Quick VLAN routing question

The Catalyst 2960 is really the baseline switch offering and has traditionally been L2 only. It's also a generation behind and 5 years old at this point (2010). That said the 2960 does have support for limited routing for Inter-VLAN and static routes only BUT BEWARE this is implemented in software and was only intended to support more flexibility in device management. It should NOT be used for production traffic.

If you need to route between VLANs then you should use a L3 switch that implements Inter-VLAN routing in hardware and supports basic dynamic routing protocols (e.g. OSPF or EIGRP). You should also use caution when selecting a L3 switch and be aware that some functionality may be implemented in software and not suitable for a production network. The Catalyst 3560 or 3750 would be a better bet here.

Different devices are designed for different roles in a network.

You need a router at the edge to handle full BGP tables so you use something like a 7200 VXR as an edge router (now replaced by the much better ASR line). The 7200 doesn't do well with Inter-VLAN routing though so for that you look to a L3 switch to act as a core router like a 6500 or 3560/3750 depending on the size of your network. For access ports you don't need the L3 functionality so you can go with the 2960 for most of your access switches (although most opt to go with the 3560/3750 instead because they can do things like L3 port ACLs to filter problematic traffic in hardware). Likewise if you need to do firewall or VPN you use something like an ASA. The right tool for the right job.

I've seen a lot of networks fail at understanding this and use a lot of HP switches that offer L3 in software as routers and connect everything in an OSPF mesh instead of just using them for L2. The performance is terrible and they have no idea why. All you need to do is connect to the switch and see that it's CPU is at 100% to see the problem though.

/r/networking Thread