[c-nsp] Migration to Layer 3
Alexandra Alvarado
aaaa at telconet.net
Sun Nov 7 11:27:15 EST 2004
Thanks for the answer!
My problem is that I allways have the risk that a client network goes down
my network. Today ocurred again, An employee conected a new client to the
network on a port that has the config like this:
interface FastEthernet0/21
description F/O NewClient
switchport access vlan 987
switchport mode access
switchport nonegotiate
ip access-group 135 in
service-policy input policy_portNewClient_in
service-policy output policy_portNewClient_out
storm-control broadcast level 5.00
storm-control multicast level 5.00
no cdp enable
arp timeout 1800
spanning-tree portfast trunk
spanning-tree bpduguard enable
spanning-tree guard root
end
And for any error the port had not the next commands:
switchport port-security
switchport port-security mac-address 0011.93bc.2045
And the all networks goes down.
I think could be "mac overflow" but I'm not sure, The bandwith utilization
for that port only had a peak of 16KB (MRTG Graphs) . That's why
I think moving to layer 3 I can avoid this kind of problems and for some
clients I not have problems, but now I have in the metro ethernet some
clients with 802.1q configured. Example I have clients that has too many
presence points in differents parts of the city, and all of its has a same
VLAN ID. I have catalyst 3550 on the backbone, so I think I could migrate to
VRF in a transparent mode for the clientes.
But when a read about VRF, the requirement was: a CE, a PE and a router. I
only have in the backbone too many catalyst 3550, but NOT switches 6000. So
I need to use VRF in this environment. The example in the manual of Csco
3550 is too complex and require at least 6 switches and one of that is a
6500 switch. I only have a lab with 2 switches 3550. Can I configure in
this 2 switches a VRF session or how many switches 3550 I need at least?
Can somebody help me with a simple example of VRF Config. or any link that
could help me?.
Thanks.
Alexandra Alvarado
----- Original Message -----
From: "Saku Ytti" <saku+cisco-nsp at ytti.fi>
To: "Alexandra Alvarado" <aaaa at telconet.net>
Sent: Friday, November 05, 2004 7:04 AM
Subject: Re: [c-nsp] Migration to Layer 3
> On (2004-11-04 18:38 -0500), Alexandra Alvarado wrote:
>
> > I have a big network witch around 50 cisco switches 3550; 20 cisco
switches 2950 and 10 non cisco switches, I use for to have loop free the
MSTP Protocol, and for to manage diferents VLANS 802.1q. I think is time to
migrate to layer 3, but; my problem is:
>
> 2950 doesn't do L3.
>
> > 1) How to migrate to layer 3 do it in a transparent mode?
>
> Move one customer at a time to L3.
>
> > 2) I don't want to change the configuration 802.1q with some of my
clients. Or how to do to coexist layer 2 and layer 3?
>
> Yes, with 3550 you can have L2 and L3 interfaces in same box at the same
> time.
>
> > 3) Can protocols like SVIs, L2TP, VRF could help me to work with layer 2
and 3 on the switches at the same time?
>
> L2TP isn't supported on 3550 or 2950. Only 1 SVI is supported on 2950, for
> management. And VRF is only supported on 3550.
>
> Before diving in to this, ask yourself what are the problems you're trying
> to fix with the migradation, how much do they problems cost you money
> and how much does the L3 migradation cost.
>
> --
> ++ytti
More information about the cisco-nsp
mailing list