Courseiva
Layer 3 SwitchingCCNA 200-301

Routed Port vs SVI Confusion — Interface Not Routing

Presenting Symptom

A host on VLAN 10 cannot ping the IP address of an SVI on a Layer 3 switch, even though the SVI is configured and the host is in the correct VLAN.

Network Context

A small branch office uses a single Cisco Catalyst 3650 switch acting as a Layer 3 switch. The switch has VLANs 10 and 20 configured with SVIs (interface VLAN 10 and interface VLAN 20) for inter-VLAN routing. A host on VLAN 10 is connected to an access port in VLAN 10. The network engineer can ping the default gateway (SVI for VLAN 10) from the host, but cannot reach the SVI for VLAN 20. The switch runs IOS XE 16.9. The problem is isolated to a specific port that was intended to be a routed port but was misconfigured.

Diagnostic Steps

1

Check the interface status and IP configuration of the SVI

show ip interface brief | include Vlan
Interface              IP-Address      OK? Method Status                Protocol
Vlan10                 192.168.10.1    YES NVRAM  up                    up      
Vlan20                 192.168.20.1    YES NVRAM  up                    up

Both SVIs show up/up. If an SVI is down/down, check VLAN existence and active ports. If the SVI is up but the problem persists, the issue is likely elsewhere.

2

Verify the routing table for the destination network

show ip route 192.168.20.0
Routing entry for 192.168.20.0/24
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Routing Descriptor Blocks:
  * directly connected, via Vlan20

The route should show as directly connected via Vlan20. If it shows via another interface or is missing, check SVI configuration or VLAN membership.

3

Check if the port connecting to the host is in the correct VLAN and is an access port

show interfaces GigabitEthernet1/0/1 switchport
Name: Gi1/0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (VLAN0010)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none

The port should be in access mode and assigned to VLAN 10. If the port is in trunk mode or in the wrong VLAN, the host may not be in the correct VLAN.

4

Check if the port is a routed port (no switchport) that might be interfering

show running-config interface GigabitEthernet1/0/1
interface GigabitEthernet1/0/1
 no switchport
 ip address 192.168.10.2 255.255.255.0
 no shutdown

If 'no switchport' is present, the port is a routed port (Layer 3 interface) and not a switchport. This means the host connected to this port is not in VLAN 10; instead, it's directly connected to a routed interface with a different IP subnet. This misconfiguration prevents the host from using the SVI as its gateway.

Root Cause

The interface connecting the host was configured as a routed port (no switchport) with an IP address on a different subnet than the SVI. The host is in VLAN 10 but the switchport is not a Layer 2 interface, so the host cannot communicate with the SVI for VLAN 10. The host's default gateway is the SVI IP (192.168.10.1), but the routed port has IP 192.168.10.2, causing a mismatch.

Resolution

Convert the routed port back to a Layer 2 switchport and assign it to the correct VLAN. Commands: 1. Enter interface configuration mode: configure terminal interface GigabitEthernet1/0/1 2. Remove the IP address and make it a switchport: no ip address switchport 3. Set the port as an access port in VLAN 10: switchport mode access switchport access vlan 10 4. (Optional) Enable the interface: no shutdown 5. Exit and save: end write memory

Verification

1. Verify the interface is now a switchport: show interfaces GigabitEthernet1/0/1 switchport | include Switchport Expected: Switchport: Enabled 2. Verify the access VLAN: show interfaces GigabitEthernet1/0/1 switchport | include Access Mode VLAN Expected: Access Mode VLAN: 10 (VLAN0010) 3. From the host, ping the SVI IP (192.168.10.1): ping 192.168.10.1 Expected: Successful replies.

Prevention

1. Always verify the interface mode (switchport vs routed) when configuring Layer 3 switching. Use 'show interfaces status' to review port roles. 2. Use consistent IP addressing: SVIs should be the default gateway for hosts in that VLAN; routed ports should be used only for router-to-router links. 3. Implement a naming convention for interfaces (e.g., 'description Host-VLAN10') to avoid confusion.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario tests understanding of Layer 3 switching concepts: the difference between a routed port (no switchport) and an SVI (interface vlan). The exam may present a troubleshooting scenario where a host cannot reach a remote network, and the candidate must identify that a port is in routed mode instead of switchport mode. Key fact: A routed port is a Layer 3 interface on a switch, while an SVI is a virtual interface representing a VLAN. Both can route, but they serve different purposes.

Exam Tips

1.

Remember that 'no switchport' turns a physical port into a routed port, removing it from VLAN membership.

2.

In troubleshooting, always check 'show ip interface brief' and 'show interfaces switchport' to identify port roles.

3.

Know that SVIs require the VLAN to exist and at least one active Layer 2 port in that VLAN to be up/up.

Commands Used in This Scenario

show interfaces switchport

Displays the administrative and operational status of a switch port, including VLAN membership, trunking mode, and access VLAN, used to verify VLAN configuration and port security settings.

show ip interface brief

Displays a summary of all IP interfaces on the device, including their IP address, status, and protocol state, used for quick verification of interface configuration and connectivity.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions