Please take a look at the attached image, or see here: http://imgur.com/oSE9v.png
Basically, I want the DMZ network to be available on a vlan in every rack (with 4948 rack switches) in my small datacenter. I also want the DMZ to be easily accessible from the inner networks, but and ACL should control what the DMZ servers can get to on the inside.
Will the attached design work, or is this foolish?
Who advertises the DMZ network, the PIX or the 6500?
How do I keep the 6500 from routing packets between the inner networks and the DMZ? The PIX should be the only thing that routes packets between those networks, right?