN10</span> | ||
SW(config-if)#interface vlan 10 | SW(config-if)#interface vlan 10 | ||
SW(config-if)#ip address 10.1.1.1 255.255.255.0 | SW(config-if)#ip address 10.1.1.1 255.255.255.0 | ||
SW(config-if)#no | SW(config-if)#no shutdown | ||
! create SVI interface for VLAN20 | <span style="color: blue">! create SVI interface for VLAN20</span> | ||
SW(config-if)#interface vlan 20 | SW(config-if)#interface vlan 20 | ||
SW(config-if)#ip address 20.1.1.1 255.255.255.0 | SW(config-if)#ip address 20.1.1.1 255.255.255.0 | ||
SW(config-if)#exit | SW(config-if)#exit | ||
! enable Layer3 capabilities routing on a switch | <span style="color: blue">! enable Layer3 capabilities routing on a switch</span> | ||
SW(config)#ip routing | SW(config)#ip routing | ||
! add physical interfaces to the VLAN10 | <span style="color: blue">! add physical interfaces to the VLAN10</span> | ||
SW(config-if)#interface f0/0 | SW(config-if)#interface f0/0 | ||
SW(config-if)#no shutdown | SW(config-if)#no shutdown | ||
SW(config-if)# switchport mode access | SW(config-if)# switchport mode access | ||
SW(config-if)# switchport access vlan 10 | SW(config-if)# switchport access vlan 10 | ||
! and so on add physical interface to VLAN20 | <span style="color: blue">! and so on add physical interface to VLAN20</span> | ||
;References | ;References | ||
*[http://www.cisco.com/en/US/prod/collateral/routers/ps5853/prod_white_paper0900aecd8064c9f4_ps5855_Products_White_Paper.html Switch Virtual Interface for Cisco Integrated Services Routers] | *[http://www.cisco.com/en/US/prod/collateral/routers/ps5853/prod_white_paper0900aecd8064c9f4_ps5855_Products_White_Paper.html Switch Virtual Interface for Cisco Integrated Services Routers] | ||
Revision as of 18:02, 20 October 2013
NVI - NAT Virtual Interface
Not everyone knows that from IOS version 12.3(14)T, Cisco has introduced a new feature called NAT Virtual Interface; NVI removes the requirements to configure an interface as either NAT inside or NAT outside. An interface can be configured to use NAT or not use NAT.
How to use NVI? It’s easy! You must use the command ‘ip nat source …’ without specifying the inside/outside tag and enable the nat to the interfaces using the command ‘ip nat enable’.
For instance, if you use legacy statement:
R1(config)#interface range fastEthernet 0/0
R1(config-if-range)#ip nat inside
R1(config)#interface range fastEthernet 0/1
R1(config-if-range)#ip nat outside
R1(config)#ip nat inside source static 172.16.0.6 10.16.0.5
with NVI feature the nat will be:
R1(config)#interface range fastEthernet 0/0
R1(config-if-range)#ip nat enable
R1(config)#interface range fastEthernet 0/1
R1(config-if-range)#ip nat enable
R1(config)#ip nat source static 172.16.0.6 10.16.0.5
- References
SVI - Switch Virtual Interface
- Switch Virtual Interface for Cisco Integrated Services Routers
Cisco offers different flavors of integrated switching modules for the modular Cisco 3900, 3800, 2900, 2800, 1900 and 1800 Series Integrated Services Routers. Cisco 4- and 8-Port Gigabit Ethernet Enhanced High-Speed WAN Interface Cards (EHWICs) are used with Cisco 1900 series ISR G2 routers.
The integrated switch ports for the fixed-configuration Integrated Services Routers and the switch ports on the HWICs/EHWICs do not natively support Layer 3 addresses or Layer 3 features. They must be assigned to a SVI and use a VLAN interface for Layer 3 features. SVI represents a logical Layer 3 interface on a switch. In addition to basic routing, SVI can be used to support additional features for the network that the SVI represents.
A switch virtual interface (SVI) is a VLAN of switch ports represented by one interface to a routing or bridging system. There is no physical interface for the VLAN and the SVI provides the Layer 3 processing for packets from all switch ports associated with the VLAN.
There is one-to-one mapping between a VLAN and SVI, thus only a single SVI can be mapped to a VLAN. By default, a SVI is created for the default VLAN (VLAN1) to permit remote switch administration. An SVI cannot be activated unless associated with a physical port.
SVIs are generally configured for a VLAN for the following reasons:
- Allow traffic to be routed between VLANs by providing a default gateway for the VLAN.
- Provide fallback bridging (if required for non-routable protocols).
- Provide Layer 3 IP connectivity to the switch.
- Support bridging configurations and routing protocol.
- Conclusion
- SVI on Cisco Integrated Services Routers is designed to provide basic Layer 3 functions for the Layer 2 switch ports that belong to a specific VLAN. The SVI does not provide the same feature set and functions as the integrated Layer 3 Ethernet ports of the integrated services routers and should not be used to entirely replace the Layer 3 Ethernet ports. Customer who need additional Layer 3 Ethernet ports for their Integrated Services Routers may consider the use of 1- and 2-Port Fast Ethernet High-Speed WIC for modular ISR platforms. The guidelines presented in this document summarize feature support considerations for an Integrated Services Router deployment that uses SVIs.
- Example configuration on a switch or EtherSwitch card
! create SVI interface for VLAN10 SW(config-if)#interface vlan 10 SW(config-if)#ip address 10.1.1.1 255.255.255.0 SW(config-if)#no shutdown ! create SVI interface for VLAN20 SW(config-if)#interface vlan 20 SW(config-if)#ip address 20.1.1.1 255.255.255.0 SW(config-if)#exit ! enable Layer3 capabilities routing on a switch SW(config)#ip routing ! add physical interfaces to the VLAN10 SW(config-if)#interface f0/0 SW(config-if)#no shutdown SW(config-if)# switchport mode access SW(config-if)# switchport access vlan 10 ! and so on add physical interface to VLAN20
- References