How to span vlans across core layer in core/distribution/access campus design?

Similar Messages

• Spanning vlans across access switches in distribution block.... please help

  Hi All
  Can someone please explain why Cisco states that in a Campus Hierarchical modle if Vlans are spanned across Access switches in a distribution block, then the Distrubution to distribution link should be Layer 2. Is this really necesary or just a recommendation, and if so why? Can't this link be a L3 link when spanning vlans across Access switches in distribution block, as I understand the benefit of having a L3 distribution to distribution link so that SPT is avoided.
  Please help

  Hello,
  The cisco recommended design is L3 links, but these is only possible if you have no vlans you need to span over the hole network.
  It depends on your topology or what you want achieve.
  If you need for one or more vlan's spanned the LAN, you need to use a layer 2 connection between all switches and between distribution too.
  In my company we have for example a few vlans for restricted areas, like device management or else, so we can't use L3 Links in the distribution area because these vlan's are terminated at the firewall. I think these is good thing.
  I would recommend you if you don't have to span one or more vlan's across the network to use L3 Links, specially in the case of redundancy way's. So you need no spanning-tree, but need to use other protocols like GLBP or else. The works faster and are not so confusing (for some people) as STP.
  best regards,
  Sebastian

• Span VLANs across switches

  VLANs are new to me so please forgive me -
  We have 5 Cisco sg500x switches. We need to create two vlans across some or all of the switches.
  I have been successful in creating vlan1 on one switch and excluding and including ports to segregate traffic. My problem is I can’t get the other switches to see vlan1 that was created on the original switch. I have enabled gvrp on all switches and ports assigned to the vlan but no luck in getting vlan1 devices to communicate across switches. How do I make this work? I think my main problem is creating uplink ports between the switches to carry the vlan across.
  How do I go about spanning vlans across the switches?
  Many thanks

  Thanks Robert I think that has got me a bit further in that I'm not getting VLAN MISMATCH error any more. I believe it was because the trunk ports were marked as untagged.  I still don't feel I understand the NATIVE VLAN concept or how to set it. If I have the default VLAN(1) and I have the VLAN I am trying to span across two switches (VLAN2) do I then need a 3rd VLAN to be the native for either end of the trunk between the two switches? Anyway this what I've done in more detail -
  On Switch 1
  Create VLAN 2: VLAN ID 2
  Set port 2 as follows: Default VLAN1 = forbidden, VAN2 = trunk, tagged
  Set port 3 as follows: Default VLAN1 = forbidden, VAN2 = access, untagged
  On Switch 2
  Create VLAN 2: VLAN ID 2
  Set port 2 as follows: Default VLAN1 = forbidden, VAN2 = trunk, tagged
  Set port 3 as follows: Default VLAN1 = forbidden, VAN2 = access, untagged
  With rj45 connect port 2 on both switches to each other. Clients connected to port 3 on both switches cannot ping each other across the trunk.
  Seeing this in the logs:
  Warning: %STP-W-PORTSTATUS:gi1/1/2: STP status Forwarding
  IP info:
  Default VLAN1 on 172.16.1.0/21
  VLAN2 on 172.16.40.0/21
  Any suggestions or areas to investigate would be helpful however obvious they may seem to anyone as this is my first effort with a Cisco. Thanks

• Multiple VLANs through to layer 2 switch

  So long as each switch supports VLANing (which most manageable switches do), then yes. Some model numbers on the switches would help here though to be sure.
  Also, keep in mind that assigning VLANs is a layer 2 function, not layer 3. So long as you tag the VLANs you need to pass between the switches on the feed ports between them, you should be able to have them running without issue.
  Could you provide a little more detail as to what you're trying to accomplish so that we can better advise you how to proceed?

  Hello,
  Is it possible to send multiple vlans across a layer 3 dell powerconnect to a Meraki layer 2 switch and configure the ports to access the different vlans? 
  Is it also multiple vlans across a layer 3 dell powerconnect to a layer 2 dell powerconnect switch and configure the ports to access the different vlans? 
  I've been playing aound with this and I can't seem to get it done.
  Thanks for any help in advance.
  This topic first appeared in the Spiceworks Community

• Creating Vlans at Core layer switches ?

  Is there a need to create vlans at core layer switches ? If yes what are the pros and cons for this practice ?
  Actually i have seen some networks doing that!

