>Ok, one more round of nit picky comments and I'll quit :)
>
>> >
>>> > Do I need a router between my VLANs?
>>
>>If you want the VLANs to communicate with each other. Are these trick
>>questions? ;-) I realize there are cases where you don't want them to
>>communicate. I guess that is what you are getting at.
>>
>
>If you want VLANs to share the same broadcast domain, you bridge them.
Which can be dangerous from a scaling standpoint, unless all the
bridged parts are under common administration. One of the reasons to
have reasonable size broadcast domains is to limit broadcast loads on
hosts; it is NOT a bandwidth problem. It is a broadcast problem
whether the network is IP, IPX, NetBEUI, etc.
I find a lot of optical people getting confused and recommending
layer 2 VPNs because they think that interconnecting (i.e., bridging)
will magically work because they use full OC-192 lambdas between
them. That has nothing to do with the core problem.
>Telling people they need a router between them makes people think that
>VLANs have some magical layer three capabilities which leads to the
>above question. Do people ever ask if you need a router between your
>layer 2 broadcast domains? No. Because it used to be obvious. If you
>want to route, you need a router. VLANs and the similarly misunderstood
>Layer 3 switch haven't changed that caveat.
>
>>> > Do I need an IP address on my VLANs?
>>
>>Some sort of network-layer addressing is required for end stations to
>>communicate using typical applications. There are some cases where
>>network-layer addressing is not used, of course, but that sort of
>>communication is being phased out.
>
>Again, if you want to route layer three protocols, you use a router. In
>multiprotocol networks, such as those tested on the CCIE exam, it is
>often necessary to support a mix of protocols, some of which need to be
>routed across broadcast domains while others are bridged. Understanding
>this is much easier when you don't believe in the tooth fairy.
Ah, but if you have the tooth fairy as the administrator of an "L3 switch..."
Mind you, I consider L3 switches and tooth fairies about the same.
If it makes L3 decisions, it's a router. It may be a router with
hardware distributed forwarding, or it may be a router with a single
processor for control and forwarding. It's still a router.
>
>>
>>> > Can I route between VLAN 1 and VLAN 2 with just a switch?
>>
>>No, not a Layer 2 switch.
>
>Bad question :) You can certainly bridge two VLANs, essentially
>creating one. I should have said connect vs route. The point is to
>illustrate the difference between layer two broadcast domains and
>routing, thus reinforcing the point that if you want to route, you use a
>router. There are no exceptions to this rule.
And the question often is, "what problem are you trying to solve by
routing between VLANs?" There certainly are reasons, in a campus
environment, to bridge between VLANs with a L2 switch, such as the
VLAN users in one or more buildings and the servers for that VLAN in
a separate central computer room.
>
>>> > Can I have multiple subnets on the same VLAN?
>
>>Yes, but they won't communicate without a router. A station trying to
>>communicate with a station in a different subnet ARPs for its default
>>gateway. Sure there are exceptions with strangely behaving IP stacks
>and
>>errors with subnet mask configurations, etc., but let's consider the
>>typical case.
>
>This is my point. To route, you need a router. VLANs haven't changed
>this whatsoever.
>
>I simply find that too many people misunderstand the VLAN concept
>simply because vendor marketing has confused the issue and numerous
>pieces of literature make the layer 3 to VLAN binding without properly
>developing the difference.
>
>Nit picky I know, but its a pet peeve.
>
>Pete
I personally regard VLANs, first and foremost, as a means of
multiplexing a LAN.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13867&t=13465
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
