From: Church, Chuck (cchurch@wamnetgov.com)
Date: Mon Nov 24 2003 - 23:30:39 GMT-3
Oh, well that's a different story. Can the MAN handle dot1q tagged frames back to the 6500? If so, maybe keep that MAN connection a trunk with 2 VLANs. One is the IPX VLAN, and the other would be a host-less VLAN that can be used for IP traffic between the 6500 and the VLAN interfaces of the 3550. The 3550 can then interVLAN route IP and filter if necessary. A 2500 tunneling IPX is going to choke after about 700 PPS since they're process switched. Probably not good for more than 2-3 MbitPS on average. I suppose you could always upgrade to NW 5x, do native IP, and eliminate all your Blaster/Slammer/Nachi/etc traffic :)
Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch@wamnetgov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40wamnetgov.com
> -----Original Message-----
> From: Mike Williams [mailto:ccie2be@swbell.net]
> Sent: Monday, November 24, 2003 7:04 PM
> To: Church, Chuck
> Cc: CCIELab@Groupstudy.com
> Subject: RE: Silly 3550EMI question
>
>
> Well, we're using 100Mbps and Gigabit Ethernet as the "WAN"
> connection.
> (actually MAN connection). So we're going to have one port
> on the 3550
> that's a routed port and the others are simply switched. We'd like to
> get rid of the other WAN connection (i.e the frame relay or PTP T1(s)
> we're currently using). So we could keep the "old" router there (and
> let it do IPX only) as the tunnel endpoint, then tunnel the IPX back
> through the 3550 using IP over the "MAN" connection back to the 6500s
> and terminate the tunnel there (where the 100Mbps/Gig MAN
> connects to).
>
> Mike W.
>
> -----Original Message-----
> From: Church, Chuck [mailto:cchurch@wamnetgov.com]
> Sent: Monday, November 24, 2003 5:04 PM
> To: Mike Williams
> Cc: CCIELab@Groupstudy.com
> Subject: RE: Silly 3550EMI question
>
>
> The 3550 doesn't have any WAN interfaces, so you must have a normal
> router there, right? Put that router's ethernet interface in a VLAN
> along with the IPX clients. Route IPX normally over the WAN, and let
> the 3550 and the router route IP between VLANs and to/from the WAN.
> This assumes both edge devices can route IPX, which they'd have to if
> you were going to tunnel it. Of course, if there's a bunch of routers
> involved, routing IPX might be tough.
>
> Chuck Church
> CCIE #8776, MCNE, MCSE
> Wam!Net Government Services
> 13665 Dulles Technology Dr. Ste 250
> Herndon, VA 20171
> Office: 703-480-2569
> Cell: 703-819-3495
> cchurch@wamnetgov.com
> PGP key:
> http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40
> wamnetgov.
> com
>
> > -----Original Message-----
> > From: Mike Williams [mailto:ccie2be@swbell.net]
> > Sent: Monday, November 24, 2003 5:11 PM
> > To: Church, Chuck
> > Cc: CCIELab@Groupstudy.com
> > Subject: RE: Silly 3550EMI question
> >
> >
> > Sorry about the confusion. No.... Imagine a small offsite
> (probably
> > 768Kbps frame or something) where the "old" PCs were
> running Win95 and
>
> > using both IP and IPX (IPX for connection to the Novell
> servers, print
>
> > servers, etc). We've moved over to Active Directory, and virtually
> > everything is IP, but there are still some lingering IPX clients,
> > printers, etc..... So essentially, we can't separate the
> IPX traffic
> > from the IP traffic as the clients and routers interface are in the
> > same broadcast domain. Most of the PCs are now WinXP and
> use IP only,
>
> > and virtually all of the printers have been given an IP address and
> > have print queues via AD, but there are those lingering that are
> > screwing up
> > the whole works.
> >
> > Any comments on the tunneling idea?
