We have a 3 site environment with several T1s between sites. We are replacing those T1s with a metro ethernet type switched WAN link. Our routers will be replaced with Layer 3 switches at each remote site.
My question is if it makes sense to create a VLAN on our core central switch for each site and create VTP trunks from the core switch to the remote switches? Does this make the most sense? We also have VOIP traffic as a consideration so will need to segmeent that traffic as well.
no requirements, I was just thinking of this as a switched extention of our campus network. I was going to use inter-vlan routing and created segmented networks for each location, so that I could still house the DHCP server from our datacenter for the remote sites.
We will have a 20MB link and can have afford to have a fairly long lease time to minimize DHCP traffic accros the link.
So is that the primary use of IP helper addresses? I'm new to using EIGRP in my new organization and I see them used all over. The only addresss I see there however are our DNS server? Can you give a little more detail as to how the routing protocol uses these addresses?
The addresses you are seeing should be your DHCP server addresses. These servers may well be your DNS servers as well, especially if you have an AD environment.
The routing protocol doesn't use these addresses. These addresses are used purely for DHCP clients to get an address.
What happens when a client set for DHCP boots up is it broadcasts out for an IP address. Routers do not normally forward broadcasts onto different networks and you usually don't want them to. So
vlan 10 = client vlan
vlan 20 = server vlan.
DHCP server on vlan 20 is 192.168.5.10
So on the switch
int vlan 10
ip address 192.168.6.1 255.255.255.0
ip helper-address 192.168.5.10
int vlan 20
ip address 192.168.5.1 255.255.255.0
The client on vlan 10 boots up and broadcasts out for an IP address. The packet arrives at the vlan 10 interface on the L3 switch. The L3 switch then creates a unicast packet with the destination ip address of the DHCP server 192.168.5.10 and forwards the request on. The DHCP server issues an IP address, returns the packet back to the L3 switch and the L3 switch forwards back to the client.
You can have more than one ip helper-address under a vlan interface and the L3 switch will forward a request on to all the addresses.
The only interaction with the routing protocol is obviously the L3 switch needs to know how to get to the DHCP server subnet. Note that in this example the DHCP server subnet is on the same switch, but it doesn't have to be, it can be routed across many subnets if that is what you want.
For what it is worth we have a similar topology. What we do is have an Inter-site VLAN connecting all the sites with Layer 2 connectivity while running OSPF on each MLS. Then we just create VLANs per site so traffic from site to site is routed.
Do you use VTP? I had planned on using per site routed VLANs, I just wasnt sure if I could use a VTP trunk in this scenario since I have multiple networks I need to bring over to the remote sites across MPLS links. (voice/data)
It's more design question with few different ways of doing.
A safest approach is using routed (or L-3) links to better segment networks.
This not only gives a good protection against broadcast storms/floods and many other unwanted Level-2 communications, but also makes communications more future proof. With "routed" WAN links where you assign IP addresses directly on physical interfaces you get better transparency and convenience i.e. NetfLow export; some accounting; access-lists; Level-3 QoS feature-set etc.
Jus bear in mind that at some point these new WAN links become congested and you will need some QoS enforcement. This is where the tricks come. Switch is near close to a router when it comes to QoS implementation. Fractional speeds like 20Mbps on Full/Duplex FastE interfaces create certain difficulties for switches where you end up with almost no QoS tools available. Routers always give you full-blown QoS support including policing, TrafficShaping, LLQ and all that jazz â¦. But switches obviously have higher, wire-speed throughput performance ...
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...