Courseiva
Layer 3 SwitchingCCNA 200-301

ip routing Command Missing — L3 Switch Acting as L2 Only

Presenting Symptom

A Layer 3 switch is unable to route between VLANs; hosts in different VLANs cannot ping each other even though SVIs are configured and up/up.

Network Context

A small branch office uses a Cisco Catalyst 3650 switch as the core switch. The switch has multiple VLANs (10, 20, 30) with SVIs configured and hosts connected. The switch is running IOS version 16.9. The network engineer notices that inter-VLAN ping fails, and the switch appears to be acting only as a Layer 2 device.

Diagnostic Steps

1

Check SVI status and IP configuration

show ip interface brief | include Vlan
Vlan10                10.0.10.1       YES manual up                    up  
Vlan20                10.0.20.1       YES manual up                    up  
Vlan30                10.0.30.1       YES manual up                    up

All SVIs are up/up and have IP addresses. If any SVI is down/down, check VLAN existence or trunking. Here, SVIs are up, so the issue is not with SVI configuration.

2

Check the routing table for VLAN networks

show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

C        10.0.10.0/24 is directly connected, Vlan10
L        10.0.10.1/32 is directly connected, Vlan10
C        10.0.20.0/24 is directly connected, Vlan20
L        10.0.20.1/32 is directly connected, Vlan20
C        10.0.30.0/24 is directly connected, Vlan30
L        10.0.30.1/32 is directly connected, Vlan30

Only directly connected and local routes appear. There are no inter-VLAN routes (e.g., a route for 10.0.20.0/24 via Vlan10). This indicates that IP routing is not enabled on the switch, so it cannot forward packets between VLANs.

3

Verify if IP routing is enabled globally

show running-config | include ip routing
no ip routing

The output shows 'no ip routing' or the line is missing entirely. If 'ip routing' is present, routing is enabled. Here, it is disabled, confirming the root cause.

4

Check if the switch is operating in Layer 2 mode

show platform layer2
Layer2 mode is enabled

This command may not be available on all platforms, but on some switches it indicates the switch is in Layer 2-only mode. If present, it confirms that routing is disabled.

Root Cause

The global configuration command 'ip routing' is missing (or 'no ip routing' is present) on the Layer 3 switch. By default, some Catalyst switches come with IP routing disabled, causing them to act as Layer 2 switches only. Without this command, the switch does not perform routing between SVIs, even though the SVIs are configured and up.

Resolution

Enable IP routing globally: 1. Enter global configuration mode: configure terminal 2. Enable IP routing: ip routing 3. (Optional) If using a routing protocol, configure it (e.g., OSPF, EIGRP). For simple inter-VLAN routing, no routing protocol is needed because directly connected networks are automatically added to the routing table. 4. Exit and save: end write memory

Verification

1. Verify IP routing is enabled: show running-config | include ip routing Expected output: 'ip routing' 2. Check the routing table again: show ip route Expected output: The directly connected routes should now appear with a 'C' code, and the switch should be able to route between VLANs. For example, a ping from a host in VLAN10 to VLAN20 should succeed. 3. Test inter-VLAN connectivity: ping 10.0.20.1 source 10.0.10.1 Expected: Success (!!!!!)

Prevention

["Always include the 'ip routing' command in the initial configuration of any Layer 3 switch that is expected to perform routing.","Use configuration templates or automation scripts to ensure consistent baseline configurations across all switches.","During network design, clearly document which switches are intended to act as Layer 3 devices and verify the routing configuration during deployment."]

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario tests the candidate's understanding of Layer 3 switching and the difference between Layer 2 and Layer 3 operation. The exam may present a troubleshooting scenario where inter-VLAN routing fails, and the candidate must identify that 'ip routing' is missing. Questions can be multiple-choice or drag-and-drop, asking for the correct command to enable routing or to interpret show command output. The key fact is that a Layer 3 switch requires the 'ip routing' global command to perform routing between VLANs.

Exam Tips

1.

Memorize that 'ip routing' is a global configuration command that enables routing on a Layer 3 switch; without it, the switch acts as a Layer 2 device.

2.

In troubleshooting scenarios, always check 'show ip route' first; if only directly connected routes appear, suspect that IP routing is disabled.

3.

Remember that SVIs can be up/up even without IP routing enabled; the absence of inter-VLAN routes is the clue.

Commands Used in This Scenario

show ip interface brief

Displays a summary of all IP interfaces on the device, including their IP address, status, and protocol state, used for quick verification of interface configuration and connectivity.

show ip route

Displays the current IP routing table on a Cisco router, used to verify routes, check next-hop addresses, and troubleshoot connectivity issues.

show running-config

Displays the current active configuration in DRAM, showing all non-default settings.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions