Solved: Re: CCNP Studies - SVI InterVLAN Routing, Disagree w/ Answer

Dean Romanelli · ‎07-25-2013

Hi All,

I am preparing for the CCNP switch exam, and I have come across a question that I have been staring at for about 2 hours now trying to understand why the answer is correct, and I haven't been able to find any helpful information explaining it.

The diagram is:

VL100

----------------------Access SW-----------------Dist SW--------------Core Switch

VL200

VL300

---------------------Access SW----------------Dist SW-----------------Core Switch

VL400

Also, envision redundant cross connects between Access & Dist Switches, as well as Dist switches and Core Switches (X's).

Question:

For the configuration shown, which is the recommended method of providing inter VLAN routing?

A. determine which switch is the root bridge then connect a router on a stick to it
B. configure SVIs on the core switches
C. configure SVIs on the distribution switches
D. configure SVIs on the access layer switches

Correct Answer: C

How is C the correct answer? I have always been taught that in order to communicate between vlans you NEED a router with sub-interfaces. I understand SVI's, but when I configure a VLAN SVI on a switch, it is usually to act as the gateway address for my hosts in their own individual vlans, not to provide the means to communicate to a total different vlan. I fail to see how configuring SVI's on a switch accomplishes inter-VLAN routing as effectively as having a router with sub-interfaces.

Also, if this ends up being the case, why would I want to configure inter-VLAN routing at the distribution layer when I have a core layer? Doesn't make sense to me because that provides mid-network routing, which I feel should be handled at the core layer.

Any help is appreciated. Thanks.

Elton Babcock · ‎07-25-2013

A layer 3 switch with IP routing enabled basically is a router. The SVI interfaces basically act just like the sub interfaces on the router.

The reason it is best practice to use a switch as a posed to a router is the switch can route through its switching backplane in hardware where a router has to do it in software. It is wire speed in the switch.

I have always learned that you keep your routing as close to the user as you can. The access subnets usually live in the distribution layer and the core/server farm routing takes place in the core. It really helps keep things separate and doesn't place the full load on the core routers.

Sent from Cisco Technical Support iPhone App

View solution in original post

Joseph W. Doherty · ‎07-26-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Given the information in the question, it's not clear that any of the switches do L3. If they don't you would need a router as you noted. Just defining SVIs on a L2 switch doesn't accomplish routing and even for some L3 switches, it may not either.

If these switches are L3 switches, and routing is enabled, then they will automatically route between directly connected subnets hosted by SVI (similar to what a router will do between its interfaces). Of course, hosts will need to "know" to direct their traffic to the SVI address or the SVI will need to act as a proxy. Also, if not all subnets are "visible" to just one device or all devices, you need to have routes for non-directly connected subnets.

What the "correct" answer implies is L3 switches as the distribution layer with a L2 core. If it does, that's a bit of an old design. Newer designs also route in the core with L3 switches and today L3 routing might be deployed at the access edge.

Basically the question is misleading which always isn't too uncommon on some test prep material.

View solution in original post

Elton Babcock · ‎07-25-2013

A layer 3 switch with IP routing enabled basically is a router. The SVI interfaces basically act just like the sub interfaces on the router.

The reason it is best practice to use a switch as a posed to a router is the switch can route through its switching backplane in hardware where a router has to do it in software. It is wire speed in the switch.

I have always learned that you keep your routing as close to the user as you can. The access subnets usually live in the distribution layer and the core/server farm routing takes place in the core. It really helps keep things separate and doesn't place the full load on the core routers.

Sent from Cisco Technical Support iPhone App

Joseph W. Doherty · ‎07-26-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Given the information in the question, it's not clear that any of the switches do L3. If they don't you would need a router as you noted. Just defining SVIs on a L2 switch doesn't accomplish routing and even for some L3 switches, it may not either.

If these switches are L3 switches, and routing is enabled, then they will automatically route between directly connected subnets hosted by SVI (similar to what a router will do between its interfaces). Of course, hosts will need to "know" to direct their traffic to the SVI address or the SVI will need to act as a proxy. Also, if not all subnets are "visible" to just one device or all devices, you need to have routes for non-directly connected subnets.

