[c-nsp] PVLANs in a Hosting Environment

TCIS List Acct listacct at tulsaconnect.com
Fri Feb 26 08:43:09 EST 2010


Matt,

We looked at doing this ourselves a few years back.  We decided to push L2 
responsibility down to the customer rack and do all L3 at the distribution 
layer.  We use the venerable WS-C3550-48-EMI switches for this duty, and they 
have been rock solid for years.  We did have a few customers complain at first 
that they were now required to buy a switch whereas we provided L2 beforehand, 
but this was a minority of customers and it has since turned out to be a great 
decision.  We are now looking at our upgrade path from the 3550's to the next 
generation that supports IPv6 and all Gigabit ports, etc.. (looking at the 
3750G's, Juniper EX series, and Foundry FESX-PREMs)

Matthew Melbourne wrote:
> Hi,
> 
> We are investigating options to provide a "VLAN-per-customer" within a
> hosting environment. Inside each VLAN could be hosting services, e.g.
> hosted web servers, AD, Exchange (etc). In order to maximum the number
> of supported VLANs, then the use of Private VLANs has been raised.
> However, although L2 isolation is desirable between customers
> (effectively a PVLAN community), there may be a requirement to
> communicate at L3 (e.g. one customer accessing the web site of
> another). A classical VLAN per customer would utilise more address
> space than a PVLAN and would require an SVI per customer. What do
> others do in this type of environment? We would want to offer
> additional services going forward, e.g. firewalling/load-balancing
> which may have implications for PVLAN awareness. A number of services
> may well be hosted within a virtual environment, and it is my
> understanding that all devices need to support PVLANs including
> virtual switches within any VMware/HyperV-like server environment?
> 
> Cheers,
> 
> Matt
> 

-- 

-----------------------------------------
Mike Bacher / listacct at tulsaconnect.com
TCIS - TulsaConnect Internet Services
http://www.tulsaconnect.com
-----------------------------------------


More information about the cisco-nsp mailing list