Chapter 04: Maintaining and Troubleshooting Campus Switched Solutions (Part03)

Troubleshooting Switched Virtual Interfaces and Inter-VLAN Routing

The traditional distinction between routers and switches has become blurred over the past decade. Multilayer switches have taken over the role of the router in the campus LAN environment and are even being used in other Ethernet-based environments as a replacement for the traditional router. It is important that network engineers understand the differences between hardware-accelerated Layer 3 switching and software-based routing architectures and how these differences translate to the troubleshooting process that you would use to troubleshoot Layer 3 problems on a multilayer switch versus troubleshooting Layer 3 problems on a router. This section reviews multilayer switching concepts first. Diagnosing specific problems related to multilayer switching and switched virtual interfaces (SVIs) is discussed next.

Inter-VLAN Routing and Multilayer Switching

To further clarify the increasingly blurry distinction between a router and a switch, a multilayer switch is a “switch that can route.” On the other hand, you could create a “router that can switch” by inserting an Ethernet switching module in a modular router. Therefore, as far as troubleshooting is concerned, there is not that much difference between troubleshooting IP routing on a multilayer switch compared to troubleshooting IP routing on a router. Table 4-1 summarizes the similarities and differences between multilayer switches and routers.

Table 4-1: Similarities and Differences Between Multilayer Switches and Routers

Similarities	Differences
Both routers and multilayer switches use routing protocols or static routes to maintain information about the reachability and direction to network destinations (prefixes) and record this information in a routing table.	Routers connect heterogeneous networks and support a wide variety of media and interfaces. Multilayer switches typically connect homogenous networks. Nowadays LAN switches are mostly Ethernet only.
Both routers and multilayer switches perform the same functional packet switching actions: They receive a frame and strip off the Layer 2 header. They perform a Layer 3 lookup to determine the outbound interface and next hop. They encapsulate the packet in a new Layer 2 frame and transmit the frame.	Multilayer switches use specialized hardware to achieve wire-speed Ethernet-to-Ethernet packet switching. Low- to mid-range routers use multipurpose hardware to perform the packet-switching process. On average, the packet-switching throughput of routers is lower than the packet-switching throughput of multilayer switches.
	Routers usually support a wider range of features, mainly because switches need specialized hardware to be able to support certain data plane features or protocols. On routers, you can often add features through a software update.

From a troubleshooting perspective, the process of troubleshooting the control plane is exactly the same for routers and multilayer switches. There is no difference between troubleshooting OSPF or EIGRP on a multilayer switch compared to troubleshooting OSPF or EIGRP on a router. Therefore, you can use exactly the same toolkit of Cisco IOS commands on both routers and multilayer switches. Troubleshooting of data plane problems (like performance problems) is different, however, mainly because of the differences in the implementation of packet-switching process. Figure 4-17 depicts a Catalyst 6504 LAN switch and a Cisco 7206 router with some sample control and data plane commands.

Figure 4-17: Router, Multilayer Switch, Control Plane, and Data Plane

Routers use Cisco Express Forwarding (CEF) as the main packet-switching mechanism. The CEF Forwarding Information Base (FIB) and adjacency table are both stored in the router’s main memory and are consulted by the router to forward packets using the CEF switching method. The router builds the CEF data structures by combining information from a number of control plane data structures (the routing table and ARP cache, for example). Therefore, the information in the CEF data structures should accurately reflect the information in the control plane data structures. Under normal circumstances, checking the control plane data structures should suffice when you are troubleshooting IP routing. However, if you run into a situation where control plane information is correct, but packets are not being forwarded as expected, you might need to check the CEF data structures and verify that they are in line with the control plane information.

There are two main commands to check the CEF data structures:

• show ip cef: This command displays the content of the CEF FIB. The FIB reflects the content of the routing table with all the recursive lookups resolved already, and the output interface determined for each destination prefix. The FIB also holds additional entries for directly connected hosts, the router’s own IP addresses, and multicast and broadcast addresses.

• show adjacency: This command displays the content of the CEF adjacency table. This table contains the Layer 2 frame information, such as destination MAC address, that is used to encapsulate the egress packets forwarded using CEF FIB.

Multilayer switches also use CEF for Layer 3 packet switching. Just like routers, they build the CEF FIB and adjacency table in the main memory of the Route Processor (if an RP is present). In contrast to routers, however, multilayer switches do not just use these tables for packet forwarding, but they compile and download the information contained in the CEF (FIB) into the ternary content-addressable memory (TCAM). Using specialized hardware, multilayer switches forward packets at high speeds based on the information looked up by the TCAM. Using specialized hardware, multilayer switches forward packets at high speeds based on the information contained in the TCAM. The term often used for the specialized hardware used by switches is ASIC, which is an acronym for application-specific integrated circuit.

