I have another tricky thing:
Please see my example network design attached!
I have two VLANs (100 and 200). Normally, I would only have clients of type B and router interfaces in VLAN 200. The client traffic (originating in VLAN 100) has to go accross tha WAN optimizer, to get to their gateway 10.0.0.1, which is in VLAN 200. The purpose of this design is, to optimize traffic transparently. The WAN optimizer bridges between the two VLANs (it has an access port in each VLAN).
But there are clients, whose traffic must not be optimized (type A). So I decided to give the routers an address in VLAN 100. The traffic doesn't need to cross the WAN optimizer, because their gateway is in the same VLAN.
Now, users complain about speed problems. I think, one of the problems is, that the router subinterfaces (Fa0/1.100 and Fa0/1.200) share the same MAC address. As the VLANs are bridged, the MAC address will flap between two ports, I guess.
Please don't complain about my design I won't put the clients of type A into another VLAN, because then the different clients could not use the same switchports (which is required!).
a) What exactly is my problen?
b) How can I solve it?
My first approach to a solution is to deny a certain MAC address on a certain switchport. But which, and where?
Thanks a lot for your help!
Edit: The switch is a Cisco 2960 with one of the latest IOS.