RE: A design problem of switched network

Brant Stevens Sun, 18 Mar 2001 10:34:03 -0800

I am assuming that the servers for your user population will be connected to
either of the 6509s in the core...  With that being said, if you do not
connect the core switches to each other directly, any server-server
communications on different switches in the core will have to traverse the
gig uplinks for the users...

In addition, you would not need to enable spanning tree for the network,
since there would not be any loops in the topology for a given VLAN, if the
cores were not directly connected.

IMHO, I think that you should you should directly interconnect the core
switches.

At a bare minimum, there should be 2 VLANS, one for the management
interfaces of the switches (no production traffic on this VLAN!), and at
least one more VLAN for production traffic.

As far as the PIXs go, you should not use VLANs on the 6509 for the
DMZ/External segments...  There are several reasons why you shouldn't but I
think this link sums it up...
http://www.sans.org/newlook/resources/IDFAQ/vlan.htm.

With all this information, I would revise the network as follows:

You need Visio 2000 to view this diagram...

http://branto01.tripod.com/data/project/email-response/65xx-gec.zip

HTH,
Brant

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Peter Van Oene
Sent: Sunday, March 18, 2001 10:12 AM
To: [EMAIL PROTECTED]
Subject: Re: A design problem of switched network


If your not routing on the 6500's where are you going to route?  I would
personally highly suggest each 4000 link back to the each 6500 and a
combination of HSRP and Per VLAN STP be used to balance the use of the
gigabit links.  As to which 6500 internet traffic uses, I suggest that it
really doesn't matter.  The PIX won't forward much more than 90Meg at
theoretical max and I'm certain the internet drain is a little smaller :)

In a design such as this, you definitely want to provision for redundancy,
such that you can lose a core box and maintain connectivity to the edge.
Your not spending 100k extra just to get better use of a single gig link.

Pete


*********** REPLY SEPARATOR  ***********

On 3/18/2001 at 8:20 AM Santosh Koshy wrote:

>I am going to make a few assumptions here based on your request
>
>                        4003                4003                4003
>
>                                    6509                6509
>
>                                                  PIX
>
>                                                WWW
>
>1) Dont run any kind of routing at the core layer.... leave that job for
>the
>distribution layer
>2) Now since there is no L3 routing taking place at the core, it means that
>there are going to be 2 subnets from the distribution switches to the core
>switches. All the links to the first 6509 will be on one VLAN and all the
>wires going to the 2nd switch will belong to the second VLAN.
>3) Get a Pix with 3 interfaces. Use 1 as an external interface (to www),
>and
>use the other two as internal interfaces (one going to each of the 2 VLAN's
>the 4003's) are connected to.
>
>With the above setup your traffic will be load balanced.... and both
>subnets
>will be in use...
>
>Hope that helps,
>Santosh Koshy
>
>
>
>
>
>
>
>
>
>
>""frank"" <[EMAIL PROTECTED]> wrote in message
>992dnf$jd9$[EMAIL PROTECTED]">news:992dnf$jd9$[EMAIL PROTECTED]...
>> Now I want to design a lan for a company, i want to use 2 6509s as core
>> switches for redundancy ,several 4003 as distribution switches .Each 4003
>> connect to 6509 seperately ,2 6509 connect to a  pix  which  links to
>> internet.
>> What puzzled me is how to deal with these 2 6509s.Do they need to be
>> connected with GEC technology and apply HSRP on them ?If they don't have
>> links ,which link should a 4003 choose to visit internet?
>>
>>
>> Thanks,
>>
>> Frank
>>
>>
>>
>>
>>
>> _________________________________
>> FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>>
>
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]



_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A design problem of switched network

Reply via email to
