Layer 3 interfaces, including VLAN interface, loopback interface, routed interface and sub- interface, share the same hardware resources. When configuring IP address, it is required that the IP address of different layer 3 interfaces in the same VRF cannot be in the same subnet. However, overlapped layer 3 interface addresses in different VRFs is supported.
NOTE:
To avoide conflict with the preserved interface names, the routed interface name and sub-interface name must start with the string "rif-". Otherwise, commit will fail with the error message "The name of interface must start with "rif-".
Routed Interface
All Ethernet ports are layer 2 interfaces by default. When you need to use an Ethernet port for layer 3 communication, you can enable the Ethernet port as a routed interface. The routed interface is a layer 3 interface which can be assigned an IP address and can be configured with a routing protocol for connecting to other layer 3 routing devices.
A routed interface can be enabled on a physical port or a LAG interface. You can use the following commands to configure the routed interface:
set vlans reserved-vlan <reserved-vlan>
set interface gigabit-ethernet <interface-name> routed-interface enable <true | false>
set interface gigabit-ethernet <interface-name> routed-interface name <string>
set interface aggregate-ethernet <lag-name> routed-interface enable <true | false>
set interface aggregate-ethernet <lag-name> routed-interface name <string>
When enabling an Ethernet port/LAG interface as a layer 3 routed interface, a name for the routed interface should be configured by using the command set interface gigabit-ethernet <interface-name> routed-interface name <string>. This name will be referred to as the “interface name” in other CLI commands.
Reserved VLANs need to be configured on the device before configuring the routed interface.
Routed interface is mutually exclusive with the following layer 2 features, you have to delete all of the following configurations on the interface before enabling it as a routed interface, otherwise the routed interface commands will fail to commit.
set interface gigabit-ethernet <interface-name> backup-port XX |
Besides the layer 2 features listed above, routed interface does not support Spanning Tree Protocol (STP) and MAC learning. However, the Layer 2 feature of LLDP is supported on an Ethernet port enabled as routed interface.
As a layer 3 interface, routed interface supports layer 3 routing protocols, such as BGP/OSPF/static route/IGMP/PIM/BFD, and features such as VRRP/VRF/ARP/ IPv6 Neighbor Discovery/VXLAN/DHCP relay.
After a routed interface is enabled, you have to configure the following node to bring the routed interface up. Only after this, the corresponding sub-interfaces can be used normally.
set l3-interface routed-interface <interface-name>
Layer 3 sub-interfaces can be configured on the routed interface, so as to extend more layer 3 functions on the same physical port or LAG interface and conduct more flexible network topology design. Here, we call the routed interface the parent interface.
Reserved VLAN
The physical port/LAG interface that enabled routed interface is still consuming a special VLAN, although it is not allowed to explicitly configure VLANs for the routed interface by using the following commands:
set interface gigabit-ethernet <interface-name> family ethernet-switching vlan members <vlan-id> set interface gigabit-ethernet <interface-name> family ethernet-switching native-vlan-id <vlan-id> set interface aggregate-ethernet <lag-name> family ethernet-switching vlan members <vlan-id> set interface aggregate-ethernet <lag-name> family ethernet-switching native-vlan-id <vlan-id> |
Reserved VLANs need to be configured on the device with the command set vlans reserved-vlan <reserved-vlan> before configuring routed interface. Whenever a routed interface is configured, the system will automatically assign a VLAN internally to the routed interface from the reserved VLANs in order of smallest to largest.
The system supports up to 128 reserved VLANs.
VLAN 1 cannot be used as a reserved VLAN.
A reserved VLANs are VLANs dedicated to the routed interfaces (sub-interfaces are not included) and cannot be used for other interfaces, or other VLAN functions, such as PVLAN.
Reserved VLAN is mutually exclusive with the following settings, before configuring, please delete all these commands that uses the reserved VLAN, otherwise the reserved VLAN command will fail to commit.
set protocols dhcp snooping vlan <vlan-id> |
Note that: If you want to modify the value of the reserved VLANs, all the routed interface configurations need to be removed first.
