About Layer 3 Interfaces
Layer 3 interfaces forward IPv4 packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLAN routing of Layer 2 traffic.
Routed Interfaces
You can configure a port as a Layer 2 interface or a Layer 3 interface. A routed interface is a physical port that can route IP traffic to another device. A routed interface is a Layer 3 interface only and does not support Layer 2 protocols, such as the Spanning Tree Protocol (STP).
All Ethernet ports are routed interfaces by default. You can change this default behavior with the CLI setup script.
Note |
The default mode for the Cisco Nexus® 3550-T switch interface is Layer 3. |
You can assign an IP address to the port, enable routing, and assign routing protocol characteristics to this routed interface.
You can also create a Layer 3 port channel from routed interfaces. For more information about port channels, see the Configuring Port Channels section.
Routed interfaces support exponentially decayed rate counters. Cisco NX-OS tracks the following statistics with these averaging counters:
-
Input packets/sec
-
Output packets/sec
VLAN Interfaces
A VLAN interface, or switch virtual interface (SVI), is a virtual routed interface that connects a VLAN on the device to the Layer 3 router engine on the same device. Only one VLAN interface can be associated with a VLAN, but you need to configure a VLAN interface for a VLAN only when you want to route between VLANs or to provide IP host connectivity to the device through a virtual routing and forwarding (VRF) instance that is not the management VRF. When you enable VLAN interface creation, Cisco NX-OS creates a VLAN interface for the default VLAN (VLAN 1) to permit remote switch administration.
You must enable the VLAN network interface feature before you can see configure it. The system automatically takes a checkpoint prior to disabling the feature, and you can roll back to this checkpoint. See the Cisco Nexus® 3550-T System Management Configuration section for information on rollbacks and checkpoints.
Note |
You cannot delete the VLAN interface for VLAN 1. |
You can route across VLAN interfaces to provide Layer 3 inter-VLAN routing by configuring a VLAN interface for each VLAN that you want to route traffic to and assigning an IP address on the VLAN interface. For more information about IP addresses and IP routing, see the Cisco Nexus® 3550-T Unicast Routing Configuration section.
The following figure shows two hosts connected to two VLANs on a device. You can configure VLAN interfaces for each VLAN that allows Host 1 to communicate with Host 2 using IP routing between the VLANs. VLAN 1 communicates at Layer 3 over VLAN interface 1 and VLAN 10 communicates at Layer 3 over VLAN interface 10.
Changing VRF Membership for an Interface
When you enter the vrf member command under an interface, you receive an alert regarding the deletion of interface configurations and to notify the clients/listeners (such as CLI-Server) to delete configurations with respect to the interface.
Entering the system vrf-member-change retain-l3-config command enables the retention of the Layer 3 configuration when the VRF member changes on the interface. It does this by sending notification to the clients/listeners to store (buffer) the existing configurations, delete the configurations from the old vrf context, and reapply the stored configurations under the new VRF context.
Note |
When the system vrf-member-change retain-l3-config command is enabled, the Layer 3 configuration is not deleted and remains stored (buffered). When this command is not enabled (default mode), the Layer 3 configuration is not retained when the VRF member changes. |
You can disable the retention of the Layer 3 configuration with the no system vrf-member-change retain-l3-config command. In this mode, the Layer 3 configuration is not retained when the VRF member changes.
Notes About Changing VRF Membership for an Interface
-
Momentary traffic loss may occur when changing the VRF name.
-
Only the configurations under the interface level are processed when the system vrf-member-change retain-l3-config command is enabled. You must manually process any configurations at the router level to accommodate routing protocols after a VRF change.
-
The system vrf-member-change retain-l3-config command supports interface level configurations with:
-
Layer 3 configurations maintained by the CLI Server, such as ip address and all OSPF/ISIS/EIGRP CLIs available under the interface configuration.
-
Loopback Interfaces
A loopback interface is a virtual interface with a single endpoint that is always up. Any packet transmitted over a loopback interface is immediately received by this interface. Loopback interfaces emulate a physical interface. You can configure up to 1024 loopback interfaces, numbered 0 to 1023.
You can use loopback interfaces for performance analysis, testing, and local communications. Loopback interfaces can act as a termination address for routing protocol sessions. This loopback configuration allows routing protocol sessions to stay up even if some of the outbound interfaces are down.
High Availability
Layer 3 interfaces support stateful and stateless restarts. After the switchover, Cisco NX-OS applies the runtime configuration after the switchover.
See the Cisco Nexus® 3550-T Unicast Routing Configuration section for complete information about high availability.
DHCP Client
Cisco NX-OS supports DHCP client for IPv4 and IPv6 addresses on SVIs, physical Ethernet, and management interfaces. You can configure the IP address of a DHCP client by using the ip address dhcp or ipv6 address dhcp command. These commands send a request from the DHCP client to the DHCP server soliciting an IPv4 or IPv6 address from the DHCP server. The DHCP client on the Cisco Nexus switch identifies itself to the DHCP server. The DHCP server uses this identifier to send the IP address back to the DHCP client.
When a DHCP client is configured on the SVI with the DHCP server sending router and DNS options, the ip route 0.0.0.0/0 router-ip and ip name-server dns-ip commands are configured on the switch automatically.
Limitations for Using DHCP Client on Interfaces
The following are the limitations for using DHCP client on interfaces:
-
This feature is supported only on physical Ethernet interfaces, management interfaces, and SVIs.
-
This feature is supported on non-default virtual routing and forwarding (VRF) instances.
-
The DNS server and default router option-related configurations are saved in the startup configuration when you enter the copy running-config startup-config command. When you reload the switch, if this configuration is not applicable, you might have to remove it.
-
You can configure a maximum of six DNS servers on the switch, which is a switch limitation. This maximum number includes the DNS servers configured by the DHCP client and the DNS servers configured manually.
If the number of DNS servers configured on the switch is more than six, and if you get a DHCP offer for an SVI with DNS option set, the IP address is not assigned to the SVI.
-
A Cisco Nexus 3550-T switch supports a maximum of 10 IPv4 DHCP clients.
-
DHCP relay and DHCP client configurations are incompatible and are not supported on the same switch. You must remove the DHCP relay configuration before configuring the DHCP Client on an interface.
-
When DHCP snooping is enabled on the VLAN whose SVI is configured with the DHCP client, the DHCP snooping is not enforced on the SVI DHCP client.
-
When configuring the IPv4 DHCP client, you must configure with the ipv4 address use-link-local-only command before the ipv4 address dhcp command.