Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Network Segregation.


I have L2 switches Cat 2950, Cisco Fast Switch 400, 3com3C 16476, 3com 4250T with 3 subnets,, having default gateway as router) in all the client pc`s.

Now I would like to separate these segments with 3 VLAN`s into: with DG, with DG, with DG

by setting up Cisco L3 switch, with less downtime.

I know that the changing of DG and mask in clients will take time.

I have created secondary network for 9 and 10 with its DG as 9.1 and 10.1.

All the clients in 9 and 10 DG have been changed to 9.1 and 10.1 with mask /16.

On one weekend I’ll setup the L3 switch with 3 VLAN and allow the routing between the segments.

L3 switch DG will be router). Next working day the clients will change the mask to /24.

Each segment clients will access the servers of other segment. Will there be any problem in accessing between different segments as each segments has got file server and print server and some other servers?

Now the main part is, which Cisco L3 switch will suit for my network, which is having more than 600 users/devices? And what all things should be taken care of when configuring L3 switch?



Re: Network Segregation.

The main thing to be taken into consideration is the MSFC support in the configurations and the IOS releases.

Data-plane (security) Access Control Lists (ACLs) (in other words, user data traffic cannot be restricted using input or output access lists on the router interfaces) -- Data-plane ACLs are now supported in release.

Bridging on 802.1q subinterfaces (that is, a subinterface with both "encapsulation dot1q" and "bridge-group n commands applied) -- bridging on InterSwitch Link (ISL) subinterfaces is supported .

AppleTalk routing .

Port snooping (also known as SPAN, port mirroring, promiscuous mode) .

CreatePlease to create content