2950 and Vlan?

Discussion in 'Cisco' started by LWG, Dec 21, 2003.

  1. LWG

    LWG Guest

    I need to put together a backup network for some of our servers. I
    need a
    way to segment these servers into (IP) groups of 3 or 4. What I
    thought was
    I would get a 2950 built out with 24 copper 10/100 ports and seperate
    the
    servers with vlans. This would be nothing available or connected to
    our
    operating network, just for backups. What I was thinking was use vlans
    to
    seperate ip traffic to partition networks for these seperate groups of
    servers. Can this be done with the 2950? BTW, each of these seperate
    networks would have a tape drive connected to a server on that vlan/ip
    network.

    Appreciate your feedback...


    Larry
     
    LWG, Dec 21, 2003
    #1
    1. Advertising

  2. In article <>,
    LWG <> wrote:
    :I need to put together a backup network for some of our servers. I need a
    :way to segment these servers into (IP) groups of 3 or 4. What I thought was
    :I would get a 2950 built out with 24 copper 10/100 ports and seperate the
    :servers with vlans. This would be nothing available or connected to our
    :eek:perating network, just for backups. What I was thinking was use vlans to
    :seperate ip traffic to partition networks for these seperate groups of
    :servers. Can this be done with the 2950? BTW, each of these seperate
    :networks would have a tape drive connected to a server on that vlan/ip
    :network.

    That's odd, the feature navigator does not indicate 802.1Q support
    for the 2950, 3550, or 3750, but the FN does indicate 802.1Q trunking
    support of those devices. The relevant data sheets do indicate 802.1Q
    support.

    I'll drop a note to Cisco about this. The 2950/3550/3750 information
    has been wrong in the FN before; it takes them about 2 weeks to
    amend the FN.
    --
    Is "meme" descriptive or perscriptive? Does the knowledge that
    memes exist not subtly encourage the creation of more memes?
    -- A Child's Garden Of Memes
     
    Walter Roberson, Dec 21, 2003
    #2
    1. Advertising

  3. LWG

    Peter! Guest

    I can confirm that the 2950 does indeed support 802.1Q trunking, but not
    ISL, so should be OK.

    peter.





    "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:bs4tns$7ij$...
    > In article <>,
    > LWG <> wrote:
    > :I need to put together a backup network for some of our servers. I need a
    > :way to segment these servers into (IP) groups of 3 or 4. What I thought

    was
    > :I would get a 2950 built out with 24 copper 10/100 ports and seperate the
    > :servers with vlans. This would be nothing available or connected to our
    > :eek:perating network, just for backups. What I was thinking was use vlans to
    > :seperate ip traffic to partition networks for these seperate groups of
    > :servers. Can this be done with the 2950? BTW, each of these seperate
    > :networks would have a tape drive connected to a server on that vlan/ip
    > :network.
    >
    > That's odd, the feature navigator does not indicate 802.1Q support
    > for the 2950, 3550, or 3750, but the FN does indicate 802.1Q trunking
    > support of those devices. The relevant data sheets do indicate 802.1Q
    > support.
    >
    > I'll drop a note to Cisco about this. The 2950/3550/3750 information
    > has been wrong in the FN before; it takes them about 2 weeks to
    > amend the FN.
    > --
    > Is "meme" descriptive or perscriptive? Does the knowledge that
    > memes exist not subtly encourage the creation of more memes?
    > -- A Child's Garden Of Memes
     
    Peter!, Dec 21, 2003
    #3
  4. In article <>,
    LWG <> wrote:
    :I need to put together a backup network for some of our servers. I need a
    :way to segment these servers into (IP) groups of 3 or 4. What I thought was
    :I would get a 2950 built out with 24 copper 10/100 ports and seperate the
    :servers with vlans. This would be nothing available or connected to our
    :eek:perating network, just for backups. What I was thinking was use vlans to
    :seperate ip traffic to partition networks for these seperate groups of
    :servers. Can this be done with the 2950?

    As noted in other replies, the 2950 supports 802.1Q vlans.

    I find, though, that I'm not sure what you are asking to do.
    If you need to route between those 3 VLANs while preventing other
    VLANs from routing to them, then you will not be able to do
    that on the 2950 as far as I understand. With the 3550 you could
    put on VLAN ACLs on the other VLANs blocking them from sending to those
    IP ranges; I have not dug deeply enough into the 2950 to be sure
    whether that can be done on the 2950; I don't believe it can though.

    There is no way on the 2950 (or 3550 or 3750... or any other Cisco
    device I've investigated) to split the device up into logical
    partitions that allow VLANs in any one partition to route between
    themselves, but disallow routing to other partitions. ACLs and
    Policy Based Routing (PBR) is the closest I've found to that,
    but if the IP ranges can overlap between the logical partitions
    you want then it can get pretty messy.

