12-06-2007 05:23 AM - edited 03-11-2019 04:39 AM
Hi,
Where is the best place to position a 6500 switch with FWSM module in Routed Access LAN (Layer 3 to the Access Layer).
We have a layered network with Core/Distribution/Access Layers. The core consists on 2 x 6500 with FWSM+IDSM, dist consists of 2 x 3750-12, access consists of 20 x 3750-48 switches.
We are migrating to a routed (layer3)access design and would like to reposition the 6500s so that the Security modules can be utilized.
What are the implications of placing the 6500 in the Distribution and the 3750s in the Core?
Thanks!
12-13-2007 03:09 PM
If you are running EMI code on the 3750's I do not think it would be an issue. Keep in mind that you will only have a total of 4 fiber connections from the core. The distribution layer is exactly where you want to place your 6500's with the FWSM and IDSM.
BTW. Good job migrating to the layer three design. I would be careful about going L3 to access though. It really limits your options.
12-13-2007 09:45 PM
Hi Rich,
What are the limitations?
Thanks,
Ed.
12-13-2007 10:38 PM
SMI code only allows for static routes and RIP. EMI allows BGP, OSPF, and EIGRP. It is also a lot more for the code but well worth it when looking at a L3 network.
12-13-2007 10:50 PM
Sorry, I thought you were talking about EMI vs. SMI.
L3 to the access is something that we thought about but decided against. It gets a little deep and there were a number of arguments for and against but it really came down to management. For User Access if you want to get to a model where you create ACL's for role based access (HR vs. IT vs. AP etc.) and you are going to a NAC option that can VLAN for roles then maybe you will want to categorize functions to VLANS. Try to do that when you are L3 to the access layer. It will be a bit tougher. Doable but tougher.
E-mail me directly if you would like to talk about it. I would be happy to give you the arguments we had when deciding.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide