04-13-2022 03:31 AM - edited 04-13-2022 04:56 AM
Hi all...
Solved! Go to Solution.
04-20-2022 03:47 AM
Hi
Sorry about the delay. And sorry about criticizing you solution, I know public sector have some delay when it comes to update technology. But it is ok. At least you have Cisco switches.
Well, firstly I´d like to say that looking your topology and considering that you have one stack of 4 switches (Distribution) connected to 4 stack of 2 switches (Access) , you dont have risk of loop. And that´s a good thing. You would have loop risk, if you interconnect the stacks with 2 switch (Access). If I understood correctly, each access stack has 4 interfaces connecting to the distribution stack (on per switch maybe?).
As we are talking about stacks, this means that the 4 switches stacks represent, after all, one single switch. Which means, your logical topogy is one switch connected to another switch using 4 cables. If you group those 4 cables in on port-channel, you can have (considering 100 Mps interface) 400 Mbps uplink. But, If do not use channel, then, 3 interfaces will be blocked by spanning-tree and you are wasting 3 cables for each stack.
That´s make sense?
About the Spanning-tree.
Well, as you said, MST overcome your Vlan limitation and yes, as you are using stacks, you can use one Region and one Instance, with no problem.
04-13-2022 04:52 AM
I can´t see any image attached. But,MST must solve the limitation problem although will add complexity if you had to divide in multiple regions.
and Yes, you assumption seems to make sense. Honestly I never had to create 129 vlans in one switch to be sure about the behavior.
However, I can´t imagine why you need 128 VLANs in a switch. Considering the idea of vlans is segmentation and the switch has 48 ports top, two switch on the stack you have 96 ports. I mean, you have 2 vlans for each port on the access switch.
I know you did not came here for me to judge your topology, sorry for the comment, but I need to advise you that you need to start think of move to a new solution. STP,MST,etc is all old stuff, the same as 3750.
If your critical requirement is segmentation at all cost, there are better solution for that.
04-14-2022 02:08 AM - edited 04-14-2022 03:29 AM
Dear Flavio thanks for your reply
Firstly: about using mst, you said that it will be complex if I create more than one region but what about using one region... I mean making all networks (all switches) in one region ... actually, I was intending to do that .. grouping all switches access layer and distribution layer in one region so if I do that is there will be any problem?
secondly: about 129 VLANs I know it's a weird thing but this is due to my work type. I'm working in a datacenter belonging to a governmental company where we have a lot of governmental projects so we made one VLAN per project for segmentation as you said
I know that our stuff is old whether switches or technology but I have to treat with that at present until new hardware be available
I hope I was able to convey what I mean to you
notice: cisco 3750 switch is 24 ports, not 48
Best Regards.
04-20-2022 01:19 AM
Any help!
04-20-2022 03:47 AM
Hi
Sorry about the delay. And sorry about criticizing you solution, I know public sector have some delay when it comes to update technology. But it is ok. At least you have Cisco switches.
Well, firstly I´d like to say that looking your topology and considering that you have one stack of 4 switches (Distribution) connected to 4 stack of 2 switches (Access) , you dont have risk of loop. And that´s a good thing. You would have loop risk, if you interconnect the stacks with 2 switch (Access). If I understood correctly, each access stack has 4 interfaces connecting to the distribution stack (on per switch maybe?).
As we are talking about stacks, this means that the 4 switches stacks represent, after all, one single switch. Which means, your logical topogy is one switch connected to another switch using 4 cables. If you group those 4 cables in on port-channel, you can have (considering 100 Mps interface) 400 Mbps uplink. But, If do not use channel, then, 3 interfaces will be blocked by spanning-tree and you are wasting 3 cables for each stack.
That´s make sense?
About the Spanning-tree.
Well, as you said, MST overcome your Vlan limitation and yes, as you are using stacks, you can use one Region and one Instance, with no problem.
04-24-2022 01:49 AM - edited 04-24-2022 01:50 AM
That's right
now I'm using etherchannel and grouped 4 interfaces into one interface so I can use the full bandwidth.
I'm curious about knowing how new technology will treat that.. or How would this be useful in this case ??
so if you don't mind please explain to me this point
thanks you again
I really appreciate your efforts ...
04-24-2022 02:35 AM
The Etherchannel does not change any kind of spanning tree bahavior. The different is that those 4 interface will be seing as one interface. For example, if you config another etherchannel with 4 interface on the same access switch and connect it to the core switch, the spanning tree will block on etherchannel to prevent loop. Which means, the behavior is the same.
This is the right devision to make. The previous scenario does not make sense as you will be sacrifycing 3 interfaces for nothing.
04-24-2022 03:48 AM - edited 04-24-2022 03:51 AM
yes, of course, I'm already applying this scenario
I know that etherchannel doesn't change stp behavior
as shown in the attachment you'll see stp details for VLAN 6 on Dis stack and po6 which is connected to access stack is Desg
and the other image shows channel-group 6 which 4 interfaces
what I meant is how new technology treats with 128 max instances .. how new technology treats that problem generally
as you said " If your critical requirement is segmentation at all cost, there are better solutions for that. "
I'm wondering what is a better solution you mentioned
04-24-2022 04:07 AM
MST does not consider a per vlan scanerio and it creates the concept of Instances and Regions. But the loop prevention mechanism keep working, that´s what matter.
About better solution, well, this will require better devices as well.
We can think about Layer 3 switches with Layer 3 uplinks (Which does not requires Spanning tree) and you can use routing protocol to forward traffic among them. You can use VRF to isolate one kind of traffic from the other and you can also use Access List to permit or deny any kind of traffic.
Ultimatly, you also have the brand new SDA concept, which requires DNAC and ISE where you can segment you network extremelly.
04-24-2022 04:21 AM
Wonderful!
that really seems good
I'm really thank you and I'm very glad about this discussion
I wish you a nice day
thank you a lot, Flavio Miranda
04-24-2022 04:39 AM
You are welcome!
I glad I helped some way.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide