Need to get some understanding

Unanswered Question
May 11th, 2008
User Badges:

Hi Friends,


I have a doubt, if it seems very simple question plz forgive: )


I have a LAN setup with few cisco 3750 switches, where i am using VTP mode as Transparent.


What will happend If i create a L3 Vlan SVI interface with out creating L2 on the switch.


What is the difference in creating L3 Vlan with L2 and with out L2 ?


Please can any one take some effort to brief me about this..


Thanks a lot


Regards


Jacob

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bvsnarayana03 Sun, 05/11/2008 - 12:52
User Badges:
  • Silver, 250 points or more

The idea of creating a VLAN is to segment a larger network to smaller chunks or breaking it to smaller broadcast domains. What type of VLAn (L2 or L3) you want to create is based on what you want to achieve.


Sometimes you may have single subnet available for the VLAN but want to segregate domains based on floors or departments. In such case, L2 vlans are appropriate.


in other cases, you may have multiple subnets available for multiple environmnts (production, test, development etc). Such cases are good for L3 types.


when you cretae L2 vlan, you are good to go by just assigning ports to vlans.whn you cretae L3 vlan, you first need to assign IP add to SVI & if there are multiple L3 vlans spanned across multiple switches then its advisable to run routing protocol & advertise teh subnets for communication. Also take care of STP configuration while you add switches to topology. For easier management of VLANs its good to have a vtp running as in your case.

Jacob Samuel Sun, 05/11/2008 - 13:38
User Badges:

Thanks for the reply.


As I mentioned, in my network I have few 3750 as the Edge switches which is connecting to the core 6509E Switch. For Security purpose i have divided the network in to three different Layer-


Layer 1

I have a Internet connectinng router, outisde directly connect to ISP - Inside of the router directly connect to NetScree FW.


Layer 2

Cisco ASA Box which has 3 dmz interface + one Inside, Outiside.Outside connects to L1 Netwscreen Firesall and Inside connects to 6509E Switch with FWSM Module.


Layer3

FWSM Module connects to the secure inside area of my Server Farm, Application/Database

servers.


What I am doing is I have created different Vlans for different DMZ Zone and small routing Vlan that will do the routing between these Zones. Also I would like to access all the devices through one management Vlan. I will not be adding any port as the memebr of my Mangement Vlan, i just need an IP to access the device only. In this case will it work if i create only L3 Vlans at each Zones and enable static / default ip routing on all zones.


Kindly let me know if any part of the query seems confusing for you...


Thanks in advance

Regards


Jacob

lamav Sun, 05/11/2008 - 14:49
User Badges:
  • Blue, 1500 points or more

HOW MANY TIMES ARE YOU GOING TO POST THE SAME QUESTION? Please use ONE thread.


Thanks


Victor

Jacob Samuel Mon, 05/12/2008 - 03:47
User Badges:

Sorry Victor, there was some problem happend in my Browser, i think i have clicked multiple time, thats why it came 3 time. I have tried to unsubscribe but dont know why its not reflected.


Sorry for the inconvenience.


regards


Jacob

Actions

This Discussion