That is what I have been doing using 6506 and 6509. Some people have
advised that the switch with an external and/or DMZ vlan should not have
any internal vlan for security reasons and I have followed that advise.
Anchi
-----Original Message-----
From: Brian DeFeyter [mailto:bdf@gospelcom.net]
Sent: Friday, December 21, 2001 10:41 AM
To: cisco-nsp@puck.nether.net
Subject: Switching Advice
I'm wondering if anyone could provide some advice wrt catalyst
connections between routers, firewalls, servers etc...
I'd like to get around having to spread out multiple switches (ie: one
between routers, between firewalls, each firewall's interface, etc...)
Has any setup something up similar with a larger 4/5/6000 series
catalyst using VLANs to segment these portions? There'd be a lot of back
and forth (ie: a packet might travel like:
routers -> switch -> firewalls -> switch -> load balancers -> switch ->
servers, etc...
where the connections are all cabled back onto the same switch, but
segmented from each other only by VLANs)
Is this a bad idea? Would I be looking at any performance degregation?
I'd have a lot fewer switches to manage. ;)
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:58 EDT