    [An example of a configuration where you might want this kind of setup
    would be if you have multiple firewall "outside" interfaces on some
    ports, and the inside of a firewall on other ports, and public
    addresses are involved: you might want some outside routing, and some
    inside routing, but you don't want the two to mix together, even
    though they have the same IP ranges.]
    --
    "No one has the right to destroy another person's belief by
    demanding empirical evidence." -- Ann Landers
     
    Walter Roberson, Dec 21, 2003
    #4
  5. LWG

    Ben Samuals Guest

    All: basically what I wanted to do is just partition the IP networks, for
    ex. Ports 1-5 would be ip network 192.168.1.0/24, ports 6-11 would be ip
    network 192.168.2.0/24, ports 12-18 would be ip network 192.168.3.0/24 etc.
    These ip networks/vlans would not be routing between each other just
    seperate ip networks to themselves. What I want is to limit arping between
    vlans for backup purposes. On each vlan I would have a dedicated backup
    server for this purpose.

    Does that help clearify what I am trying to do?

    Thx, Benny!
    "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:bs506u$8kc$...
    > In article <>,
    > LWG <> wrote:
    > :I need to put together a backup network for some of our servers. I need a
    > :way to segment these servers into (IP) groups of 3 or 4. What I thought

    was
    > :I would get a 2950 built out with 24 copper 10/100 ports and seperate the
    > :servers with vlans. This would be nothing available or connected to our
    > :eek:perating network, just for backups. What I was thinking was use vlans to
    > :seperate ip traffic to partition networks for these seperate groups of
    > :servers. Can this be done with the 2950?
    >
    > As noted in other replies, the 2950 supports 802.1Q vlans.
    >
    > I find, though, that I'm not sure what you are asking to do.
    > If you need to route between those 3 VLANs while preventing other
    > VLANs from routing to them, then you will not be able to do
    > that on the 2950 as far as I understand. With the 3550 you could
    > put on VLAN ACLs on the other VLANs blocking them from sending to those
    > IP ranges; I have not dug deeply enough into the 2950 to be sure
    > whether that can be done on the 2950; I don't believe it can though.
    >
    > There is no way on the 2950 (or 3550 or 3750... or any other Cisco
    > device I've investigated) to split the device up into logical
    > partitions that allow VLANs in any one partition to route between
    > themselves, but disallow routing to other partitions. ACLs and
    > Policy Based Routing (PBR) is the closest I've found to that,
    > but if the IP ranges can overlap between the logical partitions
    > you want then it can get pretty messy.
    >
    > [An example of a configuration where you might want this kind of setup
    > would be if you have multiple firewall "outside" interfaces on some
    > ports, and the inside of a firewall on other ports, and public
    > addresses are involved: you might want some outside routing, and some
    > inside routing, but you don't want the two to mix together, even
    > though they have the same IP ranges.]
    > --
    > "No one has the right to destroy another person's belief by
    > demanding empirical evidence." -- Ann Landers
     
    Ben Samuals, Dec 30, 2003
    #5
  6. I have an older 2900 switch ios version 11.2, here's how I've done it.
    In config t mode, then interface (as port 1) then do a (switchport
    access vlan 1) . Do this on all the ports that you want on vlan 1.
    Then same thing for the portson vlan2.. I have (4) vlanson my little
    home network.. Hope this point you in the right difection...

    "Ben Samuals" <> wrote:

    >All: basically what I wanted to do is just partition the IP networks, for
    >ex. Ports 1-5 would be ip network 192.168.1.0/24, ports 6-11 would be ip
    >network 192.168.2.0/24, ports 12-18 would be ip network 192.168.3.0/24 etc.
    >These ip networks/vlans would not be routing between each other just
    >seperate ip networks to themselves. What I want is to limit arping between
    >vlans for backup purposes. On each vlan I would have a dedicated backup
    >server for this purpose.
    >
    >Does that help clearify what I am trying to do?
    >
    >Thx, Benny!
    >"Walter Roberson" <-cnrc.gc.ca> wrote in message
    >news:bs506u$8kc$...
    >> In article <>,
    >> LWG <> wrote:
    >> :I need to put together a backup network for some of our servers. I need a
    >> :way to segment these servers into (IP) groups of 3 or 4. What I thought

