It really depends on what you wanna do. If you just want to create LAN isolating different departments, I would suggest creating different vlans. So, i guess what you need is to create different vlans on the switches, trunk the switches & if the switches are L3, you could do inter vlan routing on them.
I would use routing protocols if i have good amount of routes, how many subnets are you talking about?
Could you explain in detail on what you wanna do?
We have about 20 to 30 subnets, we don't focus on isolating different department. We are more concerned about the performance and security management between switches.
If you have 20-30 subnets, you would need similar no. of vlans, configure the vlans on the switches (use VTP), trunk the switches together. If you just want to do intervlan routing & you have L3 switches, just create SVI for the respective vlans & enable "ip routing", that should take care of it. The connectivity b/w diff vlans can just be taken care by this & performance should be ok, as we are just talking about 20 -30 subnets.
I don't see a problem running dynamic routing protocols as well.
When you say security management b/w the switches, are you referring to run some kind of authentication b/w them when using routing protocols?
If you are thinking in that direction, I don't see any problems as well for 20-30 subnets.
Configuration is not my issue...Maybe it is better that I ask different way...in what suitation that we run dynamic routing protocol or VLAN trunking?
If you have 20-30 subnets & you are thinking to create the same no. of vlans, you don't really need to run routing protocols, if all you need is the communication b/w different vlans, intervlan routing would take care of it. The other thing I would like to point is that most of the network remains Layer 2 in this case as trunks would be carrying all the vlans. The other cons I see in this case is that one or two switches will be doing all the routing. If you don't have too much load on the those switches/routers, we should be good.
Now, coming to routing protocols, routing will be shared b/w the switches, all the L3 switches/routers will announce the respective subnets configured on them, so, all the routers/switches(l3) in the AS are aware of location of all the prefixes & based on that, they can choose a better path to go to a specific prefix rather than going to one or two L3 switches which are doing intervlan routing (using vlan trunking etc.). for these much no. of prefixes any one of the IGP routing protocols like EIGRP, OSPF would be good.
Well, they're kind of two different things.
Dynamic Routing lets you get data back and forth between different networks, and specifically it allows routers to tell each other about routes they know of.
VLAN trunking allows a device to carry data from more than one VLAN over a single connection.
I think what you're asking about might be the use of an actual router vs the use of a layer3 switch with inter-VLAN routing?
sorry I didn't make it clear...we have about 4 switches, that are support L2 and L3. 1) if running VLAN trunking, I would make the main switch configured as L3 (which is connected to the router), centralize all the vlan and the others are configured VLAN trunking to the main switch 2) If running dynamic routing on all the switches, the switch#1 manages vlan 1,2, and 3 and the switch#2 manages vlan 4, 5 and 6 and so on...Understand both ways are OK to implement, but what are the difference?
Ah, I think I see. Generally I have kept the routing simple by sending it all to one L3 switch, rather than trying to divide up the duties.
I think you're describing something like this, yes?:
Each switch has specific VLAN interfaces defined on it, and acts as the gateway for those VLANs. They use dynamic routing to tell each other about their connected VLAN routes, and all use the Router as default gatway. Sound right?
There doesn't seem to be anything wrong with that, although it's a pretty complex setup. If you're not really taxed on your bandwidth, then you might want to do it like so:
/ | \
/ | \
(Sw2) (Sw3) (Sw4)
If you can set it up that way, then you wouldn't need dynamic routes, just a default route on Switch1, VTP to tell everyone about the VLANs. You could use pruning to keep unecessary broadcasts from eating the bandwidth on the trunks. This also keeps you from having to have a bunch of different IP addresses on the sub-switches in order to have targets for routed traffic
It sounds to me like you want to do the following.
- Just have each switch in a separate management vlan from vlan1
- Have the default route by the router (If that's how you want anything that doesn't have a specific route to go)
- You can create separate vlan interfaces on switch1 if it's a L3 switch.
- You can then assign to clients IPs via DHCP with the vlan interface for each specific vlan as their default
- You can configuring the trunks how you want (manually prune or ust VTP prunting) I always like to do everything