Broadcast and Multicast problem

Discussion in 'Cisco' started by sPiDEr, Jul 8, 2003.

  1. sPiDEr

    sPiDEr Guest

    Hi,

    A senario:

    I have 2 applications using broadcast and multicast traffic to deliver data.
    Given a company of 8 departments (each dept 50 users), 6 departments (300
    users) require those data. I intend to create multiple vlans based on the
    department however the 2 applications on separate servers will have
    difficulties deliver data to those vlans since vlan has its own broadcast
    domain.

    What is you opinion?

    My solutions:

    1) Segregate based on services. Place those users who require the service
    into the same vlan as the 2 applications servers which use broadcast and
    multicast traffic.

    2) Use vlan capable trunk card on the application servers. Create multiple
    vlans based on the department. Place the servers on a different vlan and
    trunk those 6 departments which require the application data to the server.


    What is a better solution? Why? In term of security which is better? Is
    there other solution?

    Thanks for taking your time.

    sPiDEr
     
    sPiDEr, Jul 8, 2003
    #1
    1. Advertising

  2. sPiDEr

    shope Guest

    "sPiDEr" <spider@bgp5_.net_REMOVE_> wrote in message
    news:...
    > Hi,
    >
    > A senario:
    >
    > I have 2 applications using broadcast and multicast traffic to deliver

    data.
    > Given a company of 8 departments (each dept 50 users), 6 departments (300
    > users) require those data. I intend to create multiple vlans based on the
    > department however the 2 applications on separate servers will have
    > difficulties deliver data to those vlans since vlan has its own broadcast
    > domain.


    You dont say if this is IP multicast or something else.
    >
    > What is you opinion?
    >
    > My solutions:
    >
    > 1) Segregate based on services. Place those users who require the service
    > into the same vlan as the 2 applications servers which use broadcast and
    > multicast traffic.
    >
    > 2) Use vlan capable trunk card on the application servers.


    Not a good idea - you end up using something wierd - which equates to more
    bugs and difficult support.

    Create multiple
    > vlans based on the department. Place the servers on a different vlan and
    > trunk those 6 departments which require the application data to the

    server.

    what happens when youget a user wanting both systems? 2 PCs?
    >
    >
    > What is a better solution?


    As usual - it depends.

    Why? In term of security which is better?

    Neither - you havent decribed what your security requirements are.

    Is
    > there other solution?


    Worry about bandwidth and numbers of packets rather than domains.

    2 multicast apps should be able to share the same network without
    interfering - if they cant you have more serious troubles than how to split
    users.

    If you have high bandwidth apps, then split the users into subnets, and
    build a network that can selectively deliver multicast - in IP that means
    using PIM and IGRP, or lots of other combinations.

    300 users should sit comfortably in a single subnet unless you need to split
    them up for other reasons than just traffic and broadcast background.
    >
    > Thanks for taking your time.
    >
    > sPiDEr
    >

    --
    Regards

    Stephen Hope - remove xx from email to reply
     
    shope, Jul 9, 2003
    #2
    1. Advertising

  3. Hi,

    Dont forget that mutlicast is forwarded by default on the switches, so
    the only thing you really should need to worry about is the
    broadcasts, there are two ways you could do this "keeping to the
    fundermentals" bridge your server vlan to all other vlans or use udp
    forwaring. you should try and keep to a standard layout for vlans,
    servers on vlanx,y,z and host "dep" on other vlans.
    this way you dont compemise security.
    i hope this link helps
    http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs006.htm

    Mike


    "shope" <> wrote in message news:<uc_Oa.7479$>...
    > "sPiDEr" <spider@bgp5_.net_REMOVE_> wrote in message
    > news:...
    > > Hi,
    > >
    > > A senario:
    > >
    > > I have 2 applications using broadcast and multicast traffic to deliver

    > data.
    > > Given a company of 8 departments (each dept 50 users), 6 departments (300
    > > users) require those data. I intend to create multiple vlans based on the
    > > department however the 2 applications on separate servers will have
    > > difficulties deliver data to those vlans since vlan has its own broadcast
    > > domain.

    >
    > You dont say if this is IP multicast or something else.
    > >
    > > What is you opinion?
    > >
    > > My solutions:
    > >
    > > 1) Segregate based on services. Place those users who require the service
    > > into the same vlan as the 2 applications servers which use broadcast and
    > > multicast traffic.
    > >
    > > 2) Use vlan capable trunk card on the application servers.

    >
    > Not a good idea - you end up using something wierd - which equates to more
    > bugs and difficult support.
    >
    > Create multiple
    > > vlans based on the department. Place the servers on a different vlan and
    > > trunk those 6 departments which require the application data to the

    > server.
    >
    > what happens when youget a user wanting both systems? 2 PCs?
    > >
    > >
    > > What is a better solution?

    >
    > As usual - it depends.
    >
    > Why? In term of security which is better?
    >
    > Neither - you havent decribed what your security requirements are.
    >
    > Is
    > > there other solution?

