Here’s the next installment of supplementary material to the CCNP SWITCH Certification Guide. This time, I cover the Layer 3 SVI autostate feature. This content will be added to the book toward the bottom of page 221.
Dave H
Controlling the Automatic State of an SVI
Because a Layer 3 SVI is bound to a Layer 2 VLAN on a switch, it normally follows the state of the VLAN on that switch automatically. If the switch has at least one Layer 2 interface that is up and active on the VLAN, then the Layer 3 SVI will be brought up, too. If all of the Layer 2 interfaces assigned to the VLAN are down, then the Layer 3 interface will be brought down.
This is the default “autostate” behavior. The idea is to bring the Layer 3 interface down so that routing protocols will cease advertising a route to the IP subnet if there are no active switch interfaces on the VLAN where the subnet exists.
When the SVI autostate feature is enabled, a Layer 3 SVI can come up only if the following three conditions are met:
- The VLAN bound to the SVI exists and is active in the VLAN database on the switch
- The SVI is not administratively shutdown
- At least one Layer 2 interface is assigned to the SVI’s VLAN and is in the up state, with STP forwarding
As an example, a switch has VLAN 2 defined and assigned to a variety of Layer 2 interfaces, but none of the interfaces are up. A Layer 3 SVI called interface vlan2 is then defined. Watch what happens to interface vlan2 in the following console output.
Switch(config)#interface vlan2
Switch(config-if)#
*Apr 21 10:13:10.949: %LINK-3-UPDOWN: Interface Vlan2, changed state to up
Switch(config-if)#
Switch(config-if)#ip address 192.168.1.1 255.255.255.0
Switch(config-if)#^Z
Switch#
Switch#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES manual administratively down down
Vlan2 192.168.1.1 YES manual up down
FastEthernet1/0/1 unassigned YES unset down down
FastEthernet1/0/2 unassigned YES unset down down
Even before an IP address can be configured on the new SVI, the switch brings its status up, but its line protocol stays down. In other words, the SVI now exists and is bound to VLAN 2, but it is unusable until at least one Layer 2 interface becomes active on VLAN 2.
In the following output, notice what happens as a PC is connected to interface FastEthernet1/0/1, which is assigned to VLAN 2.
Switch#
*Apr 21 10:21:31.925: %LINK-3-UPDOWN: Interface FastEthernet1/0/1, changed state to up
*Apr 21 10:21:32.009: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up
*Apr 21 10:21:32.932: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/1, changed state to up
Switch#
When the Layer 2 interface comes up, so does the line protocol of the SVI. Once the PC is disconnected or powered down, the SVI is automatically taken down, as shown in the following output.
Switch#
*Apr 21 10:21:45.624: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/1, changed state to down
*Apr 21 10:21:45.624: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to down
*Apr 21 10:21:46.622: %LINK-3-UPDOWN: Interface FastEthernet1/0/1, changed state to down
Switch#
You can override the default behavior by disabling autostate on a per-interface basis with the following command:
Switch(config-if)# switchport autostate exclude
When an interface is excluded, any influence that it might have had over the SVI state is removed. This command isn’t normally used unless the interface is a special case, such as an interface where a network analyzer is connected. The analyzer would capture traffic without being an active participant in the VLAN that is assigned to the interface.
June 10, 2010 at 1:36 am
Hi Dave,
I will try tonight with my lab. You know what I felt I may fail the exam, I did the boson test engine which came with the book and I only got 50% correct, all the command based questions were no problems, just little details like like the port logical operators: gt,lt,neq,range that I have overlooked.
Anyway what’s the pros and cons of using SVI and using router interface by this command “no switchport”?
June 10, 2010 at 9:03 am
I don’t mean to hijack this post, I just found an output which is very good for switch troubleshooting.
FastEthernet0/6 is down, line protocol is down (notconnect)
Hardware is Fast Ethernet, address is 0016.9d05.5086 (bia 0016.9d05.5086)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed, media type is 100BaseTX
input flow-control is unsupported output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:02:34, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 2621 bytes, 0 no buffer
Received 0 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
20 input errors, 14 CRC, 6 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
0 runts, but there are 20 input errors? It’s a potential layer 1 problem.
June 22, 2010 at 11:08 am
Cheers
nice package arrived 
Now as soon as baby is quiet I can watch the Videos
Thanks again.
Aaron
September 15, 2011 at 7:48 pm
Ceiling…
[...]CCNP Switch – SVI Autostate « Ponder the Network (and other things)[...]…