05-11-2008 12:29 PM - edited 03-05-2019 10:53 PM
Hi Friends,
I have a doubt, if it seems very simple question plz forgive: )
I have a LAN setup with few cisco 3750 switches, where i am using VTP mode as Transparent.
What will happend If i create a L3 Vlan SVI interface with out creating L2 on the switch.
What is the difference in creating L3 Vlan with L2 and with out L2 ?
Please can any one take some effort to brief me about this..
Thanks a lot
Regards
Jacob
05-11-2008 12:52 PM
The idea of creating a VLAN is to segment a larger network to smaller chunks or breaking it to smaller broadcast domains. What type of VLAn (L2 or L3) you want to create is based on what you want to achieve.
Sometimes you may have single subnet available for the VLAN but want to segregate domains based on floors or departments. In such case, L2 vlans are appropriate.
in other cases, you may have multiple subnets available for multiple environmnts (production, test, development etc). Such cases are good for L3 types.
when you cretae L2 vlan, you are good to go by just assigning ports to vlans.whn you cretae L3 vlan, you first need to assign IP add to SVI & if there are multiple L3 vlans spanned across multiple switches then its advisable to run routing protocol & advertise teh subnets for communication. Also take care of STP configuration while you add switches to topology. For easier management of VLANs its good to have a vtp running as in your case.
05-11-2008 01:38 PM
Thanks for the reply.
As I mentioned, in my network I have few 3750 as the Edge switches which is connecting to the core 6509E Switch. For Security purpose i have divided the network in to three different Layer-
Layer 1
I have a Internet connectinng router, outisde directly connect to ISP - Inside of the router directly connect to NetScree FW.
Layer 2
Cisco ASA Box which has 3 dmz interface + one Inside, Outiside.Outside connects to L1 Netwscreen Firesall and Inside connects to 6509E Switch with FWSM Module.
Layer3
FWSM Module connects to the secure inside area of my Server Farm, Application/Database
servers.
What I am doing is I have created different Vlans for different DMZ Zone and small routing Vlan that will do the routing between these Zones. Also I would like to access all the devices through one management Vlan. I will not be adding any port as the memebr of my Mangement Vlan, i just need an IP to access the device only. In this case will it work if i create only L3 Vlans at each Zones and enable static / default ip routing on all zones.
Kindly let me know if any part of the query seems confusing for you...
Thanks in advance
Regards
Jacob
05-11-2008 02:49 PM
HOW MANY TIMES ARE YOU GOING TO POST THE SAME QUESTION? Please use ONE thread.
Thanks
Victor
05-12-2008 03:47 AM
Sorry Victor, there was some problem happend in my Browser, i think i have clicked multiple time, thats why it came 3 time. I have tried to unsubscribe but dont know why its not reflected.
Sorry for the inconvenience.
regards
Jacob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide