Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
535
Views
5
Helpful
1
Replies

Creating a Management-only VLAN & using QOS

lacox3131
Level 1
Level 1

‎04-30-2008 07:38 AM - edited ‎03-05-2019 10:42 PM

Are there any folks on this forum using Management-only VLANs with QOS?

We are seriously looking into doing this, not only for management of our Cisco switches but for security purposes,

and maybe combine it with QoS to make management a littel more robust.

Like a lot of folks we suffered thru the

nightmare memories of Slammer. And since our network was eaten up by the

worm, network management of our devices was pretty much a bust. So we are

looking at dropping in a management VLAN across campus and maybe giving that Mgmt

VLAN a high priority slot in QoS. Hopefully, this would allow us to

continue managing the network in the event of another Slammer level attack -- assuming that some sort of QoS scheme really works :-)

So I am curious to know if anyone else doing this now or are planning to do this in the near term. If so, has it been worth the move? What type of unforeseen problems spanning-tree(if any) did you run into? And is there a useful URL on setting this up?

Any thoughts?

Thanks.

Labels:
0 Helpful
1 Reply 1

a.cruea1980
Level 3
Level 3

‎04-30-2008 08:25 AM

A useful url:

http://www.cisco.com/univercd/cc/td/doc/solution/esm/qossrnd.pdf

That is a really big QoS file on setting up QoS properly. Basically, it states what your Management traffic should be at (DSCP 16 or CS2), which is one step over your bulk data. And actually, that document also mentions about worm mitigation (although I haven't gotten through the entire thing, I can't tell you what it says completely).

Customers Also Viewed These Support Documents
Top