Layer 3 Switch Routing – Detailed Explanation

1. What is Layer 3 Switching?

Definition: A Layer 3 switch is a high-performance hardware device capable of both Layer 2 switching (MAC-based) and Layer 3 routing (IP-based).
Purpose: To combine switching speed with the intelligence of routing, allowing efficient inter-VLAN routing, static and dynamic routing, and high-speed LAN performance.

2. Difference Between Layer 2 Switching and Layer 3 Routing

Feature	Layer 2 Switch	Layer 3 Switch / Router
Forwarding	MAC addresses (Layer 2)	IP addresses (Layer 3)
Routing Capability	No (except default gateway)	Yes (inter-VLAN, static, dynamic)
VLAN Routing	Needs Router-on-a-Stick	Uses SVIs (native)
Speed	Hardware-based (fast)	Hardware-based (fast L2 & L3)

3. Routing Capabilities of Layer 3 Switches

Inter-VLAN routing using Switch Virtual Interfaces (SVIs)
Static and dynamic routing protocol support (OSPF, EIGRP, RIP, etc.)
Hardware routing table for IP forwarding, similar to a router

4. Switch Virtual Interfaces (SVIs)

Concept: An SVI is a virtual interface on a switch associated with a VLAN. It acts as the default gateway for that VLAN’s devices.
Configuration Example (Cisco IOS):

interface vlan 10
 ip address 192.168.10.1 255.255.255.0
 no shutdown

interface vlan 20
 ip address 192.168.20.1 255.255.255.0
 no shutdown

5. Inter-VLAN Routing on Layer 3 Switch

SVIs enable internal routing between VLANs, eliminating the need for an external router.
Routing logic: Device in VLAN 10 sends to SVI 10 → routed to SVI 20 → sent to VLAN 20 device.

Example Diagram:

PC1 (192.168.10.10, VLAN 10) --SW-- PC2 (192.168.20.20, VLAN 20)
    |                                |
 SVI 10: 192.168.10.1     SVI 20: 192.168.20.1

6. Static Routing on Layer 3 Switch

Purpose: Manual routes for remote or stub networks, or default gateway to the Internet.
Example Configuration:

ip route 0.0.0.0 0.0.0.0 192.168.30.1   ! Default route
ip route 10.1.0.0 255.255.0.0 192.168.20.2

7. Dynamic Routing Protocols Support

Supports OSPF, EIGRP, RIP, and sometimes BGP (on high-end switches).
Enable routing:

ip routing

router ospf 1
 network 192.168.10.0 0.0.0.255 area 0
 network 192.168.20.0 0.0.0.255 area 0

Note: Some entry-level switches may only support static routing or a limited protocol set.

8. Routing Table and Forwarding

Layer 3 switches maintain a routing table, same as routers.
Forwarding decisions (both L2 and L3) are made in hardware (ASICs) for maximum speed.
Exam Tip: Use show ip route to view the switch’s routing table.

9. Layer 3 Switch vs. Router

Aspect	Layer 3 Switch	Router
Throughput	High (LAN optimized)	Lower, broader WAN features
Forwarding	Hardware-based (ASIC)	Hardware/software
WAN Support	Limited	Extensive (VPNs, security)

Use L3 switches for LAN core/distribution; routers for WAN/internet edge.

10. Configuration Commands

Purpose	Command Example
Enable L3 routing	`ip routing`
Create SVI	`interface vlan [vlan-id] ip address [ip-address] [mask] no shutdown`
Configure Routing Protocols	See above for OSPF example

11. Verification and Troubleshooting

Command	Purpose
show ip route	View routing table
show ip interface brief	Interface/SVI status and IPs
show running-config	Check switch/router config
ping / traceroute	Test inter-VLAN routing

Ensure SVIs are up and assigned to VLANs. Check hosts’ default gateways and VLAN assignments.

12. Security Considerations

Use Access Control Lists (ACLs) on SVIs or routed interfaces to restrict inter-VLAN or external access.
Segment sensitive data using VLANs and ACLs.

ip access-list standard BLOCK_VLAN20
 deny 192.168.20.0 0.0.0.255
 permit any

interface vlan 10
 ip access-group BLOCK_VLAN20 in

13. Scalability and Performance

Layer 3 switches are optimized for high-speed LAN interconnection.
Some limits apply: number of SVIs, routing table size, or supported protocols may be lower than full routers.
Best for large, multi-VLAN LANs needing fast inter-VLAN routing.

