RE: One port in more than one vlan

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Tue Sep 02 2003 - 17:30:05 GMT-3

• Next message: phase90: "Re: Blaster Worm Problem"
• Previous message: MADMAN: "Re: One port in more than one vlan"
• Maybe in reply to: emad: "One port in more than one vlan"
• Next in thread: boby2kusa@hotmail.com: "Re: One port in more than one vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Emad,

        You can accomplish this with private vlans. Configure the ports
connected to the three sites as isolated ports, and configure the ports
connected to the servers as promiscuous ports. This is a very bad
design, but it will work. As Dave said, it's a real waste to have a
powerhouse like the 4500 switching a flat network.

See the following link for config details:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_19/conf
ig/pvlans.htm

HTH,

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-334-8987
Direct: 708-362-1418 (Outside the US and Canada)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Charles Church
Sent: Tuesday, September 02, 2003 2:47 PM
To: emad; ccielab@groupstudy.com
Subject: RE: One port in more than one vlan

Can't you use a port ACL on the layer 2 switch port, like on a 2950 or
3550?
I think the 4507 can only use a Sup 4, right?

Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch@wamnet.com
PGP key:
http://pgp.mit.edu:11371/pks/lookup?search=chuck+church&op=index

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
emad
Sent: Tuesday, September 02, 2003 2:24 PM
To: ccielab@groupstudy.com
Subject: One port in more than one vlan

Folks,

I'm facing a situation here with one of my customers,
I have a core switch 4507 connected to three sites through Giga port and
fiber cables in between all are common in one subnet 172.30.16.0/21 and
there is no configuration at all on any switch even the core , and they
have one broadcast domain, I need to prevent the IPs of each site from
talking to other IPs in other sites except the IPs of servers connected
directly on the core switch which are in the same subnet and broadcast
domain , the customer don't want to redesign his subnets again to make
each vlan with one subnet dedicated and routing of course (inter-vlan
routing) will be held on the core , how can I achieve the above purpose
within the same subnet range all over the sites?
Please advice

• Next message: phase90: "Re: Blaster Worm Problem"
• Previous message: MADMAN: "Re: One port in more than one vlan"
• Maybe in reply to: emad: "One port in more than one vlan"
• Next in thread: boby2kusa@hotmail.com: "Re: One port in more than one vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:22 GMT-3