- Purple, 4500 points or more
I've been asked this question, and I'm not sure how to answer it:
If we have the following topology:
workstation --> layer2 sw --> layer 3
The layer2 switch has vlan1 only, and layer 3 has vlan 1 and 125
Layer 3 switch has some ports that are trunked (primarily because we have VMWare on certain subnets). If the workstation sends broadcasts, will that broadcast go to the layer 3 across ALL ports that are members of VLAN one including the trunked ports?
Also, when I make a port an access port other than one, do those packets ever hit vlan 1?
"If a broadcast storm starts on the layer2 switch, will it affect the devices on ports 3 and 5 on the layer 3? "
Yes because ports 3 & 5 are trunked and so will pass the vlan 1 broadcast traffic.
"And also, let's say that port 23 on the layer 3 is on vlan 1, and uplinked to a DIFFERENT layer 1 switch on the other end, will the broadcast storm affect that as well, crossing from the first layer 2 over the layer 3 and into the second layer 2 on the other side?"
Yes again because it is the same vlan ( vlan 1 ) on all 3 switches.
Cisco recommend not using vlan 1 for either management or end user workstations.
There is nothing inherently wrong with having the same vlan on multiple switches, in fact in many cases it would be very limiting if you couldn't. What is worth doing is pruning/clearing vlans off switch interconnects that are not needed.
It also comes down to design issues. With a L3 routed access-layer you generally end up with vlans being confined to a single or a pair of switches per floor at most.
With L2 from the access-layer you can often end up with multiple switches having the same vlans.
Neither design is right or wrong. They both work and are both applicable in different situations.