Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 2960 share internet connectivity

Hello all,

I would like to ask for help with following setup.

Internet --> Cisco ASA 5515X --> 2 Gbits etherchannel --> Cisco 2960T-48 --> 40 customers, each has own VLAN

Cust 1 -- VLAN 10 --port Fa0/1

Cust 2 -- VLAN 20 --port Fa0/2

Cust 3 -- VLAN 30 --port Fa0/3

Cust 4 -- VLAN 40 --port Fa0/4

Cust 5 -- VLAN 50 --port Fa0/5

etc

I have to provide sharing internet connectivity for all customers.

Speed is 100 Mbits, I have to garantee 3 Mbit to every customer and max speed will be not limited.

ASA do routing, firewalling, nat etc. In my opinion router would be better device than ASA in this case.

But I have to find solution.

Any idea pls?

Any help appreciate.

Best Regards.

Ondrej

  • LAN Switching and Routing
Everyone's tags (3)
7 REPLIES
VIP Super Bronze

Cisco 2960 share internet connectivity

Hi,

Have a look at this discussion for examples and links:

https://supportforums.cisco.com/thread/2040620

HTH

New Member

Re: Cisco 2960 share internet connectivity

Hi Reza,

thank you for your hint. I still hope, that policing is not only one solution.

I can police every customer to 3 Mbits, but when line is not bussy, he will he still only 3 Mbits.

I would like to allow him use more bandwitdh..

Ondrej

Gold

Cisco 2960 share internet connectivity

Hi,

a Layer 3 switch or a router would do just fine   but i would prefer a layer 3 switch, limitting extra hardware and configurations!

plz Rate if it helped.

Soroush.

Hope it Helps, Soroush.
New Member

Cisco 2960 share internet connectivity

At my knowledge you will not be able to guarantee traffic with an ASA device (you can only police traffic).

You will need a router facing the internet connection.

Also you will need to be able to route between VLANs, so you will need a layer 3 switch, Cisco 3750 for example, or configure inside interface on routes as trunk.

Also is a good idea to use private VLANs, if customers don’t need to see each other, and to spare public IPs (if customers will have public IPs).

Samuel Petrescu

New Member

Re: Cisco 2960 share internet connectivity

Hi Samuel,

thanks a lot.  Routing between VLANs provide ASA, but in this case is not desirable.

Customers should not see each other in their networks.

I'm going to find out the best solution with the hardware I allready have.

Ondrej

New Member

Re: Cisco 2960 share internet connectivity

Hi Soroushm,

thank you for your idea, I agree with you. L3 switch is able to do per VLAN qos, router is, imho, the best choice for QoS.

But I have ASA and L2 switch and I have to somehow deal with it :-|

Ondrej

Gold

Re: Cisco 2960 share internet connectivity

hey brabec,

for your idea to work, u need to do traffic shaping on the egress (internet) port on a per vlan (IP RANGE) basis. what you need to do is to use MQC to define your traffic class (each vlan) and put a bandwidth value of 3000 [kbps] remainig keyword> but for this to work. u cant use neither 2960 nor the ASA. so... i dunno how u wanna deal with this limitations, as I've read abt ASA: (the only traffic class supported for traffic shaping is class-default, which matches all traffic.)

so let me know what u figured out later.

thx.

plz Rate if it helped.

Soroush.

Hope it Helps, Soroush.
1216
Views
0
Helpful
7
Replies