  Well this is the topology that i'm working on.
  we have implemented the 3 layer approach.
  1. At access layer: Switches are all L2 (for sure :) )
  2. At distribution layer: All switches are L3 are routes for incoming data.
  3. At core we have 2 6500 switches. One is configured as L3 and all vlans are created in it. Second is just as regular L2 device.
  and ofcourse there are some switch blocks for server farms and the likes.
  My issue is
  1. why don't we create vlans at distribution layer switches.
  2. Why one core switch is acting as L2 and other is acting as L3. What will happen in case of failure to the one acting as L3.
  Ps: the second issue just came up in my mind.

• Creating multiple vlans across multiple switches

  Hi All,
  How should I create multiple vlans across multiple switches?
  For instance, I have two (primary/redudant) layer 3 (core) switches and four layer 2 access switches (Cisco 2960) for the hosts, and given these are the vlans/subnets to be created. Should I do it in the core switches only and it would just propagate through the access via VTP?  Just trying to practice and learn.. Any help will be greatly appreciated:)
  VLAN 100: [DHCP-workstations]
  172.26.4.0/24
  172.26.5.0/24
  VLAN 200: [Servers]
  172.16.1.0/24
  172.16.2.0/24
  VLAN 300: [Printers]
  192.168.129.0/24
  192.168.130.0/24
  VLAN 800: [Management for switches/routers]
  10.160.1.0/24

  Hi
  You will have the SVI on the core. Set a VTP domain, make one of the cores as VTP server and rest of the switches as VTP clients. Once you do this, you won't have to login into each switch and create a vlan locally. The vlans will be automatically advertised from the VTP server to all the VTP clients.
  Thanks
  Ankur
  "Please rate the post if found useful"

• Extending VLANs across routed interfaces

  Hello;
  I'm trying to create a L3 core network. The core equipment will be Cisco 3750 enhanced. My idea is make each link between core 3750 a routed interface, with /30 IP addresses.
  The problem is the customer needs some VLANs extended across the full enterprise. Is there any way to encapsulate the VLAN inside routed interface?
  Thanks in advance.

  I realize this thread is 5+ years old, but I feel like commenting anyway.
  If you want to encapsulate the vlan across that link, you won't be able to use routed interfaces.  You will need to use a layer 2 trunk(dot1q).  Therefore, I wouldn't bother with the /30 addresses unless you want to monitor that specific link by IP.  In that case, use a special VLAN just for those two interfaces and put your /30 addresses on the vlan interfaces.
  If you want fast fail over on a layer 2 link, well then, use Rapid STP.  The goal should be to get rid of those flat VLANs that span the core and switch to your original plan of routed interfaces using EIGRP or OSPF.

• VLANS across WANS

  I am working on a project for CCNA class. I want to maintain VLAN identities across multiple WAN sites...i.e. My central Core will be in LA, remote offices at Dallas and St Louis. If I define VLANs 10, 20,30, and 40 at LA for 4 departments, with network 10.0.10.0/22, 10.0.20.0/22 etc..I have considered using EoMPLS to maintain the VLAN structure and the ability to not have to change or reassign different  network address at the remote sites. In essence, I wish to have the same subnets at all sites for all VLANS and implement NMC from the LA office. I want to have VLAN 10, with 10.0.10.0/22 at all 3 sites. Is this possible and maintainable from a management standpoint using EoMPLS. What am I missing here? Other posts I have researched state that this is not possible and not recommended. The objective is to maintain VLANs across all 3 sites.    
  If not, then how do we maintain VLAN identities and membership across all 3 sites with different Subnets? I am just looking for ideas, not solutions. Just some guidance, since I am a student. 

  I haven't personally used EoMPLS, but it seems a viable option.  The other L2 extension technologies to consider are:
  VPLS
  OTV (ASR1k or CSR1k)
  L2TPv3 (can use regular IOS routers)
  Typically you'd only consider extending L2 VLANs across a WAN for DCI (data center interconnect) and not branch to branch. 
  L2TPv3 is a neat feature that can be done cheaply using 800-series routers.  It does transmit all L2 traffic so it's possible to have spanning tree loops over the WAN (fun in the lab, but not in production).

