11-17-2009 07:21 AM - edited 03-06-2019 08:38 AM
Hello.
I have to connect two sites(I have connected them and everything works OK).
The problem is that I do not want that broadcasts come from one site to another.
So I have created another vlan on HQ and Remote SWITCH. I have set the port to witch the server is connected to trunk mode allowing the two VLANS.
So when I connet a computer on the remote site I cannot ping that. Any Idea
11-17-2009 07:24 AM
hello Enkli,
only a L3 routed link is a firewall for broadcasts
a L2 trunk when working does not block broadcasts.
if 802.1Q trunk verify if native mismatch at the two sides of the link.
this can be a problem.
verify using
sh interface type x/y switchport
check for native vlan line
Hope to help
Giuseppe
11-17-2009 07:46 AM
Further to Giuseppe's answer you can remove VLANs from trunks by issuing the "switchport trunk allowed vlan remove" command.
HTH
11-17-2009 08:38 AM
If you do not want broadcasts to come from site A to site B then you could do one of two things.
Routing, that would set the systems on the different sites in different broadcast domains.
ACL
Acces-control Lists on the outside interface of the switch where you block the inbound broadcast address.
I would go with routing.
The acls will most likely cause problems for you somewhere down the line.
Why do you not want broadcasts to go from A to B ?
Broadcasts are a quite essential part of IP if you are in the same subnet and broadcast zone.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: