Layer 3 Switch SVI Interface Not Coming Up
Presenting Symptom
A host connected to an access switch cannot ping the default gateway IP address configured on a Layer 3 switch SVI, and the SVI interface shows as administratively down.
Network Context
A small branch office network uses a Cisco Catalyst 3560-X Layer 3 switch as the distribution layer, running IOS 15.0. The switch has VLAN 10 configured for the user subnet 192.168.10.0/24. The SVI for VLAN 10 (interface Vlan10) has IP address 192.168.10.1/24 configured. The switch has been recently reconfigured, and the SVI is not coming up.
Diagnostic Steps
Check SVI status
show interfaces vlan 10Vlan10 is administratively down, line protocol is down
The SVI is administratively down. This indicates the interface has been manually shut down or the VLAN is not created in the VLAN database.
Verify VLAN exists
show vlan briefVLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/1, Gi0/2 10 VLAN0010 active Gi0/3, Gi0/4 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup
VLAN 10 is present and active. If VLAN 10 were missing, the SVI would not be created. Since VLAN exists, the issue is likely the SVI being shut down.
Check SVI configuration for shutdown
show running-config interface vlan 10interface Vlan10 ip address 192.168.10.1 255.255.255.0 shutdown
The 'shutdown' command is present under the SVI. This confirms the SVI is administratively down due to manual configuration.
Verify no other issues (optional)
show ip interface brief vlan 10Interface IP-Address OK? Method Status Protocol Vlan10 192.168.10.1 YES manual administratively down down
Confirms the SVI is administratively down. No other issues like missing VLAN or IP address misconfiguration.
Root Cause
The SVI interface Vlan10 has been manually shut down with the 'shutdown' command under the interface configuration. This is a common misconfiguration when an administrator intends to disable the SVI temporarily but forgets to re-enable it.
Resolution
Verification
Run 'show interfaces vlan 10' and 'show ip interface brief vlan 10': Vlan10 is up, line protocol is up Interface IP-Address OK? Method Status Protocol Vlan10 192.168.10.1 YES manual up up Also verify connectivity: ping from a host in VLAN 10 to 192.168.10.1 should succeed.
Prevention
["Always use 'no shutdown' when creating an SVI to ensure it is enabled by default.","Implement configuration management and change control to avoid accidental shutdowns.","Use 'show running-config interface vlan <vlan-id>' to verify SVI configuration before troubleshooting connectivity."]
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario tests understanding of Layer 3 switching and SVI operation. Questions may present a troubleshooting scenario where a host cannot reach its default gateway, and candidates must identify that the SVI is administratively down. The exam may use multiple-choice or drag-and-drop formats to select the correct show command and interpretation.
Exam Tips
Remember that an SVI must be in 'up/up' state to forward traffic; 'administratively down' indicates a shutdown command.
The 'show interfaces vlan <id>' command is the primary tool to check SVI status.
Know that 'no shutdown' is required under the SVI, not just the physical ports.
Commands Used in This Scenario
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions