Routing Features |
Routing Protocols
|
Interconnects Layer 3 networks using protocols such as Routing Information Protocol (RIP), Open Shortest Path First (OSPF)
Protocol, and Enhanced Interior Gateway Routing Protocol (EIGRP) configured under SVI
|
Yes |
IP Version 6 (IPv6)
|
Provides IPv6 support
|
Yes (Gibraltar 16.12) |
Network Address Translation (NAT)
|
Translates public IP addresses to private address pools, and private addresses to public IP addresses; SVI is typically used
as a NAT inside interface
|
Yes |
Dynamic Host Configuration Protocol (DHCP)
|
• DHCP server feature: Dynamically assigns private IP addresses to devices connected to the switch ports
• DHCP client feature: Allows the SVI to receive a dynamically assigned IP address
|
Yes |
Hot Standby Routing Protocol (HSRP)
|
Supports redundancy and high availability with a secondary device connected to the LAN with SVI, using HSRP
|
Yes |
Virtual Router Redundancy Protocol (VRRP)
|
Supports redundancy and high availability with a secondary device connected to the LAN with SVI, using VRRP
|
Yes |
Gateway Load Balancing Protocol (GLBP)
|
Supports redundancy and high availability with a secondary device connected to the LAN with SVI, using GLBP
|
Yes |
Policy-Based Routing (PBR)
|
Creates policy maps for routing decisions and QoS settings
|
Yes |
Point-to-Point Protocol (PPP) over Ethernet (PPPoE)
|
Provides PPPoE client support for a device (such as a DSL modem) connected to the switch port; typically used when the SVI
is the only interface available to provide backup using the external device
|
Yes |
Multicast
|
Provides multicast support for clients connected to the switch ports
|
No
|
VPN Routing and Forwarding (VRF)
|
Associates a VRF instance with an SVI to map VLANs to different logical or physical VPN WAN connections
|
Yes
|
Layer 2 Tunnel Protocol Version 3 (L2TPv3)
|
Provides LAN extension between remote sites; SVI is used as the Layer 2 tunnel termination point
|
Yes (17.2 or later)
|
Ethernet over MPLS (EoMPLS)
|
Provides Ethernet extension between remote sites; SVI interface used as the EoMPLS pseudowire attachment circuit
|
No
|
Security Features
|
IP Security (IPsec)
|
• Supports Easy VPN remote as the inside interface
• Provides IPsec tunnel termination on the SVI; typically used when SVI is the only interface available to provide backup
WAN connection with an external device (such as a DSL modem)
|
Yes
|
Generic Routing Encapsulation (GRE)
|
Provides GRE tunnel termination on the SVI;, typically used when SVI is the only interface available to provide backup WAN
connection with an external device (such as a DSL modem)
|
Yes
|
Firewall
|
Provides Firewall support for VLANs
|
No
|
Intrusion Prevention System (IPS)
|
Provides IPS support for VLANs
|
Yes
|
IP access control lists (ACLs)
|
Provides packet filtering to control network traffic and restrict the access of users and devices to the network
|
Yes
|
Network Admission Control (NAC)
|
Enforces NAC of endpoint devices connected to the VLAN
|
No
|
Auth-proxy
|
Authenticates inbound and outbound users connected to the VLAN
|
No
|
Quality-of-Service (QoS) Features |
Classification with standard and extended access list
|
Provides QoS classification with standard and extended access lists
|
No
|
Classification with IP type of service (ToS): IP precedence, differentiated services code point (DSCP), or destination address
|
Provides QoS classification with IP ToS bits
|
No
|
Classification with Network-Based Application Recognition (NBAR) with TCP
|
Provides QoS classification with NBAR TCP traffic
|
No
|
Class-based marking
|
Provides QoS marking based on user-defined traffic class with DSCP and IP precedence values
|
No
|
Policing
|
Limits the input or output transmission rate on SVI and specifies traffic handling policies when the traffic either conforms
to or exceeds the specified rate limits
|
No
|
Committed Access Rate
|
Limits the input or output transmission rate on SVI
|
No
|
Class-Based Traffic Shaping
|
Provides Generic Traffic Shaping based on user defined traffic class
|
No
|
Generic-Traffic Shaping
|
Limits the transmission rate of data to match the speed of the remote, target interface and helps ensure that the traffic
conforms to policies contracted for it
|
No
|
Weighted Random Early Detection (WRED)
|
Provides early detection of congestion and differentiated performance characteristics for different classes of service
|
No
|
Class-Based Weighted Fair Queue (CBWFQ)
|
Allocates bandwidth based on user-defined traffic class
|
No
|
Low-Latency Queue (LLQ)
|
Provides strict priority queuing with CBWFQ to allow delay-sensitive data such as voice to be dequeued and sent first, giving
delay-sensitive data preferential treatment over other traffic
|
No
|
Hierarchical QoS
|
Using a modular QoS command-line interface (CLI) in a hierarchical structure, provides a high degree of granularity for QoS
policies and helps meet complex service-level agreement (SLA) requirements
|
No
|
EVC under SVI
|
-
|
Yes (16.9.1)
|
NBAR on SVI
|
-
|
Yes (17.2)
|