• Private vlan across switches in NX-OS

  Hi,
  I'm trying to make a scenario to span private vlan across multiple switches but I couldn't get this to work in NX-OS N7K.
  My topology is similar to the one in the picture attached.
  I tried to ping from isolated host vlan 201 in switch A to isolated host vlan 202 in switch B. Promiscuous trunk port has been configured to upstream router in Switch A. From switch a to switch b is a normal trunk port.
  But still, I can't establish any connectivity from host vlan 201 to host vlan 202.
  Any suggestion?
  thanks

  Jerry -
  Any idea why? This breaks the ability to use moderately complex ACLs. For example - how would you configure scavenger class traffic to ignore some traffic, and mark other?
  Carole

• How do you spread CPU load over more cores?

  Hi
  I recently bought a macbook pro quadcore i7 because my 2007 macbook couldn't cope with the demands of Logic when using it rewired with Ableton Live, and had lots of CPU overload messages.
  I am really disappointed that having spent so much money to overcome this problem, it has only slightly improved the amount of overload messages. I read the article below about how to spread CPU power over the cores, now I have 8. I still can't figure out though how to control which channels are using which core and spreading the CPU load to cores 5-8 which don't seem to be being used. Any ideas?
  Can I rewire from ableton to different cores?
  In my project, the 2nd core keeps overloading whilst the others are down. Is it to do with aux channels, master channels, buses etc?
  Or should I upload my memory to 8GB RAM?
  Thanks
  Steve
  Here's the article:
  About core activity
  Logic breaks tasks down into threads that can be assigned to a single core for execution. It's not possible to split a single thread across multiple cores, although a single core may run multiple threads at the same time. This is one reason that you may sometimes see uneven load distributions across the available cores on your computer. If one thread is very processor-intensive, the core running that thread may show much more activity than the cores running less demanding tasks. This is the main reason that you may get "Core Audio Overload" warning messages even though some of the cores on your system may not show significant activity.
  To monitor Logic as it uses the cores on your system, double-click the CPU meter in the Transport area.
  A window displays a meter for each core.
  The same concept applies to channel strips as well. Each channel strip—and all plug-ins it contains—is processed by one core. If you are using many processor-intensive plug-ins on a single channel strip, the core running it may show heavier activity. This is especially true if you are working at high sample rates (88.2 kHz or higher).
  Redistributing core loads
  If you find that a single core has much higher activity, use these strategies to redistribute the load.
  In the example below, there is a single Software Instrument channel strip with plug-ins routed directly to Output 1-2. The channel strip for Output 1-2 has a large number of plug-ins.
  In this example there is activity on two cores:  the left core is handling the Software Instrument while the next core processes the Output 1-2 channel strip. You can use routing capabilities in Logic to distribute the load to more cores without changing the sound, as in the next image.
  The resulting signal chain is Inst 1 > Aux 1 > Aux 2 > Out 1-2, as shown in this table:
  Channel strip
  Input
  Output
  Inst 1
  Bus 1
  Aux 1
  Bus 1
  Bus 2
  Aux 2
  Bus 2
  Out 1-2
  Also, the first four plug-ins have moved from Output 1-2 to Aux 1 and the remaining four plug-ins to Aux 2.
  After adjusting the volumes to the respective channel strips appropriately, the result sounds identical, but now the load is distributed among four cores instead of two. You can use this concept to redistribute plug-ins from Audio channel strips, Software Instruments, Auxes, and Outputs (as in this example).
  In the image above, there is still a very heavy load on a single core, even though it's using the routing described above. Notice the Inst 1 channel strip is selected. When a Software Instrument track is selected in the Arrange window, Logic enters "Live Input Mode". In this mode, Logic turns on every plug-in in the channel strip's signal path so the channel strip can be played live from a MIDI controller. All of this must be handled by a single thread and therefore just one core. It's a good idea to keep a track that uses an Audio channel strip selected in the Arrange window, unless you're actively playing or recording to a Software Instrument.

  OS X Snow Leopard introduced Grand Central, where the OS will distribute the load better to more cores, however it takes time for software to adapt to these changes and make a rewrite of the codebase and test it out, Apple's included.

