Is Router a layer 3 device?

Answered Question
May 12th, 2006

Hi

Is router really a layer 3 device? If it is a layer 3 device, then when we confiugre ACLs, we configure even the port numbers. And port numbers work at layer 5. Therefore can't we say that router is a layer 5 device?

On the other hand 2950 switch. The same thing. We can configure an IP address in interface VLANs. Therefore can't we call it a layer 3 device?

One more thing :)

Can we configure an IP address in the physical interface of a 2950? Because when you type "show run" you see something like this:

!

!

interface fastethernet 0/1

no ip address

!

!

Thanks in advance!

I have this problem too.
0 votes
Correct Answer by jstoecker about 7 years 11 months ago

One thing I would add is that if configs are consistent, then it's 'easier' to move a config from one device to another (and still have it work the same way despite the new device). For example, from a 2950 to a 3550.

As David said, I wouldn't lose sleep over it.

John

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4.9 (5 ratings)
dgloff Fri, 05/12/2006 - 05:57

Here's the way I look at it:

Nearly every network device (except unmanaged hubs) operate at all levels of the OSI model in some way. Devices are labeled with their layer more by their primary function than by their highest function, IMO. A router's job is to route packets from one Layer 3 network to another Layer 3 network. Yes, it can use Layer 4 (IP Protocol #), 5 (TCP/UDP port #s) and all the way up to 7 (NBAR, CBAC, IPS, URL filtering) to make those decisions, but the end result or final product is still a packet being switched from one interface to another on its way to its (layer 3) destination or the bit bucket.

As for the VLAN interface on a Layer-2 switch, that's a management thing. It's a lot easier to telnet or SSH into a switch intstead of having to walk/drive to physically access it. However, the switch does NOT have routing intelligence. It needs to be told where its default gateway is or it can't respond to you, unless you're in its management VLAN (1 by default). So again, we have a device whose primary purpose is to switch packets, this time based on layer 2 information. Just because you can remote into it via an IP address doesn't really make it a layer 3 device, though that single function does function at layers 3-7 (remember you're running telnet, which is a server application that's running on the switch).

And about the IP on the 2950--nearly all 2950s are layer 2 devices, but there are some (I believe the model is 29506-L3) that are layer 3-aware and can run a routing protocol. Yours might be one of these. In the majority of cases, you have to step up to a 3500/3550/3650/3750 class of switch to get layer 3 switching abilities. And when you do, you get some great things. Every single port can be--at your discretion--either layer 2 (switched) or layer 3 (routed). Switched ports are divided up into VLANS and run STP and all that good stuff.

Routed ports get IP addresses and act just like the ethernet ports on a normal router. And when you enable IP routing, these switches (unlike the layer 2 switches) DO hold routes to remote networks, so they don't have to have a default route to respond to your telnet/SSH. Additionally, they can run your routing protocol, form adjacencies, propagate updates, and form their own view of the network and the best paths to all destinations. Yes, you can even run BGP. And to top it all off, routing, ACL matching, QoS and a host of other functions are all done at wire speed, up to the limits of the switch fabric. So unlike, say, a 2600 Router that has maybe 2 ethernet interfaces and caps out somewhere between 30-85Mbps, a single 3750 switch can have up to 48 routed ports (don't know why you'd want that many), and route between them based on layer 3 info at up to 32Gbps.

omal Fri, 05/12/2006 - 07:39

Oh, thank you so much for taking such a lot of time in writing a post for my query.

You have explained the router's and switches' OSI doubt very clearly. I perfectly understood that.

I just have a the third point to be clarified further. Actually even though the switch says like:

!

!

interface fastethernet 0/1

no ip address

!

!

when you try to configure an ip address, it gives an error message saying that "on layer two interface or something (I cannot remember this error completely, sorry..) ip addresses cannot be configured...."

That is why it confuses me.

Thanks a lot!

dgloff Fri, 05/12/2006 - 08:47

try "no switchport" first. If it errors, you have a layer 2-only switch. If it accepts it, then try putting the IP address on, and it should work. "switchoprt" is the command that specifies that the interface is a layer 2 interface. Disabling the switchport "feature" turns it into a routed interface.

But I can't explain why it says "no ip address" in the config if it's configured as a switchport (Layer 2 port). The default should be not having an IP address, and as such, it shouldn't be shown.

jstoecker Fri, 05/12/2006 - 14:59

My 2950T lab switch with EI IOS will accept a 'no switchport vlan 1' command (it won't accept "no switchport" without further parameters), but the port stays in vlan 1, and I can't assign an IP address.

FWIW

John

omal Sun, 05/14/2006 - 22:05

Hi

Well, "no switchport" didn't work, like you said. Then we can confirm that it is a L2 switch. But my doubt is, then why does it say "no ip address" as follows:

interface FastEthernet0/1

no ip address

!

interface FastEthernet0/2

no ip address

!

interface FastEthernet0/3

no ip address

!

Also when I configure an ip address also, it gives me the help to type the following line. But when I enter the command it shows like this: I will paste both these together:

wg_sw_d(config)#interface fast 0/5

wg_sw_d(config-if)#ip address ?

A.B.C.D IP address

wg_sw_d(config-if)#ip address 10.10.10.1 ?

A.B.C.D IP subnet mask

wg_sw_d(config-if)#ip address 10.10.10.1 255.255.255.0 ?

secondary Make this IP address a secondary address

wg_sw_d(config-if)#ip address 10.10.10.1 255.255.255.0

% IP addresses may not be configured on L2 links.

wg_sw_d(config-if)#

Really confused....

Thanks in advance!

dgloff Mon, 05/15/2006 - 02:53

It probably has something to do with convention. IE, configuration of all interfaces has to be the same--either they have an IP address, or they don't. If they don't (or in this case, can't), the config by default shows "no ip address". It's probably for consistency, so the config from a L2 switch looks like an L3 switch looks like a router. It would also make the config of a L2 switch work on an L3 swich should you replace, say, a 2950 with a 3750.

It definitely seems odd, but I wouldn't lose too much sleep over it.

Correct Answer
jstoecker Mon, 05/15/2006 - 03:21

One thing I would add is that if configs are consistent, then it's 'easier' to move a config from one device to another (and still have it work the same way despite the new device). For example, from a 2950 to a 3550.

As David said, I wouldn't lose sleep over it.

John

omal Mon, 05/15/2006 - 20:53

Hi Everyone

Many many thanks to all of you for helping me to resolve my problem.

All the best for your future!!!!

Actions

Login or Register to take actions

This Discussion

Posted May 12, 2006 at 12:51 AM
By omal
Stats:
Replies:8 Avg. Rating:4.88889
Views:550 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard