Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Need to overcome ARP legacy of VLAN

Reply
Thread Tools

Need to overcome ARP legacy of VLAN

 
 
carcarx@hotmail.com
Guest
Posts: n/a
 
      11-23-2004
Our scenario:

Two IP addresses in the same subnet provide critical services.
So that everyone doesn't need to change their settings for these
services
we want to move one of those boxes closer to the ingress point for our
off-site connection and continue to use the same VLAN for that IP
address.

More specifically, we want to move 10.10.1.1 to be nearly adjacent
to our off-site connection. This means, to get back to its "native"
VLAN
it would have to cross three switches (and the backbone).

Our networking guys tell me that, since VLAN tagging is an OSI layer 2
operation, if the switch that VLAN 1 "homes" to is unreachble, for
whatever reason,
this distant "outlier", even though it's not on the "home" switch, will
still be unreachable. (Sounds essentially like a single ARP entry is
allocated for
the VLAN.)

Is there any VLAN way around this?

Thanks!

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      11-23-2004
In article <(E-Mail Removed) .com>,
http://www.velocityreviews.com/forums/(E-Mail Removed) <(E-Mail Removed)> wrote:
:Two IP addresses in the same subnet provide critical services.
:So that everyone doesn't need to change their settings for these
:services
:we want to move one of those boxes closer to the ingress point for our
ff-site connection and continue to use the same VLAN for that IP
:address.

Sounds reasonable.

:More specifically, we want to move 10.10.1.1 to be nearly adjacent
:to our off-site connection. This means, to get back to its "native"
:VLAN
:it would have to cross three switches (and the backbone).

:Our networking guys tell me that, since VLAN tagging is an OSI layer 2
peration, if the switch that VLAN 1 "homes" to is unreachble, for
:whatever reason,
:this distant "outlier", even though it's not on the "home" switch, will
:still be unreachable. (Sounds essentially like a single ARP entry is
:allocated for
:the VLAN.)

:Is there any VLAN way around this?

Either your networking guy is confused, or you haven't explained well.

There isn't any such thing in VLAN's as "homing". There isn't any
master switch for a VLAN. A VLAN might possibly have an independant
spanning tree, but that would be recalculated if one of the pathways
went down [so if the networking equipment supports per-VLAN spanning
trees, go ahead and create redundant links carrying that VLAN.]

There are some factors to consider:

- If you are connected to a particular VLAN on a local switch, and the
switch goes down, you will not be able to reach the VLAN. Which is
the same thing as saying that "If you are connected to a switch
and the switch goes down, you won't be able to connect to anything at all."
Nothing magical about VLANs in that, just plain fact that your
local equipment needs to be up for you to get anywhere.

- If you have switches L (local), M (middle), and R (remote), and
you are connected to a VLAN that is carried to all three L, M, and R,
then R cannot tell the difference between VLAN traffic that was
injected at L and VLAN traffic that was injected at M. So if your local
switch goes down, then every other switch that carries that VLAN that
does not become disconnected, will remain able to carry that VLAN traffic.
Suppose for example that your desktop connection is on that VLAN on L,
that the first critical server is on that VLAN on M, and the second
critical server is on that VLAN on R: then if L goes down, although you
will lose your ability to access the VLAN, M and R will still happily
talk to each other as long as there is a remaining connection between
them. The same would be true if it was M that went down: if your route
from L to R did not go through M, then you would still be able to reach R
even though the first critical server was offline until its local
switch was fixed. Not only does M not "own" or "home" the VLAN, but
M *cannot* "own" or "home" the VLAN -- there is no such thing in VLAN
technology. [I do not, though, have any ideas on what would happen if
your networking people are using VTP (Virtual Trunking Protocol) to
distribute information about which ports are on which VLAN: you could
probably get into trouble if your VTP server device went down;
if so, this would be avoided by not using the convenience of VTP.]

- If you are connected to a different VLAN, then you must go through
a router in order to get to the other VLAN, and if the router stops
routing then you would not be able to reach the other VLAN. Within
any one VLAN, though, the traffic is switched, not routed, so as long
as there was a path remaining, the servers on that VLAN would be able
to talk to each other (but not necessarily to the outside world.)

--
Are we *there* yet??
 
Reply With Quote
 
 
 
 
Niche
Guest
Posts: n/a
 
      11-24-2004
"(E-Mail Removed)" <(E-Mail Removed)> wrote in message news:<(E-Mail Removed) roups.com>...
> Our scenario:
>
> Two IP addresses in the same subnet provide critical services.
> So that everyone doesn't need to change their settings for these
> services
> we want to move one of those boxes closer to the ingress point for our
> off-site connection and continue to use the same VLAN for that IP
> address.
>
> More specifically, we want to move 10.10.1.1 to be nearly adjacent
> to our off-site connection. This means, to get back to its "native"
> VLAN
> it would have to cross three switches (and the backbone).


My assumption:

Currently those two IP addresses are in the same VLAN, subnet and
connceting to same switch.

If the above assumption is true, then this look like an layer 2 issue
to me. All you have to do is:

- Make sure that VLAN (which those 2 IP addresses are residing) has
been included into the trunk between those 3 switches

- allocate a port and assign that port into the same VLAN in that
remote switch

- plug-in the device into that port

- do a little ping test (or whatever connectivity test you want)
between those 2 IP addresses (or devices)

Once the test success, Vola.. there you go.

>
> Our networking guys tell me that, since VLAN tagging is an OSI layer 2
> operation, if the switch that VLAN 1 "homes" to is unreachble, for
> whatever reason,
> this distant "outlier", even though it's not on the "home" switch, will
> still be unreachable. (Sounds essentially like a single ARP entry is
> allocated for
> the VLAN.)
>
> Is there any VLAN way around this?
>
> Thanks!


No comment... polly just because I am not native English speaker. I
don't quite able to get his meaning.

Best Regards,
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Arp or Proxy Arp Darren Green Cisco 0 02-20-2009 09:38 PM
problem with vlan + arp Matteo Cisco 1 09-08-2008 07:47 PM
proxy arp vs vlan spec Cisco 1 06-13-2006 01:42 AM
Arp issue with MSCS on different VLAN's Dan Pearson Cisco 2 01-03-2004 07:56 AM



Advertisments