We are in the process of moving to a Cisco 4006 SupIII from several smaller switches. We currnently have only 1 VLAN and need to setup additional VLANs (we have 5 remote closets with about 300 total nodes in this office). I am unfamiliar with VLANs and have been reading up on configuring them but am still somewhat confused on how to properly setup and route between VLANs. I was looking to treat each remote closet (switch) as a seperate VLAN and have 1 VLAN for just servers that all VLANs could access. All closets are connected via 1000Base fiber. Any information would be greatly appreciated.
A VLAN is basically used to contain broadcasts ie it represents one broadcast domain. To pass traffic between VLANs requires an external router configured to route the traffic between the different VLANs. This makes the whole network scalable.
While it is possible to configure this router to bridge traffic between VLANs, this would completely defeat the point of segmenting the network into VLANs in the first place.
Ok, so if I created VLAN1 (for servers) and VLAN2-4 (for users),how do the users in VLAN2-4 access servers in VLAN1? Is that accomplished through port trunking on the links or server ports? I apologize for the rudimentary questions, I guess I am trying to think of this in terms of routing seperate branches (subnets).
You will need to create Virtual Interfaces for the router functions. I dont have any 4006 with SupIII, just II's, but on 6500 with MSFC it is pretty simple. You just need to create each VLAN interface.
First get in config mode, then enter the commands:
Interface VLAN 10
Ip address 10.x.x.x 255.x.x.x
Interface VLAN 20
Ip address 10.x.x.x 255.x.x.x
This will create the virtual router interfaces. You will then need to assign the ports in the switch to the proper VLAN number
I strongly suggest not naming VLANs in order starting with 1 then 2 then 3 etc. Give yourself some room for growth in case you change your mind later. Start with creating VLAN10 for users (or some other number that makes sense) then create a VLAN 100 or something for servers. Since you have 1024 IP VLANs that you can use, it will be hard to run out on a single 4006.
To put a port on the 4006 into a specific VLAN, use the command:
set VLAN 10 3/1 (the 3/1 refers to the module/port number)
set VLAN 100 4/1
Set VLAN 100 4/2
To set multiple ports to the same VLAN use the command:
Set VLAN 10 3/1-48 (this will set ports 1-48 on module 3 to VLAN 10
Your switches downstream simply need to be put into ports that correspond to their VLAN. In this configuration you would not have to do any ISL or 802.1q encapsulations. This would be a very straightforward configuration. The Virtual Interface commands will take care of all routing functions as long as you are running a routing protocol or are using static routes.
Our 6500 is set up this way, with ports on the Gigabit Module all in different VLANs and on different networks. We also have other configs where we are doing 802.1q encapsulations that are a bit more messy but necessary in certain circumstances.
I know this is not a perfect response but please email me at firstname.lastname@example.org if you want to go over the options. I'd be happy to help.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...