You can use the commands run show vlans and run show vlans routed-vlan to check the VLAN information of all routed interfaces. For example,
admin@Xorplus# set interface gigabit-ethernet te-1/1/2 routed-interface name rif-te2
admin@Xorplus# set interface gigabit-ethernet te-1/1/2 routed-interface enable true
admin@Xorplus# set interface gigabit-ethernet te-1/1/4 routed-interface name rif-te4
admin@Xorplus# set interface gigabit-ethernet te-1/1/4 routed-interface enable true
admin@Xorplus# set vlans reserved-vlan 80-85
admin@Xorplus# commit
admin@Xorplus# run show vlans
VlanID Vlan Name Tag Interfaces
------ ------------------ -------- ------------------------------------------------------
1 default untagged te-1/1/1, xe-1/1/1, xe-1/1/2, xe-1/1/3, te-1/1/3
xe-1/1/4, xe-1/1/5, te-1/1/5, xe-1/1/6, te-1/1/6
te-1/1/7, te-1/1/8, te-1/1/9, te-1/1/10, te-1/1/11
te-1/1/12, te-1/1/13, te-1/1/14, te-1/1/15, te-1/1/16
te-1/1/17, te-1/1/18, te-1/1/19, te-1/1/20, te-1/1/21
te-1/1/22, te-1/1/23, te-1/1/24, te-1/1/25, te-1/1/26
te-1/1/27, te-1/1/28, te-1/1/29, te-1/1/30, te-1/1/31
te-1/1/32, te-1/1/33, te-1/1/34, te-1/1/35, te-1/1/36
te-1/1/37, te-1/1/38, te-1/1/39, te-1/1/40, te-1/1/41
te-1/1/42, te-1/1/43, te-1/1/44, te-1/1/45, te-1/1/46
te-1/1/47, te-1/1/48
tagged
80 untagged te-1/1/2
tagged
81 untagged te-1/1/4
tagged
82 untagged
tagged
83 untagged
tagged
84 untagged
tagged
85 untagged
tagged
admin@Xorplus# run show vlans routed-vlan
VlanID Vlan Name Tag Interfaces Routed-interfaces
------ ------------------ -------- ------------ --------------------
80 untagged te-1/1/2 rif-te2
81 untagged te-1/1/4 rif-te4
NOTE:
|
Sub-interface
A layer 3 sub-interface is a virtual interface configured under a physical port or LAG interface, which has been enabled as a routed interface. The routed interface is called the parent interface. Sub-interface is a layer 3 interface, and you can configure IP address for it. This enables routing and communication between multiple VLANs configured under a single physical interface by dividing it into multiple sub-interfaces.
The sub-interface name is a string of up to 15 alphanumeric characters (including three special characters . – and @). The suggested naming convention for the sub-interfaces should be like this: parent name (for example, rif-ge2) followed by a period and then by a number that is unique to that sub-interface, for example, rif-ge2.1, rif-ge2.2 and so on.
As shown in the figure below, when a layer 3 device Switch B connects to a layer 2 network device Switch A through a routed interface. The ports of the Switch A are divided into different VLANs, in order for the layer 3 routed interface on Switch B to correctly identify different VLAN messages, it is necessary to create multiple sub-interfaces on the routed interface to correspond to the VLANs of downstream devices respectively. This ensures that users in different VLANs can communicate normally. We provide a detailed configuration process about this example in section Example for Configuring Routed Interface.
Figure 1. Routed Interface and Sub-interface Application
When creating a sub-interface, VLAN ID needs to be specified at the same time. Different sub-interfaces of the same parent interface cannot be configured to the same VLAN.
Different layer 3 interfaces belong to different subnets, and the sub-interfaces of different parent interfaces can be configured with the same VLAN. But even if they are in the same VLAN, the two sub-interfaces are in different flood domains.
When configuring the routed interface, you have to run the following command to bring up the parent routed interface. Only after this, the corresponding sub-interfaces can be used normally.
set l3-interface routed-interface <interface-name>
If the parent interface is down, then all of its sub-interfaces will also be down. When using the command set interface gigabit-ethernet <interface-name> disable true to disable the physical port, it will also bring down the associated routed interface and its sub-interfaces.
When sub-interfaces are used for inter-VLAN routing, the data flow will occupy the bandwidth of the entire physical interface. This can lead to communication bottlenecks when the network is busy. To balance the traffic load on the physical interface, it is recommended that the sub-interfaces be configured on multiple physical interfaces.
Pay attention to the following precautions before configuring the sub-interfaces:
- Enable the Ethernet port as a routed interface before configuring the sub-interfaces.
- Define the VLAN ID by using the command set vlans vlan-id <vlan-id> before configuring the sub-interface and adding to VLAN.
- The IP address for each sub-interface should be in a different subnet from all the other sub-interfaces under that parent interface. That is, the IP subnets of all the sub-interfaces should be unique under the same parent interface.
- It is not supported to configure MTU on the sub-interfaces. The sub-interfaces use the MTU value configured on the parent interface.
- On greyhound2 switches (including Dell N22xx series switches and N3208PX-ON), the sub-interface does not support user defined VRF and can only be used in the default VRF.
- The sub-interface of LAG port does not support user defined VRF and can only be used in the default VRF.