> >
> > Someone else suggested fallback bridging, so I went and
> read up on it
> > some on Cisco's website, but I don't know if I can utilize
> this. Any
> > input on that is welcome as well.
> >
> > Mike W.
> >
> > -----Original Message-----
> > From: Church, Chuck [mailto:cchurch@wamnetgov.com]
> > Sent: Monday, November 24, 2003 3:49 PM
> > To: Mike Williams
> > Cc: CCIELab@Groupstudy.com
> > Subject: RE: Silly 3550EMI question
> >
> >
> > Would you have IPX on multiple VLANs then at the remote site? That
> > would be bad. It'd have to cross the WAN twice to go between VLANs.
> >
> > Chuck Church
> > CCIE #8776, MCNE, MCSE
> > Wam!Net Government Services
> > 13665 Dulles Technology Dr. Ste 250
> > Herndon, VA 20171
> > Office: 703-480-2569
> > Cell: 703-819-3495
> > cchurch@wamnetgov.com
> > PGP key:
> > http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40
> > wamnetgov.
> > com
> >
> > > -----Original Message-----
> > > From: Mike Williams [mailto:ccie2be@swbell.net]
> > > Sent: Monday, November 24, 2003 4:36 PM
> > > To: Church, Chuck
> > > Cc: CCIELab@Groupstudy.com
> > > Subject: RE: Silly 3550EMI question
> > >
> > >
> > > LOL......... Well, problem is these little offsites are
> all in one
> > > VLAN (many of them have just a hub to connects to the
> router). What
>
> > > we thought of doing is leaving the 2500 there, and upon
> installing
> > > the 3550, setup a tunnel and send the IPX traffic across the
> > tunnel (there
> > > would be a 6500 on the other end of the tunnel). Doesn't the
> > > 6500 have
> > > the process switch all traffic to/from the tunnel interface? Just
> > > thinking about the reality of using that as a workaround.....
> > >
> > > Thanks!
> > > Mike W.
> > >
> > > -----Original Message-----
> > > From: Church, Chuck [mailto:cchurch@wamnetgov.com]
> > > Sent: Monday, November 24, 2003 10:14 AM
> > > To: Mike Williams; CCIELab@Groupstudy.com
> > > Subject: RE: Silly 3550EMI question
> > >
> > >
> > > Doesn't look like it. Didn't find anything about IPX other
> > than ACL
> > > support in the 12.1.14 config guide. Can't do IRB or CRB
> either on
> > > those switches, so looks like you're stuck. Maybe create
> a single
> > > VLAN at those sites for all the IPX devices, and when they
> > no longer
> > > need IPX, move them out of that VLAN to a routed IP-only VLAN.
> > >
> > > Chuck Church
> > > CCIE #8776, MCNE, MCSE
> > > Wam!Net Government Services
> > > 13665 Dulles Technology Dr. Ste 250
> > > Herndon, VA 20171
> > > Office: 703-480-2569
> > > Cell: 703-819-3495
> > > cchurch@wamnetgov.com
> > > PGP key:
> > > http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40
> > wamnetgov.
> > com
> >
> > > -----Original Message-----
> > > From: Mike Williams [mailto:ccie2be@swbell.net]
> > > Sent: Monday, November 24, 2003 10:32 AM
> > > To: CCIELab@Groupstudy.com
> > > Subject: Silly 3550EMI question
> > >
> > >
> > > Does the 3550 EMI support routing IPX? We bought a
> couple for some
> > > offsites and didn't realize until after we received them
> that these
> > > offsites still use IPX..... D'OH!!! Worse case, just keep
> > a 2500 at
> > > those sites or something...... LOL fun fun
> > >
> > > TIA,
> > > Mike W.
> > >
> > > ______________________________________________________________
> > > _________
> > > Please help support GroupStudy by purchasing your study materials
> > > from: http://shop.groupstudy.com
> > >
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:17 GMT-3