Layer3 connection to ISP

Unanswered Question
Jul 11th, 2007
User Badges:

Hi I have a plain layer3 link network /30 connection to our ISP. They also offer us a Layer2 possibility (802.1q trunk).

My question is how I set this up do I have to change my layer3 interface into a layer2 trunk.

What about traffic that is not destined for the remote VLAN do they get routed normally then?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Edison Ortiz Wed, 07/11/2007 - 06:48
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You would move your L3 information from the physical interface to a switch virtual interface (SVI) and make sure that VLAN participates in the dot1q trunk.

Is there a reason why you are moving from L3 P2P to L2 ? L2 will introduce STP issues into your environment and they need to be planned carefully.

770801tvdhaar Wed, 07/11/2007 - 06:58
User Badges:

As I stated in my first post, we are going to connect to a remote site using mpls and our ISP have changed their port to a dot1q trunk port and they have allocated vlan 535 to us.

So I assume we have to tag all packets intended for the remote vlan 535?

STP does indeed cause us to tread with caution. How do the rest of you do these types of connections?


Edison Ortiz Wed, 07/11/2007 - 07:11
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Understood, so VLAN 535 will be the provider's.

To move forward, create VLAN 535 and a transit VLAN. The transit VLAN will hold your L3 information in the dot1q trunk.

On the L2 interface (which is currently the L3 interface), configure trunking and only allow VLAN 535 and the transit VLAN on that trunk which in turn prunes all remaining VLANs.

Make sure to implement different VTP domains and secure the domains with a password between locations.

With STP, make sure the edge devices are STP root of all their VLANs, except the provider's VLAN and you need to select with edge device will be the STP root for the transit VLAN.

You need to have the same VLAN on both edge devices (/30 subnet) and they will communicate the same as they are communicating now. The only difference, you are moving your L3 information from the physical port to the SVI.


This Discussion