Showing results for 
Search instead for 
Did you mean: 
Join Customer Connection to register!

Private vlans and 2900

I have 6 Microsoft IIS servers with 2 NIC's in each server. The two NIC's are for redundancy. The active NIC broadcast a layer 2 broadcast every 2 seconds so the inactive NIC will see the active NIC is operational.

Since this broadcast traffic is killing my network, I would like to implement private vlans for each server. Each IIS server's broadcast will be isolated from each other and from the users too.

1st - Is this the correct use of private vlans?

2nd - will a Cisco catalyst 2924 switch support private vlans?

3rd - If not, which switch model should I use?

TKs for looking

Cisco Employee

1. Private VLANs is intended to keep servers from talking to each other but being able to talk to promiscuous ports.

2. Yes, but it is limited to Isolated (Edge) private vlans. In other words, it can only prevent two ports from talking to each other on the same switch.


Am I thinking wrong - reading wrong - or calculating wrong? Here is what I am thinking. If you are using 10M ehternet, that means that in 2 seconds the total bandwidth is 20,000,000 bits. If the hello packets are 100 bytes (I grabbed that numer out of the air and is probably high) then each update is 800 bits. 800 bits per update times 6 servers is 4800 bits in 2 seconds. This amounts to .024% of your total bandwidth. I don't think that this is what is "killing" your network. Am I wrong? Comments please.


What device is your LAN now - a switch or hub? How many ports? What protocols besides the Broadcasts are running on the lan? I'm with fsevera - hello packets from 6 servers should in NO WAY be "killing" your network; unless the hello sequence is somehow causing interupts or otherwise causing the servers to grab hold of the network. Still, in a switched environment, next to impossible...


OK let me clarify a little more - It is not just the 6 IIS servers broadcasts killing the bandwidth, it's the amount of devices on the network. I have a 1000+ "subnet mask of /22" devices on the same 100Mbps vlan, running DHCP, IIS servers, multicast ver 1 and several other items. Most users are 10Mbps but a good number of workstations and all servers are set to 100/Full all on several 2924 switches connected together in not the most user friendly way. I just wanted to lower the amount of traffic to and from the servers as the first part of lowering the total amount of broadcast on the same vlan. I do agree, 6 IIS server by themseleves will not down the network but start adding many other variables and it's anybodys guess. I do thank you for the responces!! My main question way about Private Vlans.


Content for Community-Ad