What the "correct" answer implies is L3 switches as the distribution layer with a L2 core. If it does, that's a bit of an old design. Newer designs also route in the core with L3 switches and today L3 routing might be deployed at the access edge.

Basically the question is misleading which always isn't too uncommon on some test prep material.

Dean Romanelli · ‎07-26-2013

Thank you both. I agree that the question is misleading. That was an issue of mine as well; That the question doesn't specify MLS or L2S. Very frustraiting because most of the prep material is a 50/50 between two perfectly acceptable answers, one being "the Cisco answer" and the other being fine as well but still marked wrong.

Anyway, I understand what both of you are saying. Makes sense. Thank you.

glen.grant · ‎07-26-2013

Get used to it , cisco will put all kinds of ambiguous questions on the test .

Peter Paluch · ‎07-27-2013

Dean, Elton, John, Glen,

We have to follow the existing courseware for CCNP, as the exam items refer to that material.

Current CCNP is built around the (admittedly older) three-layer switched network model with access, distribution and core layers, plus a little talk about Enterprise Composite Network Model. This model strictly requires that the interVLAN routing is performed at the distribution layer, while access layer comprises the access and security features related to accessing the network and core layer provides for interconnection between distribution switches in each building block. From this viewpoint, the 'C' is a perfectly valid answer and for me, that was the immediate and natural choice.

It is true that the best practice may have shifted to different solutions, such as routed access layer, or even having L2 domain span up to the core layer and perform interVLAN routing there (which is, in my opinion, not a best practice at all). However, the current CCNP does follow the ECNM and the traditional model in which the interVLAN routing was the exclusive task performed by the distribution layer and therefore, this exam item shall be viewed in that sense.

Best regards,

Peter

Joseph W. Doherty · ‎07-27-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Current CCNP is still "teaching" 3 layer with L2 Access and L3 Distribution and L3 Core? Wow! I don't doubt you, but here's a Networkers 2005 presentation (http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns656/net_design_guidance0900aecd804ab689.pdf) using L3 at the edge.

I too, when I first saw the book question, thought "C" is a classical answer, but then I thought, given only the information provided by the question, it's really not clear what the answer should be. If all the switches are L2 switches, then it might be answer "A". If all the switches are L3 capable, then it might be answer "D". If only distribution or core are L3, or we're going by recommendations from a decade ago (i.e. before high available, fast convergence to support things like VoIP), then it might be answer "C". The only answer that's unlikely would be answer "B".

Another reason why I could see the correct answer being considered "C", exam preps are either not as current or often not worded as clearly as the actual exam (or so I hope, I haven't sat for any of Cicso's).

Since the question also asked was what's "recommended", and if current CCNP is indeed structured to recommending close to decade old design models, well then clearly "C" is the right choice.

PS:

BTW, years ago I worked a short time inside a very large test provider. One of the reasons actual exam questions are worded better than an exam prep, test taker answers to questions are also statistically analyzed to see if they mislead. Basically, for a question like the above, if answer "C" isn't the selected choice, especially for test takers that otherwise do well on the test, the wording of the question itself is suspect. Also new questions are introduced on exams, that don't really count for your score, but are actually being statically analyzed for their selected answers.

[edit]

Got answer letter references B and D mixed - corrected.

Peter Paluch · ‎07-27-2013

Hi Joseph,

Yeah, it may be an outdated design but it is still being used and taught. With 2950 and 2960 in the access layer, you're pretty much stuck with this traditional design anyway.

I believe that it is actually harmful to "overthink" an answer in these exams. I've heard about people failing these exams because they were "thinking too much" - looking for hidden traps and gotchas which were not really there. Also, knowing too much sometimes causes trouble because a question or the answers may appear as ambiguous to you. The golden rule is to think only in the scope of the particular exam and try not to "outsmart" its authors. There are typical answers to many questions, and this is an example of such question, and in other cases, the exclusion method is always a great help. Speculating whether the routing is activated at the access, distribution or core layer here is a sensitive thinking but it shouldn't branch into speculation.

The original poster, however, dicusses subinterfaces and routers on stick. That suggests to me that he has not yet completely mastered the idea of inter-VLAN routing in a multilayer switched network. In such a network, except very rare ocassions, you never need to use subinterfaces and routers on stick.

Best regards,

Peter