From: James Ventre (messageboard@ventrefamily.com)
Date: Wed Mar 01 2006 - 13:05:46 GMT-3
> Many Cisco docs talk about L3 ACL's in the access layer so how else
>would this be accomplished?
It doesn't have to be L3 switch to put L3 ACL's on an interface. You
can put an extended ACL on a 2950!
James
Guyler, Rik wrote:
> I didn't say we wouldn't use L2 within the access layer. This design just
> does not extend the L2 domain up to the distribution layer where
> traditionally the L3 function takes place. The access layer could use just
> one of the switches to run L3 or a concentrator of sorts.
>
> We haven't worked out all the details as it's in a conceptual stage for us
> at this time so we're just kicking it around in a pro/con discussion right
> now. If Cisco is pushing this I have no idea but this design is not new.
> Many Cisco docs talk about L3 ACL's in the access layer so how else would
> this be accomplished?
>
> I see more and more intelligence being pushed down to the access layer so
> it's just a matter of time before this becomes mainstream design.
>
> Just my .02
>
> Rik
>
> -----Original Message-----
> From: Venkataramanaiah.R [mailto:vramanaiah@gmail.com]
> Sent: Wednesday, March 01, 2006 10:50 AM
> To: Guyler, Rik
> Cc: ccielab@groupstudy.com
> Subject: Re: To route or not to route.....
>
> I have not heard about this myself that Cisco is pushing L3 upto Access, but
> i can foresee few other issues in doing this..
>
> For eg., what will happen to the Voice network. Will you have one subnet per
> Access switch for IP Phones.. Guess this will become unmanageable if you
> have just a couple of IP Phones per closet. Same with Wireless APs, the
> wired side is usually on the Access switches.
> Vlan management for these services w/o L2 upto Distribution might become
> cumbersome..
>
> Just my 2 cents
> -Venkat
>
> On 3/1/06, Guyler, Rik <rguyler@shp-dayton.org> wrote:
>> Well, what I meant (sorry for not being specific enough) was to create
>> a
>> *second* link between switches and closets that all participate in a
>> single VLAN dedicated for RSPAN only. If you have extra fiber
>> pairs/copper between closets then this shouldn't be too expensive.
>> Might have to buy some media converters or other assorted hardware but
>> I think it's still a good solution. I would want to lab it up with 2
>> or 3 switches first though just to see what unexpected little
>> surprises may exist. ;-)
>>
>> Rik
>>
>> -----Original Message-----
>> From: Leigh Harrison [mailto:ccileigh@gmail.com]
>> Sent: Wednesday, March 01, 2006 9:40 AM
>> To: Guyler, Rik
>> Cc: 'ccielab@groupstudy.com'
>> Subject: Re: To route or not to route.....
>>
>> Hey there Rik,
>>
>> I'd had a thought about that and leaving one vlan for rspan
>> specifically, but the problem there is that on the uplink interfaces,
>> you have to throw in the commands: "no switchport, ip address 1.2.3.4"
>> which means that no vlans will be passed over!!
>>
>> LH
>>
>>
>> Guyler, Rik wrote:
>>
>>> Leigh, I haven't run into this but we're considering L3 at the access
>>> layer as well for future design. The problem I see is once you go
>>> with
>>> L3 you no longer have a path to really setup the RSPAN. What about
>>> creating a separate L2 link between all switches dedicated just for
>>> the
>> RSPAN session?
>>> I really like the L3 access layer design but it certainly makes
>>> things like this much more interesting... ;-)
>>>
>>> Rik
>>>
>>> -----Original Message-----
>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>>> Of Leigh Harrison
>>> Sent: Wednesday, March 01, 2006 7:48 AM
>>> To: FORUM
>>> Subject: To route or not to route.....
>>>
>>> All,
>>>
>>> I'm currently working on a design for a customer. Straight forward
>>> design with Access and a Core. 3750's in the access layer and a 6513
>>> in the core (yes there is only 1, but the customer already has it, it
>>> has dual sup cards and dual power supplies...) the 3750's are in
>>> stacks and there is dual gig links back to the core.
>>>
>>> I was at a Cisco seminar recently where Cisco said that the best
>>> practice is to route, rather than use spanning tree and switch,
>>> essentially turn off spanning tree. I'm quite happy to run either
>>> way, but I do have a
>>> question:-
>>>
>>> We are running VoIP on the network and there is call recording
>>> software going in. This needs to have the ports of the gatekeepers
>>> span'd to it so that it can do the recording. If I'm routing my
>>> network, what are the options for accomplishing this if my
>>> gatekeepers are not connected to the same switch?
>>>
>>> I presume that someone out there has run into a similar issue, so any
>>> insight would be greatly appreciated.
>>>
>>> Best Regards
>>> LH
>>> #15331
>>>
>>> _____________________________________________________________________
>>> __ Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>> _____________________________________________________________________
>>> __ Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>> ______________________________________________________________________
>> _ Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:37 GMT-3