cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3084
Views
13
Helpful
17
Replies

disable ip routing on sup720 ?

pbogaerts
Level 1
Level 1

Hi,

Is it possible to disable the layer 3 function on the sup720 in a cat6509E, as a step in the implementation of a secondary core we liked to have just only layer2 and not layer3, i was looking for a command "no ip routing" but couldn't find it in de ios

Thanks

1 Accepted Solution

Accepted Solutions

Hi Jon,

You are always welcome :)

Now coming to your questions "service internal" command is an engineering command and should not be used in live production network by any customer. There is no official documentation for the same.

As I mentioned in my previous post software Release 12.1(20)E and later, the support for disablement of IP routing has been removed but you mentioned you were able to do "no ip routing" on sup 720 running 12.2(18) code correct? If this is a case I am not sure why it worked may be service internal command is already enabled on the release which you are running. Not sure though. I have to dig more to find that informaion.

Your last question is very tricky and the most easy way is to check 'sh ip route" but "no ip routing" is not saved in configuration but when you issue this command we will see this command in show run as this is not the default behavior and non default commands are displayed in running config but when you reload the same it will be enable again.

So the crux of conversation is we cannot disable ip routing and to make sure there is no ruting happening just configure all physical ports as "switchport" and make sure no logical layer 3 interfaces are configured with exception of 1 interface for management purpose.

I am not sure if I am able to put my thaughts well explained.

Regards,

Ankur

View solution in original post

17 Replies 17

glen.grant
VIP Alumni
VIP Alumni

Don't believe you can turn off ip routing on the 720 .

Hi Glen,

Is this a guess or are you 100% sure

Jon Marshall
Hall of Fame
Hall of Fame

Hi

I have to say that i thought the same as Glen until i just tested it in our lab and spent the next 10 mins logging in via a backdoor to turn it back on again. Once the "no ip routing" command was entered it removed the EIGRP config and lost all of it's routes.

This is with a SUP720-BASE running 12.2(18)SXF6.

We do have more up to date supervisor in our data centre but you can hopefully understand my reluctance to try it :)

Jon

hi Jon,

We have a WS-SUP720-3BXL (when i remember it good with the 12.2(18)SFX6), will try it tomorrow when I can have my hands on the catalyst, but today I was looking in the help and could not find the "no ip routing". Give you an update soon.

Thanks,

Peter

Peter

Just checked one of our more up to date sups - SUP720-3B (no i didn't :)) and the command "no ip routing" is not an option so i suspect you wont be able to do it. It is also running 12.2(18)SXF6 so it must just be an option on the SUP720BASE.

Jon

It has been a long time - and it is possible that my memory is not entirely accurate about it - but I believe that at one time I discovered that even if you turn off ip routing that when the switch reboots ip routing is on again. (turning ip routing off does not survive over the reboot)

HTH

Rick

HTH

Rick

Rick

You may well be right because once i managed to log onto the switch and do a

sh run | include no ip routing

it didn't show up in the config. Would be interesting to know but i think i'd like to physically be at the switch to try it.

Jon

Hi All,

In Cisco IOS Software Release 12.1(20)E and later, the support for disablement of IP routing has been removed for Catalyst 6500 series switches. You cannot disable IP routing in these switches.

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00804c5472.shtml#disableiproute

Regards,

Ankur

Hi Ankur

Had a look at the document and it mentions that if "service internal" is enabled on the switch the switch will accept "no ip routing" but it will not save it across a reboot.

Couple of questions if you don't mind

1) On the switch where i entered "no ip routing" (see previous post) there is indeed a "service internal" in the config.

On the switch where there was no option to enter "no ip routing" there wasn't. I can't try this on a live 6500 but when i entered "service internal ?" from global config it said unrecognised command. So is "service internal" a hidden command ?

2) Both the switches i tried it on were running 12.2(18)SXF6. So is it right to say you cannot disable ip routing because i did on 6500 with a SUP720BASE running 12.2(18)SXF6. Yes it would restore routing once rebooted but then how often do you reboot 6500 switches.

3) Out of interest, apart from the absence of routes which is the obvious thing, if the switch does not save the "no ip routing" command into it's config how would you know "ip routing" had been disabled ?

Jon

Hi Jon,

You are always welcome :)

Now coming to your questions "service internal" command is an engineering command and should not be used in live production network by any customer. There is no official documentation for the same.

As I mentioned in my previous post software Release 12.1(20)E and later, the support for disablement of IP routing has been removed but you mentioned you were able to do "no ip routing" on sup 720 running 12.2(18) code correct? If this is a case I am not sure why it worked may be service internal command is already enabled on the release which you are running. Not sure though. I have to dig more to find that informaion.

Your last question is very tricky and the most easy way is to check 'sh ip route" but "no ip routing" is not saved in configuration but when you issue this command we will see this command in show run as this is not the default behavior and non default commands are displayed in running config but when you reload the same it will be enable again.

So the crux of conversation is we cannot disable ip routing and to make sure there is no ruting happening just configure all physical ports as "switchport" and make sure no logical layer 3 interfaces are configured with exception of 1 interface for management purpose.

I am not sure if I am able to put my thaughts well explained.

Regards,

Ankur

HI ankbhasi,

You ar right, i have just put one vlan interface for management purposes and this is working, there is only thing that i added when your are comming from another subnet to the management, you need to add a static route 0.0.0.0 0.0.0.0 A.B.C.D

with A.B.C.D the ip of the management interface on the core router, otherwise the packets are lost, the rest of the vlans are routed on the core.

Thanks all for you help

Ankur

Many thanks for this. I would need to rerun test and i can't at the moment but i think i did check for "no ip routing" in the config once i had run the command and i didn't see it. Perhaps i just missed it.

Yes both switches were running 12.2(18) code. And the switch that allowed me to turn off ip routing did have a "service internal" line in the config.

Yes agreed, easiest way is to just to make all ports switchports and only one L3 interface for management.

Many thanks

Jon

Think Rick hit it on the head , I recall that also .You can remove it but next reload it automatically puts it back . Not that it really matters just use a default route for management of the switch and trunk all other vlans up hill and route it at a dist layer if thats what you want to do . Just give the switch and ip address in a vlan with a default static route pointing to the dist or layer routing device , all other vlans will be trunked to the dist or core .

HI ankbhasi,

You ar right, i have just put one vlan interface for management purposes and this is working, there is only thing that i added when your are comming from another subnet to the management, you need to add a static route 0.0.0.0 0.0.0.0 A.B.C.D

with A.B.C.D the ip of the management interface on the core router, otherwise the packets are lost, the rest of the vlans are routed on the core.

Thanks all for you help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco