Layer3/2 Switching

Answered Question
Nov 24th, 2008
User Badges:

Network topology consists of 3 buildings(Two 6509 & 4500).


HSRP is running between the Core 6500 switches.

Existing topology is using native VLAN 1(10.1.1.0/24) for all dot1q trunks.


Plan is to introduce Layer 3 switching for the DATA and Voice VLAN with the 3 core switches configured as the default gateway.


Each core switch will have a unique DATA and VOICE VLAN for layer3 switching.


At the same time I can still use the Layer 2 VLANs (VLAN 1 & 100) on all switches in the campus


EIGRP protocol will run between all core switches.


A layer 2 and layer 3 link will be connected between all 3 Core switches (Diagram)


Please comment/advise on network. Will this solution be possible?




Attachment: 
Correct Answer by Giuseppe Larosa about 8 years 5 months ago

Hello Colm,

I suggest to manually configure the set of allowed Vlans on each trunk on a per link basis on the long term is better because VTP pruning doesn't stop STP frames so if you allow all vlans on all trunks the topology for each vlan can include links that can be excluded once for all by using the trunk allowed command.


You need the network command also for the "L2" subnets in case the local L3 switch misses its link to them it can reach via the other devices.


Hope to help

Giuseppe



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Giuseppe Larosa Tue, 11/25/2008 - 13:43
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Colm,

I think you can do it.


However, usage of Vlan1 is not recommended for security reasons.

It could be a good idea to use a different Vlan for management purposes and leave vlan1 just for VTP or other L2 protocols.

That vlan can be campus wide as Vlan1.

For example in our campuses we usually use vlan100 for management.


Hope to help

Giuseppe



colmgrier Tue, 11/25/2008 - 16:20
User Badges:

Hi Giuseppe,


Thanks for feedback. The customer existing network is using native VLAN1. This will need to be changed.


Regarding L2/L3 switching, will I need to apply vlan pruning on the dot1q trunks allowing VLAN 1 & 100 only over the l2 trunk links?


For the l3 switching, I have decided to use Eigrp protocol as all devices are Cisco. Do I need to add the L2 subnets under eigrp on all core switches (example below)


6509-A


router 250

network 10.0.0.0 ! L2 subnets

network 172.16.10.0 0.0.0.255

network 172.16.100.0 0.0.0.255


Regards,

Colm







Correct Answer
Giuseppe Larosa Wed, 11/26/2008 - 00:04
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Colm,

I suggest to manually configure the set of allowed Vlans on each trunk on a per link basis on the long term is better because VTP pruning doesn't stop STP frames so if you allow all vlans on all trunks the topology for each vlan can include links that can be excluded once for all by using the trunk allowed command.


You need the network command also for the "L2" subnets in case the local L3 switch misses its link to them it can reach via the other devices.


Hope to help

Giuseppe



Actions

This Discussion