    >was
    >> :I would get a 2950 built out with 24 copper 10/100 ports and seperate the
    >> :servers with vlans. This would be nothing available or connected to our
    >> :eek:perating network, just for backups. What I was thinking was use vlans to
    >> :seperate ip traffic to partition networks for these seperate groups of
    >> :servers. Can this be done with the 2950?
    >>
    >> As noted in other replies, the 2950 supports 802.1Q vlans.
    >>
    >> I find, though, that I'm not sure what you are asking to do.
    >> If you need to route between those 3 VLANs while preventing other
    >> VLANs from routing to them, then you will not be able to do
    >> that on the 2950 as far as I understand. With the 3550 you could
    >> put on VLAN ACLs on the other VLANs blocking them from sending to those
    >> IP ranges; I have not dug deeply enough into the 2950 to be sure
    >> whether that can be done on the 2950; I don't believe it can though.
    >>
    >> There is no way on the 2950 (or 3550 or 3750... or any other Cisco
    >> device I've investigated) to split the device up into logical
    >> partitions that allow VLANs in any one partition to route between
    >> themselves, but disallow routing to other partitions. ACLs and
    >> Policy Based Routing (PBR) is the closest I've found to that,
    >> but if the IP ranges can overlap between the logical partitions
    >> you want then it can get pretty messy.
    >>
    >> [An example of a configuration where you might want this kind of setup
    >> would be if you have multiple firewall "outside" interfaces on some
    >> ports, and the inside of a firewall on other ports, and public
    >> addresses are involved: you might want some outside routing, and some
    >> inside routing, but you don't want the two to mix together, even
    >> though they have the same IP ranges.]
    >> --
    >> "No one has the right to destroy another person's belief by
    >> demanding empirical evidence." -- Ann Landers

    >
    >
     
    gene martinez, Dec 30, 2003
    #6
  7. LWG

    Ben Samuals Guest

    Perfect, that is just what I was looking for. I appreciate you taking the
    time with this. This is just to minimize arps/broadcasts from interferring
    with the other networks, just for backup purposes...

    Thx again and happy new year....

    Larry
    "gene martinez" <> wrote in message
    news:...
    > I have an older 2900 switch ios version 11.2, here's how I've done it.
    > In config t mode, then interface (as port 1) then do a (switchport
    > access vlan 1) . Do this on all the ports that you want on vlan 1.
    > Then same thing for the portson vlan2.. I have (4) vlanson my little
    > home network.. Hope this point you in the right difection...
    >
    > "Ben Samuals" <> wrote:
    >
    > >All: basically what I wanted to do is just partition the IP networks, for
    > >ex. Ports 1-5 would be ip network 192.168.1.0/24, ports 6-11 would be ip
    > >network 192.168.2.0/24, ports 12-18 would be ip network 192.168.3.0/24

    etc.
    > >These ip networks/vlans would not be routing between each other just
    > >seperate ip networks to themselves. What I want is to limit arping

    between
    > >vlans for backup purposes. On each vlan I would have a dedicated backup
    > >server for this purpose.
    > >
    > >Does that help clearify what I am trying to do?
    > >
    > >Thx, Benny!
    > >"Walter Roberson" <-cnrc.gc.ca> wrote in message
    > >news:bs506u$8kc$...
    > >> In article <>,
    > >> LWG <> wrote:
    > >> :I need to put together a backup network for some of our servers. I

    need a
    > >> :way to segment these servers into (IP) groups of 3 or 4. What I

    thought
    > >was
    > >> :I would get a 2950 built out with 24 copper 10/100 ports and seperate

    the
    > >> :servers with vlans. This would be nothing available or connected to

    our
    > >> :eek:perating network, just for backups. What I was thinking was use vlans

    to
    > >> :seperate ip traffic to partition networks for these seperate groups of
    > >> :servers. Can this be done with the 2950?
    > >>
    > >> As noted in other replies, the 2950 supports 802.1Q vlans.
    > >>
    > >> I find, though, that I'm not sure what you are asking to do.
    > >> If you need to route between those 3 VLANs while preventing other
    > >> VLANs from routing to them, then you will not be able to do
    > >> that on the 2950 as far as I understand. With the 3550 you could
    > >> put on VLAN ACLs on the other VLANs blocking them from sending to those
    > >> IP ranges; I have not dug deeply enough into the 2950 to be sure
    > >> whether that can be done on the 2950; I don't believe it can though.
    > >>
    > >> There is no way on the 2950 (or 3550 or 3750... or any other Cisco
    > >> device I've investigated) to split the device up into logical
    > >> partitions that allow VLANs in any one partition to route between
    > >> themselves, but disallow routing to other partitions. ACLs and
    > >> Policy Based Routing (PBR) is the closest I've found to that,
    > >> but if the IP ranges can overlap between the logical partitions
    > >> you want then it can get pretty messy.
    > >>
    > >> [An example of a configuration where you might want this kind of setup
    > >> would be if you have multiple firewall "outside" interfaces on some
    > >> ports, and the inside of a firewall on other ports, and public
    > >> addresses are involved: you might want some outside routing, and some
    > >> inside routing, but you don't want the two to mix together, even
    > >> though they have the same IP ranges.]
    > >> --
    > >> "No one has the right to destroy another person's belief by
    > >> demanding empirical evidence." -- Ann Landers

    > >
    > >

    >
     
    Ben Samuals, Dec 31, 2003
    #7
  8. Did you get it set-up???

