I have a 2821 with two fixed gig ports plus a 16port switch module (16 10/100 plus a gig interface) I want to configure a vlan trunk to a downstream layer 2 switch and have the 2821 perform the intervlan routing. I need to understand the performance pros/cons of using an onboard interface with subinterfaces versus using the switch module. thoughts?
I would say they are the same. I think your switch module is only a 2nd layer switch. Then the inter-vlan routing is done through the CPU, the same as if you do it on a router port.
However if you put it on a router port then because the router port doesn't run or process spanning-tree with the switch, it will save some resource of the router and has better performance (of course you can also disable spanning tree on the switch module and on the switch).
However your switch module should support ether-channel. In this case if you have a lot inter-vlan traffic then you can increase bandwidth by bundling >1 ports together.
Anytime you trunk an interface, you're going to share the interface's bandwidth across multiple VLANs rather than having full interface bandwidth of a dedicated port. However, on the 2821, although the Ethernet ports are gig, the router's performance doesn't fully support sustained gig througput. So that shouldn't be an issue.
Q. What is the bandwidth for the backplane connection between the EtherSwitch service module and the hosting router?
A. Because the module is an NME, the backplane connection speed is 1 Gbps. This is seen and configured on both the module and the router as a Gigabit Ethernet interface. The actual performance depends on the specific configuration and the performance of the hosting router.
So, if the above is true 16 x 100 Mbps plus 1 gig would oversubscribe the module interface bandwidth, but again, its more likely the router couldn't fully support gig. For instance, very next question and answer:
Q. What kind of performance can I expect from the EtherSwitch service module to the hosting router?
A. Performance going to the router varies depending on the raw performance capabilities of the platform and the specific configuration.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...