- Posts: 350
- Thank you received: 0
Cisco Catalyst 3550 VLAN Routing
19 years 3 months ago #9499
by jwj
-Jeremy-
Replied by jwj on topic Re: Cisco Catalyst 3550 VLAN Routing
It took a bit of reading around this site and the web, but I finally get it. The part that confused me was that frames egressing an access port are still untagged, which made me think "How will it be known that this frame is still are part of this vlan?". However, I realized that the forwarding decision is done while ingressing into the access port. That is, if it is an untagged frame, the frame will be classified as the same vlan as the PVID, and therefore the forwarding decision will be looked up in that vlan's forwarding database. So when the frame is egressing from the port, it doesn't need a vlan tag because it already "knows" where it will go, since the forwarding decision has already been made.
Of course, if I'm still missing something, please correct me.
Of course, if I'm still missing something, please correct me.
-Jeremy-
19 years 2 months ago #9878
by DaLight
Replied by DaLight on topic Re: Cisco Catalyst 3550 VLAN Routing
I've got a similar problem to lotus-eater. I've got an internet router (in this case an IPCOP Firewall). Instead of a CISCO 3550, I've got a 3COM 3226 Layer 3 switch. In addition, I want to create up to ten VLANS which can all access the internet via the IPCOP but can't see each other.
Now the IPCOP will be providing DHCP services as the 3226 can only relay DHCP. I don't need specific commands, but I want to find out if what I'm trying to do can be achieved with the hardware available. As a bonus, if anyone with 3COM experience has the required commands, that would be great. (Note that I require the IPCOP to be able to provide DHCP services to the PCs in the 10 VLANS)
To recap:
[code:1]
Internet -> IPCOP Firewall (providing DHCP) -> 3COM 3226 Layer 3 Switch (with 10 VLANs) -> PCs hanging off the VLANs[/code:1]
Now the IPCOP will be providing DHCP services as the 3226 can only relay DHCP. I don't need specific commands, but I want to find out if what I'm trying to do can be achieved with the hardware available. As a bonus, if anyone with 3COM experience has the required commands, that would be great. (Note that I require the IPCOP to be able to provide DHCP services to the PCs in the 10 VLANS)
To recap:
[code:1]
Internet -> IPCOP Firewall (providing DHCP) -> 3COM 3226 Layer 3 Switch (with 10 VLANs) -> PCs hanging off the VLANs[/code:1]
19 years 2 months ago #9888
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: Cisco Catalyst 3550 VLAN Routing
Dalight,
Your 3com switch does support some type of access lists, which means you will be able to restrict traffic between ports/vlans.
I've managed to find a data-sheet for it, you can download it for a full spec. overview at : www.3com.com/other/pdfs/products/en_US/400842.pdf
Hope this helps.
Cheers,
Your 3com switch does support some type of access lists, which means you will be able to restrict traffic between ports/vlans.
I've managed to find a data-sheet for it, you can download it for a full spec. overview at : www.3com.com/other/pdfs/products/en_US/400842.pdf
Hope this helps.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
19 years 2 months ago #9893
by DaLight
Replied by DaLight on topic Re: Cisco Catalyst 3550 VLAN Routing
Thanks for that Chris.
18 years 6 months ago #14667
by taq
Replied by taq on topic Re: Cisco Catalyst 3550 VLAN Routing
From this example if the switch is connected to a firewall than to the Linksys router, do we need to do a static route for each VLAN in the firewall?
Thanks.
Thanks.
Time to create page: 0.135 seconds