Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
2
Replies

Performance: PIX 525 and Vlan

davidensc
Level 1
Level 1

‎04-16-2004 03:17 PM - edited ‎02-20-2020 11:21 PM

PIX 6.3.3

Performance and throughput might be compromised when defining VLAN on a physical interface?.

How much the tagging/untagging operation is critical in performance?

There is a lot of difference between:

1) interface ethernet1 auto

interface ethernet1 vlan18 physical

and

2) interface ethernet1 auto

Tahnks!

0 Helpful
2 Replies 2

ehirsel
Level 6
Level 6

‎04-19-2004 06:53 AM

I have not noted any significant performance degradation on a pix using vlan ieee 802.1q tagging. The org. that I work for uses a pix 515 as a firewall interface to the vpn gateways and that pix is configured to use vlan tagging.

However I would not recommend that you allow the interface to use auto negotiation. I have seen issues with that, with or without vlan tagging, so I would rather see you code interface ethernet1 100full, or 10full instead of auto.

I hope this helps, Ed Hirsel

0 Helpful

davidensc
Level 1
Level 1
In response to ehirsel

‎04-19-2004 08:14 AM

thanks!

we try to use a pix 525 with 6 feth interfaces, for inter-vlan routing between 12 vlan.

davide

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card