We intend to create a seperate vlan segment specially for use by servers to backup their data, so that these servers say seperate from other vlans & dont interrupt or consume resources due to their high volumes.
Idea is to have extra interface cards on each of these servers which will connect back to this seperate VLAN possibly without any gateway being used.
Is something like this possible, if so kindly suggest.
ok..but would these NIC's function without any gateway address on them among the segments. Also, these servers are currently off fwsm module. Would this impact this , as i want to avoid making changes for access on the firewall for these servers.
Devices only need a gateway when needing to talk to a device outside it's own subnet, I can't help you with the server config bit, but I know it can be done as we have them here (which I think Jon Marshall put in).
Maybe I missed the point somewhat here, I assumed you would get a separate switch for this private vlan, and in which case wouldn't include the FWSM or Jon's worry about still overloading the current switch.
If the backups are going to be moving large amounts of data then it may be worth considering purchasing a separate switch(es) purely for your backup vlan. This will keep all traffic off your main production switch.
Just using a separate vlan on the same switch does not necessarily mean it won't interfere with other vlans traffic.
3560, 3750, 4948 are all good switches for this sort of thing.
Edit - the servers would not need a default-gateway for this vlan whether it is on a separate switch or a vlan with no L3 interface. They just all need to have an address out of the same subnet on the second NIC.
If the servers are behind firewalls then
1) definitely no default-gateway for second NIC
2) Ensure that IP routing has been disabled on servers
3) Ensure that the server(s)/SAN's etc. that the servers back up to are protected as well otherwise you have just bypassed the firewall ie. you could connect to one of the firewalled servers by it's backup NIC and not have to go through the firewall.
You probably don't want to firewall the backup NIC's with the FWSM because that could impact the FWSM performance.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...