Home > Articles > Cisco > CCNP Routing and Switching

CCNP SWITCH 642-813: Controlling the Automatic State of an SVI

  • Print
  • + Share This
One of the objectives on the CCNP SWITCH exam blueprint is “configure routing interfaces.” A small but important topic in this area is Switch Virtual Interfaces (SVI). Switch Virtual Interfaces (SVI) help route traffic between VLANs by creating Layer 3 interfaces. In this article, expert network architect and author of best-selling CCNP SWITCH 642-813 Official Certification Guide Dave Hucaby shows you how to control the automatic state of an SVI.
From the author of

Because a Layer 3 switched virtual interface (SVI) is bound to a Layer 2 VLAN on a switch, it normally follows the state of the VLAN on that switch automatically. If the switch has at least one Layer 2 interface that is up and active on the VLAN, then the Layer 3 SVI will be brought up too. If all of the Layer 2 interfaces assigned to the VLAN are down, then the Layer 3 interface will be brought down.

This is the default “autostate” behavior. The idea is to bring the Layer 3 interface down so that routing protocols will cease advertising a route to the IP subnet if there are no active switch interfaces on the VLAN where the subnet exists.

When the SVI autostate feature is enabled, a Layer 3 SVI can come up only if the following three conditions are met:

  • The VLAN bound to the SVI exists and is active in the VLAN database on the switch.
  • The SVI is not administratively shut down.
  • At least one Layer 2 interface is assigned to the SVI’s VLAN and is in the up state, with STP forwarding.

As an example, a switch has VLAN 2 defined and assigned to a variety of Layer 2 interfaces, but none of the interfaces are up. A Layer 3 SVI called interface vlan2 is then defined. Watch what happens to interface vlan2 in the following console output:

Switch(config)#interface vlan2
Switch(config-if)#
*Apr 21 10:13:10.949: %LINK-3-UPDOWN: Interface Vlan2, changed state to up
Switch(config-if)#
Switch(config-if)#ip address 192.168.1.1 255.255.255.0
Switch(config-if)#^Z
Switch#
Switch#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES manual administratively down down
Vlan2                  192.168.1.1     YES manual up                    down
FastEthernet1/0/1      unassigned      YES unset  down                  down
FastEthernet1/0/2      unassigned      YES unset  down                  down

Even before an IP address can be configured on the new SVI, the switch brings its status up, but its line protocol stays down. In other words, the SVI now exists and is bound to VLAN 2, but it is unusable until at least one Layer 2 interface becomes active on VLAN 2.

In the following output, notice what happens as a PC is connected to interface FastEthernet1/0/1, which is assigned to VLAN 2:

Switch#
*Apr 21 10:21:31.925: %LINK-3-UPDOWN: Interface FastEthernet1/0/1, changed state to up
*Apr 21 10:21:32.009: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up
*Apr 21 10:21:32.932: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/1, changed state to up
Switch#

When the Layer 2 interface comes up, so does the line protocol of the SVI. Once the PC is disconnected or powered down, the SVI is automatically taken down, as shown in the following output:

Switch#
*Apr 21 10:21:45.624: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/1, changed state to down
*Apr 21 10:21:45.624: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to down
*Apr 21 10:21:46.622: %LINK-3-UPDOWN: Interface FastEthernet1/0/1, changed state to down
Switch#

You can override the default behavior by disabling autostate on a per-interface basis with the following command:

Switch(config-if)# switchport autostate exclude 

When an interface is excluded, any influence that it might have had over the SVI state is removed. This command isn’t normally used unless the interface is a special case, such as an interface where a network analyzer is connected. The analyzer would capture traffic without being an active participant in the VLAN that is assigned to the interface.

  • + Share This
  • 🔖 Save To Your Account