The only factor that would prevent me from configuring ALL the vlans on the switch is changing some of the wiring so that whatever is connected to the FastEthernet interfaces gets connected to the 3560X switch. As long as the vlans are configured correctly and the trunks configurations allow only the appropriate vlans, do you foresee any issues with moving all vlans to the switch?

Note that a couple of those vlans are for web services. There are access lists configured in the C3825, which keep that traffic isolated and which will need to be also transferred to the switch.

 As long as the vlans are configured correctly and the trunks configurations allow only the appropriate vlans, do you foresee any issues with moving all vlans to the switch?

Do you mean trunks to other switches ie. not the router because if all vlans are routed on the L3 switch you don't need a trunk to the router.

Or are you talking about still routing some vlans on the router ?

No I don't see any issues as that is what L3 switches are used for.

Jon

Do you mean trunks to other switches...

Yes. Trunks to other switches. I will also potentially have trunks for servers connected to the 3560X that have to allow more than one vlan

Okay, then there should be no problem.

As for the trunks to the servers see your other post.

Jon

Part of the info that I didn't include in my initial post (mainly to keep things simple) is that there's a Barracuda webfilter 410 between the 3825 and 3560X. Whoever implemented this, thought it was a good idea to have a device with an interface that maxes at 50Mbps right in the middle of the core of the network. Because of this, I can't move all the VLANs to the 3560X at once. I want to move some of the vlans that have lighter traffic and let the 3825 handle a couple of the vlans that deal with external web traffic and that can potential have higher traffic rates. I'm including a partial diagram of the layout I'm considering.

Questions:
1.  If I move three vlans to the 3560X, how do I have to modify the interface or routing table configuration in the 3825 so it forwards the traffic for those vlans to the 3560X  

2. These are the configs (in general) that I plan to implement in the 3560X

2.1 Enable routing on 3560
ip routing

2.2 Configure vlans IPs in 3560
interface vlan6
ip address [vlan ip] [vlan mask]
no shut

Repeat for every vlan

2.3 Configure interface to 3825
int g0/48
no switchport
ip address [switch ip] [switch mask]
no shut

2.4 Configure default route for 3560
ip route 0.0.0.0 0.0.0.0 [router ip]

I'm assuming that the static route that outline above will be enough to allow the 3560X to forward the traffic for the VLANs that it is not managing. Do I have to configure this static route to be tied to the interface that is connected to the router? I believe this is a global command, but this scenario may consider it otherwise.

As you can see in the diagram, there's a Cisco 2960X that is connected to the 3560X and that the web servers are connected to. This is to facilitate traffic between the VLANs and the WEB VLAN. With the 3560X doing the intervlan routing, the traffic to the WEB VLAN will go to the 3825. This may or may not be a desired result. So is there a way to direct traffic from VLANs 10, 20, and 30 to go through the trunk to the 2960X?
At some point the Barracuda web filter will be out of the picture. At that point all the VLANs will be routed in the 3560X

One other thing.

You mentioned acls on the router.

If these acls are just normal acls applied to a L3 interface then it should not be a problem.

If they are reflexive acls then I doubt the L3 switch will support them.

Jon