14. High Availability and Redundancy

Support for FHRP (HSRP, VRRP, GLBP) to provide gateway redundancy for SVIs.
Link aggregation (EtherChannel) for redundant/load-balanced uplinks.
Can participate in dynamic routing for fast failover and convergence.

📘 Example Scenario

Scenario:

VLAN 10: 192.168.10.0/24 (Staff)
VLAN 20: 192.168.20.0/24 (Student)
VLAN 30: 192.168.30.0/24 (Servers)

Layer 3 Switch Config:

ip routing

interface vlan 10
 ip address 192.168.10.1 255.255.255.0
 no shutdown

interface vlan 20
 ip address 192.168.20.1 255.255.255.0
 no shutdown

interface vlan 30
 ip address 192.168.30.1 255.255.255.0
 no shutdown

PCs in each VLAN use the respective SVI as their default gateway.
The switch performs high-speed, hardware-based routing between VLANs.

📑 Key Points and Exam Tips

SVIs enable inter-VLAN routing; ip routing must be enabled.
Layer 3 switches combine switch and routing logic for better LAN performance than Router-on-a-Stick.
Use show ip route and show ip interface brief for troubleshooting.
Apply ACLs to control traffic between VLANs.
Dynamic routing (OSPF/EIGRP) is supported on most Layer 3 switches.
Deploy Layer 3 switches at the LAN core/distribution; routers for WAN/Internet edge.
Enable FHRP (HSRP/VRRP/GLBP) for gateway redundancy.

Layer 3 Switch Routing Quiz

1. What main function does a Layer 3 switch perform besides Layer 2 switching?

A. Only MAC address filtering B. Firewall packet inspection C. IP address-based routing between VLANs D. DHCP server functions

Correct answer is C. Layer 3 switches combine switching and routing capabilities to route between VLANs.

2. What is a Switch Virtual Interface (SVI)?

A. A virtual Layer 3 interface associated with a VLAN acting as the VLAN's default gateway B. A physical interface used for trunking C. A management interface on a router D. A Layer 2 switching port

Correct answer is A. SVIs provide Layer 3 routing interfaces for VLANs on the switch.

3. How does inter-VLAN routing work on a Layer 3 switch?

A. Frames are switched at Layer 2 between VLANs B. Uses a connected router for routing C. VLANs must be merged into one VLAN D. Switch routes packets internally between SVIs of VLANs

Correct answer is D. Layer 3 switches route packets between VLANs internally using SVIs.

4. Which command enables Layer 3 routing on a Cisco switch?

A. vlan routing B. ip routing C. router enable D. enable routing

Correct answer is B. The command ip routing enables Layer 3 routing on Cisco switches.

5. What routing protocols are commonly supported on Layer 3 switches?

A. BGP only B. RIP only C. OSPF, EIGRP, and RIP D. MPLS and BGP only

Correct answer is C. Most Layer 3 switches support OSPF, EIGRP, and RIP for dynamic routing.

6. Which command shows the routing table on a Layer 3 switch?

A. show ip route B. show mac address-table C. show interfaces vlan D. show spanning-tree

Correct answer is A. show ip route displays the routing table.

7. What is the key difference between a Layer 3 switch and a traditional router?

A. Layer 3 switches cannot route VLAN traffic B. Routers use ASICs for hardware forwarding C. Layer 3 switches are slower D. Layer 3 switches combine hardware-based switching and routing optimized for LANs

Correct answer is D. Layer 3 switches combine fast hardware switching and routing optimized for LAN environments.

8. How can Access Control Lists (ACLs) be used in Layer 3 switching?

A. To assign IP addresses to VLANs B. To filter and restrict traffic between VLANs on SVIs C. To increase switch port speed D. To disable VLANs

Correct answer is B. ACLs restrict or filter traffic between VLANs on Layer 3 switch interfaces.

9. What is a typical limitation of Layer 3 switches compared to routers?

A. Cannot support VLANs B. Lack hardware-based forwarding C. Limited WAN interface and advanced routing/security features D. Cannot do static routing

Correct answer is C. Layer 3 switches focus on LAN performance, with limited WAN and security features.

10. Which command displays the IP addresses and status of SVIs on a Layer 3 switch?

A. show ip interface brief B. show vlan brief C. show running-config D. show interfaces trunk

Correct answer is A. This command shows SVIs' IPs and operational status.

← Back to Home