    >
    > Worry about bandwidth and numbers of packets rather than domains.
    >
    > 2 multicast apps should be able to share the same network without
    > interfering - if they cant you have more serious troubles than how to split
    > users.
    >
    > If you have high bandwidth apps, then split the users into subnets, and
    > build a network that can selectively deliver multicast - in IP that means
    > using PIM and IGRP, or lots of other combinations.
    >
    > 300 users should sit comfortably in a single subnet unless you need to split
    > them up for other reasons than just traffic and broadcast background.
    > >
    > > Thanks for taking your time.
    > >
    > > sPiDEr
    > >
     
    Michael Hatzis, Jul 11, 2003
    #3
  4. sPiDEr

    shope Guest

    "Michael Hatzis" <> wrote in message
    news:...
    > Hi,
    >
    > Dont forget that mutlicast is forwarded by default on the switches,


    Only within a single VLAN - multicasts stop at a router unless IP multicast
    is set up, or you have some other way for layer 2 multicasts to get "around"
    the routing barrier.

    so
    > the only thing you really should need to worry about is the
    > broadcasts, there are two ways you could do this "keeping to the
    > fundermentals" bridge your server vlan to all other vlans or use udp
    > forwaring.


    Again broadcasts stop at a router by default - but you need to understand
    what protocol the broadcasts are for, and whether they need to be forwarded
    across the router.

    Broadcast forwarding on the router is usually used for "all 1s" broadcasts
    such as DHCP requests, and you can use a UDP forwarder on the router for
    these.

    Some apps that use a lot of broadcasts send "directed broadcasts" - these
    are targeted at the IP broadcast address for a remote subnet. Recent IOS
    versions (12.x and maybe 11.x?) follow the router requirements RFC and drop
    these at the last hop router by default, but you can change this if needed
    on a per interface basis

    you should try and keep to a standard layout for vlans,
    > servers on vlanx,y,z and host "dep" on other vlans.
    > this way you dont compemise security.
    > i hope this link helps
    > http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs006.htm
    >
    > Mike
    >
    >
    > "shope" <> wrote in message

    news:<uc_Oa.7479$>...
    > > "sPiDEr" <spider@bgp5_.net_REMOVE_> wrote in message
    > > news:...
    > > > Hi,
    > > >
    > > > A senario:
    > > >
    > > > I have 2 applications using broadcast and multicast traffic to deliver

    > > data.
    > > > Given a company of 8 departments (each dept 50 users), 6 departments

    (300
    > > > users) require those data. I intend to create multiple vlans based on

    the
    > > > department however the 2 applications on separate servers will have
    > > > difficulties deliver data to those vlans since vlan has its own

    broadcast
    > > > domain.

    > >
    > > You dont say if this is IP multicast or something else.
    > > >
    > > > What is you opinion?
    > > >
    > > > My solutions:
    > > >
    > > > 1) Segregate based on services. Place those users who require the

    service
    > > > into the same vlan as the 2 applications servers which use broadcast

    and
    > > > multicast traffic.
    > > >
    > > > 2) Use vlan capable trunk card on the application servers.

    > >
    > > Not a good idea - you end up using something wierd - which equates to

    more
    > > bugs and difficult support.
    > >
    > > Create multiple
    > > > vlans based on the department. Place the servers on a different vlan

    and
    > > > trunk those 6 departments which require the application data to the

    > > server.
    > >
    > > what happens when youget a user wanting both systems? 2 PCs?
    > > >
    > > >
    > > > What is a better solution?

    > >
    > > As usual - it depends.
    > >
    > > Why? In term of security which is better?
    > >
    > > Neither - you havent decribed what your security requirements are.
    > >
    > > Is
    > > > there other solution?

    > >
    > > Worry about bandwidth and numbers of packets rather than domains.
    > >
    > > 2 multicast apps should be able to share the same network without
    > > interfering - if they cant you have more serious troubles than how to

    split
    > > users.
    > >
    > > If you have high bandwidth apps, then split the users into subnets, and
    > > build a network that can selectively deliver multicast - in IP that

    means
    > > using PIM and IGRP, or lots of other combinations.
    > >
    > > 300 users should sit comfortably in a single subnet unless you need to

    split
    > > them up for other reasons than just traffic and broadcast background.
    > > >
    > > > Thanks for taking your time.
    > > >
    > > > sPiDEr

    > > --

    Regards

    Stephen Hope - remove xx from email to reply
     
    shope, Jul 11, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. wysiwyg21
    Replies:
    4
    Views:
    4,537
    brian mack
    Jun 28, 2005
  2. Yaron
    Replies:
    5
    Views:
    7,730
    suny79
    Nov 21, 2005
  3. Rahan
    Replies:
    0
    Views:
    811
    Rahan
    Aug 7, 2006
  4. Replies:
    4
    Views:
    928
    Thrill5
    Aug 29, 2006
  5. Replies:
    0
    Views:
    851
Loading...

Share This Page