Encapsulation V-LAN [7:3798]
Hi Guys, i have a question for you. In my site i have to project a new network architecture. I would organize the Resource human in V-LAN. Of course all V-LAN have to access some services (example DNS, E-Mail, Domain Controller etc. etc) and not others. The NIC interfaces of my servers permit the 802.1Q encapsulation. I would make the TRUNK between switches (Catalyst 4000 - access Layer and Catalyst 6500 -Core Layer) with ISL trunk. Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? Please indicate me link where i can find a example of this configuration ? Regards, Carmelo Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3798&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
> >Hi Guys, >i have a question for you. > >In my site i have to project a new network architecture. > >I would organize the Resource human in V-LAN. Of course all V-LAN have to >access some services (example DNS, E-Mail, Domain Controller etc. etc) and >not others. > >The NIC interfaces of my servers permit the 802.1Q encapsulation. Ensure that the host does not route between the VLANs, as this kills your security policy. >I would make the TRUNK between switches (Catalyst 4000 - access Layer and >Catalyst 6500 -Core Layer) with ISL trunk. Why not just use dot1q? >Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? No, they are similar products, but IIRC some switches support both products, so you could use ISL on one trunk, and dot1q on another. >Please indicate me link where i can find a example of this configuration ? I would recommend dot1q everywhere. >Regards, Carmelo Rob./ _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3811&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
I would say use dot1q everywhere. ISL will disappear at some point in the future. Big overheads compared to dot1q. Anybody have any valid reasons to stay with ISL? Gaz ""carmelo Garofalo"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Guys, > i have a question for you. > > In my site i have to project a new network architecture. > > I would organize the Resource human in V-LAN. Of course all V-LAN have to > access some services (example DNS, E-Mail, Domain Controller etc. etc) and > not others. > > The NIC interfaces of my servers permit the 802.1Q encapsulation. > > I would make the TRUNK between switches (Catalyst 4000 - access Layer and > Catalyst 6500 -Core Layer) with ISL trunk. > > Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? > > Please indicate me link where i can find a example of this configuration ? > > Regards, Carmelo > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3893&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Encapsulation V-LAN [7:3798]
Since ISL is Cisco's proprietary protocol it seems that support for new technologies are supported for ISL before 802.1Q on Cisco devices. For instance, Cisco's MPLS/Tag-Switching requires CEF on all MPLS enabled interfaces. CEF switching was supported for ISL since 12.0 however 802.1Q just recently became supported in 12.1T and unreliably at that. I agree with you that eventually ISL will go away but not in the immediate future. Cheers, -Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Gareth Hinton Sent: Wednesday, May 09, 2001 3:45 PM To: [EMAIL PROTECTED] Subject: Re: Encapsulation V-LAN [7:3798] I would say use dot1q everywhere. ISL will disappear at some point in the future. Big overheads compared to dot1q. Anybody have any valid reasons to stay with ISL? Gaz ""carmelo Garofalo"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi Guys, > i have a question for you. > > In my site i have to project a new network architecture. > > I would organize the Resource human in V-LAN. Of course all V-LAN have to > access some services (example DNS, E-Mail, Domain Controller etc. etc) and > not others. > > The NIC interfaces of my servers permit the 802.1Q encapsulation. > > I would make the TRUNK between switches (Catalyst 4000 - access Layer and > Catalyst 6500 -Core Layer) with ISL trunk. > > Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? > > Please indicate me link where i can find a example of this configuration ? > > Regards, Carmelo > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3898&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
if you have a Cisco-only switch architecture I would use ISL between the Catalysts - per-vlan STP is *VERY* useful for resilience and load-balancing purposes. I would use dot1q for attached servers where necessary - since they are end-stations there is not the requirement for them to participate int STP. my #0.02 (is 0.02 UK pounds worth more than $0.02?) Andy > > > >Hi Guys, > >i have a question for you. > > > >In my site i have to project a new network architecture. > > > >I would organize the Resource human in V-LAN. Of course all V-LAN have to > >access some services (example DNS, E-Mail, Domain Controller etc. etc) and > >not others. > > > >The NIC interfaces of my servers permit the 802.1Q encapsulation. > > Ensure that the host does not route between the VLANs, as this kills your > security policy. > > >I would make the TRUNK between switches (Catalyst 4000 - access Layer and > >Catalyst 6500 -Core Layer) with ISL trunk. > > Why not just use dot1q? > > >Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? > > No, they are similar products, but IIRC some switches support both products, > so you could use ISL on one trunk, and dot1q on another. > > >Please indicate me link where i can find a example of this configuration ? > > I would recommend dot1q everywhere. > > >Regards, Carmelo > > Rob./ > > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3901&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
