How To: Routing on a Layer 3 Cisco Switch

Posted on by

 

Well Everyone!

I wanted to put together a quick how to on how to configure layer 3 routing on Cisco switches. Before I begin lets go over some of the basics. Basically to do layer 3 routing on a Cisco switch you need a 3560 or newer or a Cisco Small Business 300 Series Switch or higher. The configuration I created below is for a Cisco 3750 Switch but should work on a 3560 or 300 series switch. The process is similar on other vendors but double check with their documentation before you begin.

Step 1. Rename the switch.


Switch(config)#hostname L3Router

Step 2. Create the VLANs that you want the Switch to be able to route between.


L3Router(config)# vlan 10
L3Router(config-vlan)# name Sales
L3Router(config-vlan)# exit
L3Router(config)# vlan 20
L3Router(config-vlan)#name Marketing
L3Router(config-vlan)# exit 
L3Router(config)# vlan 30
L3Router(config-vlan)# name Research
L3Router(config-vlan)# exit

Step 3. Create Switch Virtual Interfaces (SVI) (aka give the vlan an IP Addresses)


L3Router(config)# interface vlan 10
L3Router(config-if)# ip address 10.10.10.1 255.255.255.0
L3Router(config-if)# no shutdown
L3Router(config-if)# exit 
L3Router(config)# interface vlan 20
L3Router(config-if)# ip address 10.10.20.1 255.255.255.0
L3Router(config-if)# no shutdown
L3Router(config-if)# exit 
L3Router(config)# interface vlan 30
L3Router(config-if)# ip address 10.10.30.1 255.255.255.0
L3Router(config-if)# no shutdown
L3Router(config-if)# exit

Step 4. Enable Routing on the Switch. You might have to reboot the switch depending on model


L3Router(config)# IP Routing

Step 5. Configure the Default Gateway


L3Router(config)# ip default-gateway 10.10.10.254

Step 6. Add static routes from your router/firewall to the Layer 3 switch.

The network traffic will have to know how to get back to the switch. To fix this requirement, create static routes for each of your networks stating. “From the firewall to get to network X.X.X.X/XX go to the Layer 3 Switch.” Granted that will have to be translated into your Firewall/Router’s syntax but that is the information the Firewall/Router will require.

Step 7. Change DHCP Pools and statically assigned devices to the SVI of the VLAN.

By changing the Default Gateway of the computer to the Layer 3 switch it is allowing the Layer 3 switch to do the routing. If you don’t do this then routing won’t work as expected.

Step 8. (optional) configure routing protocol if able to or required to.

If your organization is big enough to require a routing protocol then configure the routing protocol that is compatible between all of your devices.