Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Secure Datacenter Architecture (colo); Enterprise VLANing and IP management

In the beginning stages of a datacenter migration, I am trying to uncover best methods for deploying a large scale datacenter in a secure Layer 2 and 3 environment.

The end goal here is to achieve not only broadcast domain segregation, but also IP address control and management, all while trying to minimize administrative and technical overhead.

The existing network is built on 5505, 3550 and 2950 edge aggregation switches, terminated on a 6506 core switch.

The existing infrastructure includes more than 2000 individual servers and growing rapidly; this design must be scalable (with obvious network growth) into the tens of thousands of servers.

I have reviewed a number of methods to achieve this, the most appealing (for IP utilization) seems to be Cisco's pVLAN implementations with IP access lists to prevent malicious or inadvertant IP theft. Unfortunately, according to the Cisco docs I've read, this feature is not supported in the 5500 series devices, or fully in many of the lower level devices mentioned above.

If anybody can point me in the right direction for existing or proposed solutions, ideally utilizing this infrastructure, and minimizing system load and administration, I would greatly appreciate it.




Re: Secure Datacenter Architecture (colo); Enterprise VLANing an

pvlan and vacls are supported on cat 6000. You could plan to include one in your network, based on the growth. Here is a document on datacenter networking.

CreatePlease to create content