Layer 2 and Layer 3 Flex Port Support

Table 1. Feature History

Feature Name

Release Information

Description

Layer 2 and Layer 3 Flex Port Support

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

Cisco vManage Release 20.11.1

Cisco SD-WAN Manager provides flex support on Layer 2 switchports on Cisco IOS XE Catalyst SD-WAN devices, allowing flexibility for LAN ports at Layer 2 to be converted to Layer 3 ports. You can configure the flex ports on Layer 2 as Layer 3 ports using feature profiles and CLI add-on profile.

Information About Layer 2 and Layer 3 Flex Port Support

With flex ports, you can configure a single switch port to operate as either a Layer 2 or Layer 3 port, depending on your specific requirements. The flex port connects the Cisco Catalyst SD-WAN device to a WAN link or another network device, and the operating mode (Layer 2 or Layer 3) is changed as needed to support different network topologies or connectivity requirements. You can configure flex ports using feature profiles and CLI add-on profile.

You can configure a port as either Layer 2 or Layer 3, depending on the requirements of the network. This provides greater flexibility in configuring the network and allows for a more optimized use of network resources.


Note

  • The flex ports are set to Layer 2 interface by default for Cisco ISR1100 series routers.

  • You can only convert Layer 3 ports back to Layer 2 ports that were previously Layer 2 flex ports.

Prerequisites for Layer 2 and Layer 3 Flex Port Support

A configuration group is mandatory to configure flex support. For more information on configuration groups see, Use the Configuration Group Workflows.

Restrictions For Layer 2 and Layer 3 Flex Port Support

  • Flex port support is enabled only on Cisco 1000 Series ISRs that have four or eight front-panel switch ports.

  • The last two ports of the front-panel fixed ports are the flex ports.

  • Flex Layer 2 and Layer 3 interfaces do not have PoE support because PoE is enabled only on the half lower number interfaces.

Use Cases for Layer 2 and Layer 3 Flex Port Support

  • The Layer 2 flex port support is helpful in scenarios where there is an existing Layer 2 network and needs to integrate with Cisco Catalyst SD-WANnetwork. In this case, the Cisco IOS XE Catalyst SD-WAN device can be configured to support Layer 3 connectivity, allowing the existing network to be seamlessly integrated with the Cisco Catalyst SD-WAN overlay network.

  • The Layer 3 flex port support is helpful when there are multiple Layer 3 networks that need to be interconnected. With flex support, the Cisco IOS XE Catalyst SD-WAN device can be configured to support Layer 2 connectivity, allowing the different networks to be interconnected and route the traffic.

Configure Layer 2 and Layer 3 Flex Port Support using Cisco SD-WAN Manager

Create a Configuration Group

For more information on creating a configuration group see, Use the Configuration Group Workflows.

Configure Layer 2 Support on Flex Ports

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates > Configuration Groups.

  2. Click adjacent to the configuration group name and choose Edit.

  3. Click the Service Profile in the Feature Profiles pane.

  4. Click Add Feature.

  5. From the feature drop-down list, choose Switchport. For more information on switchport see, Switchport.

  6. In the Add Feature pane, Enter a name for the switchport in the Name field.

  7. In the Description field, enter a description of the feature. The description can contain any characters and spaces.

  8. Configure the Basic Configuration options as needed.

  9. Navigate to the Interface tab and click Add Interface to add the flex interface. For more information on configuring the interface see, the table describing the options for configuring the switchport.

  10. Click Save.


    Note

    To change the mode of the flex port interface, remove all existing configurations associated with the flex port. If the flex port is referenced by other configurations, such as ip ftp source interface GigabitEthernet0/1 ensure you remove these references to prevent conflicts during reconfiguration.

    To configure an interface in Layer 3 mode, you must enable negotiation auto on the flex port interface. To turn off negotiation, you must configure negotiation auto, and then apply no negotiation auto.

Deploy the Device

Before You Begin

Ensure that one or more configuration groups are created so that you can choose a group from the list to deploy the associated devices.

Deploy Devices

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates > Configuration Groups.

  2. Click the icon adjacent to the respective configuration group and choose Edit.

  3. Click Associated Devices.


    Note

    Use the CLI Preview option to verify the configuration before deploying. The new configuration is highlighted in green color.

  4. Choose one or more devices, and then click Deploy.

Configure Layer 3 Support on Flex Ports

  1. Delete the flex port configuration from the switchport parcel in the configuration group to undo the layer 2 support configuration on flex ports. For more information on how to delete a feature see, Delete a Feature.

  2. Configure the Service Profile or Transport Profile feature parcels to configure a LAN VPN or VPN 0 as an L3 interface. For more information see, Configure Service VPN.

  3. Once the LAN VPN or VPN is configured, click the ... icon in the respective VPN interface and choose Add Sub Feature.

  4. In the Add Sub Feature drop-down list, choose Ethernet Interface. For more information see, Ethernet Interface.

  5. Configure the CLI Add-on Profile feature parcel. You can add the route-target CLIs through the CLI add-on profile. For more information see, CLI Profile. Add no switchport under flex port interface to the CLI configuration. 

    no switchport

    Note

    Use no switchport for Layer 3 mode and switchport for Layer 2 mode in the interface configuration.

Deploy Devices

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates > Configuration Groups.

  2. Click adjacent to the configuration group name and choose Edit.

  3. Click Associated Devices.


    Note

    Use the CLI Preview option to verify the configuration before deploying. The new configuration is highlighted in green color.

  4. Choose one or more devices, and then click Deploy.

Troubleshoot Layer 2 and Layer 3 Flex Port Support

Problem

Configuring Layer 2 flex port support failed.

Solution

Ensure that the flex port support configuration parcel added to the VPN interface (WAN/LAN) is deleted before the flex support is configured on layer 2 port.

Problem

Configuring Layer 3 flex port support failed.

Solution

  1. Ensure that the flex port support configuration is deleted from the switchport profile.

  2. Ensure that the add-on CLI profile configuration attached to the flex port contains the code line, no switchport added to it.