    "Ben Samuals" <> wrote:

    >Perfect, that is just what I was looking for. I appreciate you taking the
    >time with this. This is just to minimize arps/broadcasts from interferring
    >with the other networks, just for backup purposes...
    >
    >Thx again and happy new year....
    >
    >Larry
    >"gene martinez" <> wrote in message
    >news:...
    >> I have an older 2900 switch ios version 11.2, here's how I've done it.
    >> In config t mode, then interface (as port 1) then do a (switchport
    >> access vlan 1) . Do this on all the ports that you want on vlan 1.
    >> Then same thing for the portson vlan2.. I have (4) vlanson my little
    >> home network.. Hope this point you in the right difection...
    >>
    >> "Ben Samuals" <> wrote:
    >>
    >> >All: basically what I wanted to do is just partition the IP networks, for
    >> >ex. Ports 1-5 would be ip network 192.168.1.0/24, ports 6-11 would be ip
    >> >network 192.168.2.0/24, ports 12-18 would be ip network 192.168.3.0/24

    >etc.
    >> >These ip networks/vlans would not be routing between each other just
    >> >seperate ip networks to themselves. What I want is to limit arping

    >between
    >> >vlans for backup purposes. On each vlan I would have a dedicated backup
    >> >server for this purpose.
    >> >
    >> >Does that help clearify what I am trying to do?
    >> >
    >> >Thx, Benny!
    >> >"Walter Roberson" <-cnrc.gc.ca> wrote in message
    >> >news:bs506u$8kc$...
    >> >> In article <>,
    >> >> LWG <> wrote:
    >> >> :I need to put together a backup network for some of our servers. I

    >need a
    >> >> :way to segment these servers into (IP) groups of 3 or 4. What I

    >thought
    >> >was
    >> >> :I would get a 2950 built out with 24 copper 10/100 ports and seperate

    >the
    >> >> :servers with vlans. This would be nothing available or connected to

    >our
    >> >> :eek:perating network, just for backups. What I was thinking was use vlans

    >to
    >> >> :seperate ip traffic to partition networks for these seperate groups of
    >> >> :servers. Can this be done with the 2950?
    >> >>
    >> >> As noted in other replies, the 2950 supports 802.1Q vlans.
    >> >>
    >> >> I find, though, that I'm not sure what you are asking to do.
    >> >> If you need to route between those 3 VLANs while preventing other
    >> >> VLANs from routing to them, then you will not be able to do
    >> >> that on the 2950 as far as I understand. With the 3550 you could
    >> >> put on VLAN ACLs on the other VLANs blocking them from sending to those
    >> >> IP ranges; I have not dug deeply enough into the 2950 to be sure
    >> >> whether that can be done on the 2950; I don't believe it can though.
    >> >>
    >> >> There is no way on the 2950 (or 3550 or 3750... or any other Cisco
    >> >> device I've investigated) to split the device up into logical
    >> >> partitions that allow VLANs in any one partition to route between
    >> >> themselves, but disallow routing to other partitions. ACLs and
    >> >> Policy Based Routing (PBR) is the closest I've found to that,
    >> >> but if the IP ranges can overlap between the logical partitions
    >> >> you want then it can get pretty messy.
    >> >>
    >> >> [An example of a configuration where you might want this kind of setup
    >> >> would be if you have multiple firewall "outside" interfaces on some
    >> >> ports, and the inside of a firewall on other ports, and public
    >> >> addresses are involved: you might want some outside routing, and some
    >> >> inside routing, but you don't want the two to mix together, even
    >> >> though they have the same IP ranges.]
    >> >> --
    >> >> "No one has the right to destroy another person's belief by
    >> >> demanding empirical evidence." -- Ann Landers
    >> >
    >> >

    >>

    >
    >
     
    gene martinez, Jan 2, 2004
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. KSa
    Replies:
    1
    Views:
    805
    Walter Roberson
    Apr 3, 2004
  2. Little
    Replies:
    3
    Views:
    13,225
    Bill F
    Jun 22, 2004
  3. Edward Voermans

    PIX 515 and Switch 2950 VLAN

    Edward Voermans, Feb 27, 2005, in forum: Cisco
    Replies:
    10
    Views:
    9,838
    Edward Voermans
    Mar 2, 2005
  4. Ant
    Replies:
    1
    Views:
    4,942
    slizer
    May 25, 2005
  5. Tacobell
    Replies:
    5
    Views:
    4,387
Loading...

Share This Page