I had to reply twice sice only 3 files can be attached with each repley.

I have also attached a Viso diagram, it may help.

I beleive the Gw-Nettelco router is the one for routing between VLANS, your thoughts??????

Thx,

Masood

Thx,

Masood

Hello Masood,

could you please repost the topology diagram as a JPG.

My visio is quite old.

Vlad

here it is in a JPEG format. sorry man.

pls let me know if you have any questions.

Thx,

Masood

HI,

one more file for my second core switch supporting servers and users on a separate floor. this is a CAT 4006, 5 blades on VLAN 2. this swicth is connected via GBIC - fiber to the one in teh floor above it i.e. to CAT 4510R Cisco IOS core swicth. the second CAT 4006, 3 blades is also connected via GBIC interface and fiber to the CAT 4510R Cisco IOS on the VLAN 2.

the only switches on VLAN 3 for DEV environment are:

a CAT 3512 and a CAT 2948 fixed CATOS connected via gigi Interfaces using fiber. one at each floor.

the two CAT 4006 are also at two different floors but one with 3 blades is connected to the CAT 4510R using GBIC and fiber at the same floor and rack. all my main servers are on VLAN 2 connected to CAT 4510R plus users between the cat 4006 and the CAt 4510R.

on VLAN 3 are mostly servers connected to those two switches explained above.

Thx,

Masood

Hello Masood,

sorry for the delay I had lots of work in the office this week.

I'll be sending you the response shortly.

Vlad

Hello Massod,

I'm sending you a diagram with some switches and routers, which I think will clarify things for you.

You'll see routers, switches (layer2) and multi-layer switches.

You'll see different vlans distributed on the devices and routing between these vlans (done by both routers and multi-layer switches (mls)).

trunks will be used to carry more than 1 vlan between the switches

and "no switchport" will be used on the multi-layer switches to be used as routers ports.

I hope that with these configs, you'll be able to check different possibilities for the design you need.

Let me know.

Vlad

Hi Vlad,

Thanks for the files and I am sorry for not being able to check. I didn't get an email notification when you posted the stuff.

I will look at them and will let you know what I think.

Thanks man.

Masood

Hi Vlad,

I am looking at your diagram and see no connections between the CAT 3550s you have listed in the center of the dig connected to other, i beleive CAT 3550s or 3560s and the connection is shown in Green.

no connection between these switches and the rst of the network. Also, how VLAN 4 is connected to VLAN 2 and I don't see where VLAN 3 fits?

Also, I don't see any routers? are U using the L3 capabiities of the switches for routing between VLANs?

where is the edge of the network comparing your diag with that of mine?

Thanks,

Masood

Hello Masood,

I didnt check the jpg file create by visio, its really ugly , I'll send you a visio diag as soon as I get my machine back.

Let me try to respond your questions:

connection between the 2 catalyst is a trunk (in this case I used 2 links- etherchannel), this link will carry all vlans , 2,3,4,5.

the connection to the rest of the network from the cat3550 is done either by trunk (carrying more than 1 vlan), switchport (single vlan), or a router port( no switchport - configured with an IP)

vlan 2, 3, 4, 5 are "connected" through routing, the 3550 is doing the routing fuctions (commands: no ip routing , router eigrp,etc).

you can spread the vlans all around, 1 or more vlans going down any link, also you can connect routers directly to the 3550 as if it was another router.

I gave you a crazy sample of different possibilities to show you the use of the MLS 3550, so there's no hierarchy.

You can connect your edge router in any place in any vlan and still route using the 3550 or other router that connects to the 3550.

check the configurations I've sent, you'll see that the l3 switches will do the routing you need.

if you still need help, please send me a note directly. vladrac@mail2007.com

Vlad

Hi, This is Masood, did you get the Viso Diag completed?

Please send me that diag if you have it as I am sure it will help me understand what is going on so that I can make a test model before immplemeting on my network.

Thx,

Nasood

I think the solution for your problems will be better understood with the following link.

the best resource is always www.cisco.com

Configuring Layer 3 Interfaces:

http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800ddb2a.html#1029667

Let me know,

btw, if these post were in any help, I'd appreciate if you rated it.

Vlad

Hi and thanks for responding. Almost all my switches are L2/L3 Cisco CAT switches with two 3560 at the edge with knowledge of public network located between my two border routers and my Firewalls. My main switch is a Cisco CAT 4510 R with is a layer 2 and 3 switch with Cisco IOS and a few 3550s and 3512s around. I also have two CAT 4006s with CAT OS but these aren't my current concern as I know that I need to either use one of these swithes or a router to route between my VLANs. I do have a Cisco Router, a 2621 as my main router with its fa 0/1 is used for my two mian subnets (servers, devices, and users are on these two subnets 10.1.1.0 and 10.1.4.0) and the DHCP server is givng out IPs out of these two private subnets. the other interface on this router fa0/0 is used for 10.1.2.0 which is totally isolated subnets with a bounch of servers on it called Dev Environment. The AD guys want it this way.

Ok, now, when I take over this network I realized that those people who were looking after this network had created two VLANs, VLAN 2 (acting as the default VLAN 1 actually and used for managemnt of devices too) and VLAN 3 (VLAN 3 is for 10.1.2.0, i.e. the DEv Evironment, so bacically all of my devices, servers and users are on VLAN 2!!! and no trunking.....

I have provided a Diag of my network topology.

what I need to do is to find the best way to create a few more VLANs on my main network (10.1.1.0 and 10.1.4.0) and put all the servers on one VLAN; say VLAN 2 and few other segments and ten start to route between them by trunking. My problem is that the AD guys do not want to get involve and do not want (one of them my boss) to do IP renumbering so i need to do this at the L2 (by MAC addrss may be) and then use the router or (I can upgrade my main router to provide more interfaces with more mem and processing power) and use t to route between VLANs. this router is also used to connect us to a remote office where we have our Web Servers hosted via a T1 point-to-point as we are an online business so I need to be very carefull with this mission and have all the server and web Servers at this locations and my remote locations (10.5.1.0) on a same VLAN and then user on different VLANs by segmenting departments.

Now, you see my delema and the challange that I am facing. how this can be done slowly and gradually. first adding one more VLAN put all the servers on it (also, back interfaces and clustering of servers in mind) and users on another, then, start trunking and see how it works. if all goes well then I can start creating more VLANs and that would be the easy part and point them to the trunk Interface / Link.

Your thoughts will be greataly apreciated.

Thx,

Masood