Although the exact process and the way information is stored in the TCAMs depends on the switch hardware architecture, it is generally possible to gather information about the state of the content of the TCAMs using Cisco IOS commands. To extract information about the forwarding behavior of switches from the TCAMs on some of the common Cisco Catalyst series switches, you can use the following commands:

• show platform: On the Catalyst 3560, 3750 and 4500 platforms, the show platform family of commands can be used to obtain detailed information about the forwarding behavior of the hardware.

• show mls cef: On the Catalyst 6500 platform, the show mls cef family of commands can be used to obtain detailed information about the forwarding behavior of the hardware.

Switched Virtual Interfaces and Routed Ports

The logical operation of a multilayer switch is easier to explain using a diagram similar to the one depicted in Figure 4-18. In Figure 4-18, a Catalyst 6504 is shown and its operation is logically compared to a pair of Layer 2 switches and a router in the middle section of the figure, combined.

Figure 4-18: A Logical Demonstration of a Multilayer Switch

Figure 4-18 depicts that the multilayer switch performs the plain switching function within a VLAN, such as VLAN 10 and VLAN 20. Interfaces (ports) Fa4/1 and Fa4/2 are in VLAN 10, and interface Gi3/1 is in VLAN 20; these interfaces are regular switch ports. For each of VLANs 10 and 20, the multilayer switch has a switched virtual interface (SVI) that the devices within each VLAN can use as their default gateway. Interface Fa4/3 is configured as a routed port, so it is not in a VLAN, and it has its own IP address. The multilayer switch routes between the two SVIs and the routed interface once IP routing is enabled.

A multilayer switch provides three different core functions in a single device:

• Layer 2 switching within each VLAN: The traffic is switched between the ports that belong to the same VLAN. This includes traffic associated to the same VLAN transiting through a trunk connection. The MAC address tables for different VLANS are logically separated. No IP or Layer 3 configuration is necessary for this task.

• Routing and multilayer switching between the local VLANs: To provide Layer 3 switching between VLANs connected to a switch, SVIs need to be configured. Using Cisco IOS CLI these interfaces are created using the interface vlan vlan-id command. You need to configure each of these SVIs with an appropriate IP address and subnet mask. Hosts on this subnet (VLAN) can use the SVI’s IP address as their default gateway. IP routing is not enabled by default; you must enable it using the global configuration mode ip routing command.

• Routing and multilayer switching between the local VLANs and one or more routed interfaces: Modern multilayer switches allow you to change the behavior of a regular physical switched port and make it a routed port using the no switchport command. When you do that, the port no longer belongs to any VLAN. In other words, the traffic on this port is not bridged (switched) to any other port, and there is no logical MAC address table associated to it. This port acts like a regular router interface and needs its own IP address and subnet mask. In the absence of this feature or because of a lack of interest, you can always connect a switch port or a trunk port to an external router. The features and tools available to and applicable to routed interfaces and SVIs are not identical at this moment; this is the main motivation behind converting a switched port to a routed interface rather than just using SVIs. For example, because an SVI is associated to a VLAN, its status depends on the status of that VLAN (not active, pruned, and so on); however, a routed interface has no dependency on any VLAN’s status.

Note

Traditionally on Layer 2 switches, the term port has been used, and on routers the term interface has been used. With the invention of multilayer switches (Layer 3 switches), Cisco IOS merely uses the term interface (in multilayer switches). However, in writings and speeches, many still refer to interfaces that only do switching as ports and refer to the interfaces that do not do switching and route instead as interfaces.

The main differences between SVIs and routed interfaces are as follows:

• A routed interface is not a Layer 2 port. This means that on a routed interface typical Layer 2 protocols that are enabled by default, such as STP and Dynamic Trunking Protocol (DTP), are not active.

• A direct relationship exists between the status of a routed interface and the availability of the corresponding directly connected subnet. When/if the interface goes down, the corresponding connected route is immediately removed from the routing table.

An SVI is not a physical interface, and so it generally does not fail, but its status directly depends on the status of the VLAN with which it is associated. The rule that Catalyst LAN switches use to determine the status of an SVI is that an SVI stays up as long as there is at least one port associated to the corresponding VLAN; that port has to be up and in the spanning-tree forwarding state. Note that this rule includes both access ports and trunks that have this VLAN in their allowed VLAN list. As a result, an SVI can only go down (and the corresponding connected subnet will be removed from the routing table) when the last active port in the VLAN goes down or loses its spanning-tree forwarding status.