Our network admin wants to segment our data center into separate networks and vlans. For example Domain Controllers would be 10.1.1.0 255.255.255.0 and vlan 100, File and print servers would be 10.1.2.0 255.255.255.0 and vlan 110, and Application servers would be 10.1.3.0 255.255.255.0 and Vlan 120. They are all connected into a Layer 3 Catalyst switch.
What I would like to know if why does every group have it's own vlan if it sitting on it's own network segment? Wouldn't the layer3 routing prevent broadcasts and chatty protocols from flooding all the networks.
What are the advantages of using layer 3 switching and vlans at the same time.
He cannot explain why but that it needs to be done.
He probably wants inter-vlan communications. Even though the servers are in separate vlans, there still needs to be a layer 3 device to do the routing between the vlans and that's where the layer 3 switch comes in.
It's kinda weird to separate the servers like that though.
On catalyst switches that are L3 capable - vlans and Layer 3 switching go hand in hand. vlan in switch view is how the network segmented in its own subnet, for example in your case, you need 3 subnet which equates to 3 vlans, so instead of having three separate bridges. The subnets can be segmented using a single switch. Bridge now a days does not exist very much if they exist at all, since switches can do a better job. Some switches can have multiple vlans but cannot do L3 funtions they are strictly L2 switches, then some switches are L3 capable which is probably what you have. L3 is need for any communication on IP that requires to be routed either locally (within the same router) or beyond your network like the Internet. If you did not have a L3 switch, and you have a strictly L2 switch, you will still need a router for vlan 100, 110, 120 to talked to each other or to other vlans/network. I hope this give you better understanding.
I do understand the difference between layer 2 and layer 3 switching.
I just wanted to know why use a separate vlan for every separate network segment, what are the advantages. Could you not just segement these into separate vlans but use the same network segment or vice a versa?
Would he not now have to create a inter-VLAN routing table so that each of these vlan can see each others since for example all servers need to talk to the domain controllers.
Perhaps it is just neater to have a separate VLAN for each separate network segment.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...