Good points. I should certainly clarify that I don't advocate bridging
between VLANs unless it makes sense to do so which is usually a corner
case. I also fully support properly scoping broadcast domains and using a
one vlan to one subnet methodology for cleanliness. I love simple
networks. I just wanted to hammer on the distinction a little bit.
Hopefully the tooth fairy got laid off during the "tech slowdown" and we
can go back to basic bridging and routing.
Pete
*********** REPLY SEPARATOR ***********
On 7/26/2001 at 9:58 AM Howard C. Berkowitz wrote:
>>Ok, one more round of nit picky comments and I'll quit :)
>>
>>> >
>>>> > Do I need a router between my VLANs?
>>>
>>>If you want the VLANs to communicate with each other. Are these trick
>>>questions? ;-) I realize there are cases where you don't want them to
>>>communicate. I guess that is what you are getting at.
>>>
>>
>>If you want VLANs to share the same broadcast domain, you bridge them.
>
>Which can be dangerous from a scaling standpoint, unless all the
>bridged parts are under common administration. One of the reasons to
>have reasonable size broadcast domains is to limit broadcast loads on
>hosts; it is NOT a bandwidth problem. It is a broadcast problem
>whether the network is IP, IPX, NetBEUI, etc.
>
>I find a lot of optical people getting confused and recommending
>layer 2 VPNs because they think that interconnecting (i.e., bridging)
>will magically work because they use full OC-192 lambdas between
>them. That has nothing to do with the core problem.
>
>>Telling people they need a router between them makes people think that
>>VLANs have some magical layer three capabilities which leads to the
>>above question. Do people ever ask if you need a router between your
>>layer 2 broadcast domains? No. Because it used to be obvious. If you
>>want to route, you need a router. VLANs and the similarly misunderstood
>>Layer 3 switch haven't changed that caveat.
>>
>>>> > Do I need an IP address on my VLANs?
>>>
>>>Some sort of network-layer addressing is required for end stations to
>>>communicate using typical applications. There are some cases where
>>>network-layer addressing is not used, of course, but that sort of
>>>communication is being phased out.
>>
>>Again, if you want to route layer three protocols, you use a router. In
>>multiprotocol networks, such as those tested on the CCIE exam, it is
>>often necessary to support a mix of protocols, some of which need to be
>>routed across broadcast domains while others are bridged. Understanding
>>this is much easier when you don't believe in the tooth fairy.
>
>Ah, but if you have the tooth fairy as the administrator of an "L3
>switch..."
>Mind you, I consider L3 switches and tooth fairies about the same.
>If it makes L3 decisions, it's a router. It may be a router with
>hardware distributed forwarding, or it may be a router with a single
>processor for control and forwarding. It's still a router.
>
>>
>>>
>>>> > Can I route between VLAN 1 and VLAN 2 with just a switch?
>>>
>>>No, not a Layer 2 switch.
>>
>>Bad question :) You can certainly bridge two VLANs, essentially
>>creating one. I should have said connect vs route. The point is to
>>illustrate the difference between layer two broadcast domains and
>>routing, thus reinforcing the point that if you want to route, you use a
>>router. There are no exceptions to this rule.
>
>And the question often is, "what problem are you trying to solve by
>routing between VLANs?" There certainly are reasons, in a campus
>environment, to bridge between VLANs with a L2 switch, such as the
>VLAN users in one or more buildings and the servers for that VLAN in
>a separate central computer room.
>
>>
>>>> > Can I have multiple subnets on the same VLAN?
>>
>>>Yes, but they won't communicate without a router. A station trying to
>>>communicate with a station in a different subnet ARPs for its default
>>>gateway. Sure there are exceptions with strangely behaving IP stacks
>>and
>>>errors with subnet mask configurations, etc., but let's consider the
>>>typical case.
>>
>>This is my point. To route, you need a router. VLANs haven't changed
>>this whatsoever.
>>
>>I simply find that too many people misunderstand the VLAN concept
>>simply because vendor marketing has confused the issue and numerous
>>pieces of literature make the layer 3 to VLAN binding without properly
>>developing the difference.
>>
>>Nit picky I know, but its a pet peeve.
>>
>>Pete
>
>I personally regard VLANs, first and foremost, as a means of
>multiplexing a LAN.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=13872&t=13465
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