You did not mention it, but I assume you have sub interfaces with ISL encapsulation on the routers , the same as the VLAN os the switches.. What happens when you do a "sh stan" from each router ? andyh wrote: > if you have a Cisco-only switch architecture I would use ISL between the > Catalysts - per-vlan STP is *VERY* useful for resilience and load-balancing > purposes. > > I would use dot1q for attached servers where necessary - since they are > end-stations there is not the requirement for them to participate int STP. > > my #0.02 (is 0.02 UK pounds worth more than $0.02?) > > Andy > > > > > > >Hi Guys, > > >i have a question for you. > > > > > >In my site i have to project a new network architecture. > > > > > >I would organize the Resource human in V-LAN. Of course all V-LAN have to > > >access some services (example DNS, E-Mail, Domain Controller etc. etc) > and > > >not others. > > > > > >The NIC interfaces of my servers permit the 802.1Q encapsulation. > > > > Ensure that the host does not route between the VLANs, as this kills your > > security policy. > > > > >I would make the TRUNK between switches (Catalyst 4000 - access Layer and > > >Catalyst 6500 -Core Layer) with ISL trunk. > > > > Why not just use dot1q? > > > > >Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? > > > > No, they are similar products, but IIRC some switches support both > products, > > so you could use ISL on one trunk, and dot1q on another. > > > > >Please indicate me link where i can find a example of this configuration > ? > > > > I would recommend dot1q everywhere. > > > > >Regards, Carmelo > > > > Rob./ > > > > _ > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3918&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
per-VLAN STP maybe? Andy - Original Message - From: "Gareth Hinton" To: Sent: Wednesday, May 09, 2001 9:45 PM Subject: Re: Encapsulation V-LAN [7:3798] > I would say use dot1q everywhere. > ISL will disappear at some point in the future. Big overheads compared to > dot1q. > Anybody have any valid reasons to stay with ISL? > > Gaz > > ""carmelo Garofalo"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi Guys, > > i have a question for you. > > > > In my site i have to project a new network architecture. > > > > I would organize the Resource human in V-LAN. Of course all V-LAN have to > > access some services (example DNS, E-Mail, Domain Controller etc. etc) and > > not others. > > > > The NIC interfaces of my servers permit the 802.1Q encapsulation. > > > > I would make the TRUNK between switches (Catalyst 4000 - access Layer and > > Catalyst 6500 -Core Layer) with ISL trunk. > > > > Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? > > > > Please indicate me link where i can find a example of this configuration ? > > > > Regards, Carmelo > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3925&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Encapsulation V-LAN [7:3798]
Carmelo, You might want to double check trunking support on that cat 4000. Some models do not support ISL and only have Dot1Q support. Regardless, it would be better to only have one trunking type on the network, if only for troubleshooting purposes. Hope this helps, Karen *** REPLY SEPARATOR *** On 5/9/2001 at 5:45 PM andyh wrote: >if you have a Cisco-only switch architecture I would use ISL between the >Catalysts - per-vlan STP is *VERY* useful for resilience and load-balancing >purposes. > >I would use dot1q for attached servers where necessary - since they are >end-stations there is not the requirement for them to participate int STP. > >my #0.02 (is 0.02 UK pounds worth more than $0.02?) > >Andy > >> > >> >Hi Guys, >> >i have a question for you. >> > >> >In my site i have to project a new network architecture. >> > >> >I would organize the Resource human in V-LAN. Of course all V-LAN have to >> >access some services (example DNS, E-Mail, Domain Controller etc. etc) >and >> >not others. >> > >> >The NIC interfaces of my servers permit the 802.1Q encapsulation. >> >> Ensure that the host does not route between the VLANs, as this kills your >> security policy. >> >> >I would make the TRUNK between switches (Catalyst 4000 - access Layer and >> >Catalyst 6500 -Core Layer) with ISL trunk. >> >> Why not just use dot1q? >> >> >Can i map the 802.1Q trunk on ISL trunk? And how could i do this ? >> >> No, they are similar products, but IIRC some switches support both >products, >> so you could use ISL on one trunk, and dot1q on another. >> >> >Please indicate me link where i can find a example of this configuration >? >> >> I would recommend dot1q everywhere. >> >> >Regards, Carmelo >> >> Rob./ >> >> _ >> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. >> FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=4280&t=3798 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]