The idea of creating a VLAN is to segment a larger network to smaller chunks or breaking it to smaller broadcast domains. What type of VLAn (L2 or L3) you want to create is based on what you want to achieve.
Sometimes you may have single subnet available for the VLAN but want to segregate domains based on floors or departments. In such case, L2 vlans are appropriate.
in other cases, you may have multiple subnets available for multiple environmnts (production, test, development etc). Such cases are good for L3 types.
when you cretae L2 vlan, you are good to go by just assigning ports to vlans.whn you cretae L3 vlan, you first need to assign IP add to SVI & if there are multiple L3 vlans spanned across multiple switches then its advisable to run routing protocol & advertise teh subnets for communication. Also take care of STP configuration while you add switches to topology. For easier management of VLANs its good to have a vtp running as in your case.
As I mentioned, in my network I have few 3750 as the Edge switches which is connecting to the core 6509E Switch. For Security purpose i have divided the network in to three different Layer-
I have a Internet connectinng router, outisde directly connect to ISP - Inside of the router directly connect to NetScree FW.
Cisco ASA Box which has 3 dmz interface + one Inside, Outiside.Outside connects to L1 Netwscreen Firesall and Inside connects to 6509E Switch with FWSM Module.
FWSM Module connects to the secure inside area of my Server Farm, Application/Database
What I am doing is I have created different Vlans for different DMZ Zone and small routing Vlan that will do the routing between these Zones. Also I would like to access all the devices through one management Vlan. I will not be adding any port as the memebr of my Mangement Vlan, i just need an IP to access the device only. In this case will it work if i create only L3 Vlans at each Zones and enable static / default ip routing on all zones.
Kindly let me know if any part of the query seems confusing for you...
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...