aryoba
Premium,MVM
join:2002-08-22
edit:
December 20th, @06:05AM
| reply to altu
Re: [Config] Secondary VLAN issue
Q1:
"Now that the trunking is done, I can set them both to transparent. Will the trunk still work, passing all VLAN information ?"
A:
Trunk will still work. However it is not reliable when none of the switches in your VTP Domain work as VTP server. Set the 3560 as the server and 2950 as client, then the VLAN and trunk info will be more reliable. Check out the link I provided for more info.
Q2:
"Why do you stress on subnet separation PIX vs. 3560 users? Security?"
A:
I believe there should (or would) be a need from users behind the 3560 and behind the 2950 to go to the Internet through the PIX or go to the 2nd network through the application box. I also believe that there should (or would) be a need to go to each other between the two group of users.
In short, there are traffic to go from one network segment to another. This is called inter-VLAN routing. To make the inter-VLAN routing run well, you need to break up each network segment to their own subnet.
Q3:
"How do I go about configuring inter-vlan routing on the 3560?"
A:
As mentioned, there should a routing protocol to handle traffic between all subnets. However before going further, you need to answer the following questions.
QUESTIONS:
1) What are the things you can configure the application box as? Can you configure it for specific gateway, IP address, subnet, DNS server?
2) Which routing protocol this application machine is capable running of? Is it capable to run RIP, OSPF, or BGP?
3) Can you also post the application box box configuration? The info I would like to see are IP Address, subnet, gateway (both primary and secondary). |
