VLAN or Not to VLAN

Discussion in 'Cisco' started by Paul, Oct 27, 2003.

  1. Paul

    Paul Guest

    Can anyone give me some advice on the following config and which is
    the preferred way.

    Please note the 48-port module discussed below is installed into an
    existing 6509 and for security reasons no routing can take place at
    the 6509. It all would be done at the local site or via the Firewall.

    Option 1
    Each port on the 48-port module in the Cat 6509 (central site) would
    be assigned to a VLAN, with 1 port configured as a trunk to the
    Firewall to carry all VLANs. At the remote site port 1 of the Cat 3550
    would connect into the LES circuit (link to the central site), this
    would be in the same VLAN as the core. Therefore the IP addressing
    would be as follows:-

    IP Address of Firewall - 172.25.100.10 mask 255.255.255.252
    IP Address of 3550 VLAN - 172.25.100.11 mask 255.255.255.252

    This would be replicated for every site, which would create 41 point
    to point links.
    The concern seems to be the Management of the switches. Should I
    create a management subnet on top of the network addressing (as
    detailed above) e.g. The firewall would have an IP address in the
    management network and each switch would have a VLAN that was in the
    management network. IP addressing as follows: -

    IP Address of Firewall - 192.168.100.1 mask 255.255.255.0
    IP Address of 3550 VLAN - 192.168.100.2 mask 255.255.255.0

    The Other Option
    Use the network addressing i.e. the 172.25.100.11 address for
    management as well as the network, in my option that it is perceived
    to be a bad practise. Assign an IP address to the physical interface
    of the 3550, instead of a VLAN. The management netowrk would be set up
    as a sub-interface on the 3550 (with a 192.168.100.2 address and
    probably a full /32 mask) and route the management traffic back to
    Firewall via the 172.25.100.10 network.

    Any comments.

    cheers

    Paul.
     
    Paul, Oct 27, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Neil Rowland

    Auxiliary VLAN V VLan

    Neil Rowland, Apr 13, 2004, in forum: Cisco
    Replies:
    1
    Views:
    605
    Phil Dotchon
    Apr 14, 2004
  2. PS2 gamer
    Replies:
    1
    Views:
    1,126
    Ivan Ostres
    May 28, 2004
  3. avraham shir-el
    Replies:
    4
    Views:
    8,689
    avraham shir-el
    Jul 20, 2004
  4. rahul_hotin

    VLan OR NO VLan

    rahul_hotin, Apr 26, 2005, in forum: Cisco
    Replies:
    1
    Views:
    616
    Ronnie.wonderboy
    Apr 27, 2005
  5. thegmanagain

    To vlan or to not vlan

    thegmanagain, May 8, 2008, in forum: Cisco
    Replies:
    2
    Views:
    666
    thegmanagain
    May 13, 2008
Loading...

Share This Page