Right now I am going back and forth with a coworker on this issue - use ip secondary or use vlans.
Can anyone provide me information regarding the pros and cons of both? Right now we have a 4006 switch and a 3550 router.
Thanks for any information!
Thanks for teh info. we currently have a 4006 with a sup2. would that work with vlans ok? my coworker is saying i would need a sup4 to properly use vlans.
Your SUP will support VLANs just fine.
Back to your original question.
If you go with VLANs you are creating broadcast domains for each VLAN, so in order to talk to a server/host in another VLAN the traffic will be routed NOT layer 2 switched. This is beneficial because you can control traffic at Layer 3 and 4 with ACLs, and broadcast domains are generally smaller. Also packet sniffing is isolated to the VLAN.
If you go with just using secondary addresses then every one is still on thes same broadcast domain and the only thing that seperates them is the IP header in the packet. If a user plugs in a sniffer he will capture all broadcast/multicast/unknownunicast information (assuming all switches) transmitted on the network.
Also like mentioned in a previous posting there are potential routing problems when using secondary addresses.