Layer 3 Access Design

Unanswered Question


We are in the process of implementing a new network at one of our locations. We have purchased 2 6509s w SUP 720 to act as Core/Dist and for access layer, we have purchased 6 6509 w SUP 32. All the uplinks will be 10 Gig from Access.

We are thinking that we should do Layer 3 at Access and the proposed design is attached.

I have some questions/concerns listed below and wanted to get some feedback from this group.

1. Is this a good design and will it work.

2. We have not worked on Layer 3 at access so any best practices documents anyone can recommend. Any gotchas that we should be worried about.

3. What is the best practice for management IPs in the layer 3 design. In layer 2, we used to have all management IPs in one vlan but ofcourse this does not work well in Layer 3.

4. I am thinking that I will reserve 4 class Cs per IDF closet so that we can meet any future requirements. Any recommendations.

5. Any implications of NAC or other technologies that may not work with layer 3 design. I know of Wireless with Autonomous APs and we are implementing Lightweight Architecure. So I don't think we will have issue there.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Joseph W. Doherty Mon, 10/22/2007 - 18:35

Should work.

Why L2 between cores and not L3?

Instead of 4 class Cs per IDF, you might want to reserve a /22 address block.

You can place the management IP into its own routed subnet.

bhedlund Mon, 10/22/2007 - 19:58

Yes, routed access is a good design and it works. However, you need to get familiar with the design caveates and best practices. Before you deploy a routed access design you must read this:

Read this about how to deploy NAC in a routed access design:




This Discussion