Designing a VLAN e QOS infrastructure

scolombo · ‎04-10-2002

I've been asked to design a solution for an ISP to implement a Hosting house for their customers

the design includes a cat 6513 as DataCenter switch a Cat3550 as Departimental switch. The schema is as follow.

-------- --------- 1000Fx---------

|PIX535 |--|CAT 6513|------|CAT 3550|-------------

|-------| |--------| |--------| | | |

V V V

L L L

A A A

N N N

1 2 3

As I'm not an expert of QOS the questions are:

- QOS .The internet connections come from the PIX535 side which is connected to the BACKBONE through the same 6513 . Where and how should QOS been implemented ?

- VLAN . The ISP's customers will have their traffic separate in different VLANs on the 3550. How should I configure the 6513 and 3550 to correctly forward traffic coming from internet to the different VLAN ? Should the VLAN been created at Layer 2 or Layer 3 ?

TIA

zoop · ‎04-12-2002

Not sure what you are implementing QOS for if you are just doing IP traffic and you have suffcient bandwidth there shouldn't be a need but you can set it up for whatevery you wany you just have to tell it to mark the traffic that you want to have a high preference. As far as Vlans There has been a lot of discussion if vlan's are really a Secure speration or not, I do know a lot of people who use them this way. If you would like there is something with the Cisco CatOS code call Private and community Vlans what you can do is have your firewall in what is called a promiscuous port and then every indevidual customer will have it's Community vlan where it could not talk to any other community vlan but they all could talk to the Promiscuous port. I think you can find information about this on Cisco's website. Not sure where though. Try looking for pvlan or pvlan mapping.