Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Layer3 connection to ISP

Hi I have a plain layer3 link network /30 connection to our ISP. They also offer us a Layer2 possibility (802.1q trunk).

My question is how I set this up do I have to change my layer3 interface into a layer2 trunk.

What about traffic that is not destined for the remote VLAN do they get routed normally then?


Hall of Fame Super Bronze

Re: Layer3 connection to ISP

You would move your L3 information from the physical interface to a switch virtual interface (SVI) and make sure that VLAN participates in the dot1q trunk.

Is there a reason why you are moving from L3 P2P to L2 ? L2 will introduce STP issues into your environment and they need to be planned carefully.

New Member

Re: Layer3 connection to ISP

As I stated in my first post, we are going to connect to a remote site using mpls and our ISP have changed their port to a dot1q trunk port and they have allocated vlan 535 to us.

So I assume we have to tag all packets intended for the remote vlan 535?

STP does indeed cause us to tread with caution. How do the rest of you do these types of connections?


Hall of Fame Super Bronze

Re: Layer3 connection to ISP

Understood, so VLAN 535 will be the provider's.

To move forward, create VLAN 535 and a transit VLAN. The transit VLAN will hold your L3 information in the dot1q trunk.

On the L2 interface (which is currently the L3 interface), configure trunking and only allow VLAN 535 and the transit VLAN on that trunk which in turn prunes all remaining VLANs.

Make sure to implement different VTP domains and secure the domains with a password between locations.

With STP, make sure the edge devices are STP root of all their VLANs, except the provider's VLAN and you need to select with edge device will be the STP root for the transit VLAN.

You need to have the same VLAN on both edge devices (/30 subnet) and they will communicate the same as they are communicating now. The only difference, you are moving your L3 information from the physical port to the SVI.

New Member

Re: Layer3 connection to ISP

Thank you ver much this was very helpfull