cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
580
Views
0
Helpful
1
Replies

FWSM before or after MSFC?

raycourtney
Level 1
Level 1

Hi,

I have a query.

I am using a 6500 with FWSM. I need to separate an internal server/HQ network from 3 or 4 different external connections. The external networks do not necessarily need to be isolated from each other.

I have the option of using a 3 layer model: L2 Access layer to SVIs on the Distribution layer and then L3 to the 6500.

Or.

L2 Access, connecting directly to the 6500s, with the SVIs on the FWSM.

Is it better to have the FWSM outside the MSFC or Inside?

Am i correct in thinking that "inside" vs "outside" is determined by whether the SVI's are configured on the FWSM or the MSFC?       

is there any performance impact from having the FWSM doing the routing instead of the MSFC.

If the vlans are all configured on the FWSM, what is the 6500 doing, other than providing switchports?

Thanks for your help. I find FWSM too confusing..

Ray       

1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Ray,

This engineer's view.

Think performance.

FWSM is an older platform with limited hardware comparing to today's networks' needs.

If you're going to push max of 1-2gb/s traffic without burts you might be OK with FWSM doing routing.

If traffic is bursty or you require more throughput between your internal vlans, well you should consider.

You can also go multicontext and make a hybrid design. ;-)

M.

Review Cisco Networking for a $25 gift card