• Span Graphics across THREADED text frames

  Hello there,
  I am working at a 60 page document that includes plenty of footnotes, graphics and tables.
  I have a 2 column layout. I need the graphics and the tables to span across the 2 columns.
  I need the footnotes on each page to span across 2 columns.
  Now.
  Indesign puts the footnotes into their own separate column. I found a script that will correct this but will only work if the 2 columns are not part of the same text field.
  In other words, to have a 2 column layout I would need 2 threaded text fields onto 1 page, instead of 1 single text field with 2 columns.
  The problem is that once I have 2 different text frames, all the graphics and table will not span across the columns.
  I need a fix!
  Either a new way of dealing with footnotes spanning across columns, or a way of having tables and graphs spanning across threaded frames.
  Thanks!
  Federico

  There is no easy way to span footnotes across several columns.
  I had to do it several times in the last month and I did following:
  Work consequent with paragraph, character and object styles.
  Create an Object Style for your 2 column text.
  Finish your article with your normal footnotes.
  Try to find a scipt which converts footnotes to endnotes (and the other way too). There are several for free download available
  Install that script.
  Convert footnotes into endnotes
  Create for the first endnote a flair of the paragraph style which will start in a new frame (not necessary, but makes things much easier).
  Now you have at the end of the story a + which indidcates a text overflow. Click on this.
  Now create a new layer above the text and lock the text and draw a rectangle on the bottom of the page where the first footnote number (now endnote number) is found.
  For this reference text frame create  now (or do it before) an object style which will wrap text away to make place for the "footnotes" and let the text vertically align at the bottom. Apply this style to the "footnote" frames.
  Drag the frame as high as all footnotes of that page are found in this frame.
  Click on the overflow indicator and follow up with the previous steps until the last footnote.
  For graphics and tables spanning accross the columns I don’t anchor them in a multiple column layout out because if the anchor is in the right column, text wrapping will not work properly.

• In a huge campus network design, should be the Core layer operate on L3 if the Distribution is operating on L3?

  Or the routing overhead is less if the Core is operating on L2?
  For example:
  Wan routers and Dist L3 switches connect to Core switches (L2)
  Access layer L2 switches connects to Dist.
  So Access layer SW's do Diffserv marking, Dist layer switches do queuing, the inter vlan routing as well as routing and the core only forwards traffic based on L2.
  Is it a valid design? Should the core also have QoS?
  Thanks!

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of   the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Yes, you can have a L2 core, but as Rick has noted, modern designs lean toward L3 cores.
  There are, even today, pros and cons to each, but the biggest factor would be a modern L3 core would normally use L3 switches, rather than traditional routers.  Generally you want the core to move packets as quickly as possible, and L2 switches were generally better at that than "traditional" routers.  L3 switches, though, have nearly L2 switch performance, so the performance difference isn't much of issue any longer (especially with CEF L3 switches and/or MPLS).
  BTW, not something you'll see in many current design documents, but modern L3 switches are so powerful and support so many ports, that you might have distribution and access just L2.
  If you're doing QoS, yes I would recommend it also be enabled in the core too, L2 or L3.

• Extending VLAN across Data centers

  I hope you can help, I have 2 data centers connected via a L3 10gb (dark fiber) now I have a few more fiber strands available between the 2 data centers; so for Disaster Recovery and server clustering (requiring same subnet) does it make sense to extend certain vlans across using these extra fiber strands or is it best practice to keep the layer 3 separation, thanks in advance!

  Borman
  It does make sense in terms of clustering. Not sure exactly what you mean in terms of disaster recovery, that really depends on your topology/addressing.
  Basically i would route where you can and extend L2 when you have to. Be aware you are extending L2 between data centres and tha brings STP issues. Obvioulsy make sure you only allow the vlans you need on this link and route all else.
  There are other ways to extend a L2 vlan across a L3 link - L2TPv3 springs to mind.
  Jon

• Dynamic VLAN assignment and Layer 3 switching on 300 series

  I have a SG300-28P switch. I just read in the Administration Guide that, when in Layer 3 mode, the switch doesn't support MAC-based VLAN or Dynamic VLAN Assignment.
  So, in order to assign a client to a VLAN based on their MAC or based on the response of a RADIUS server, we have to disable layer 3 features. Without layer 3 switching, the switch is unable to act as a default gateway and forward packets between VLANs. As a result, the VLANs can't communicate in any way, or access the internet, unless a separate router is connected to every VLAN. Right?
  I'm new to VLAN configuration and layer 3 switching so I wanted to check my understanding. Doesn't this limitation significantly reduce the usefulness of the DVA feature?
  I may well be confused and missing something regarding how this is typically used..

  Hello Glenn,
  Your concept about packet forwarding is correct. With a layer 2 switch, there must be something directing traffic with multiple subnets for intervlan communication or something that provides an IP route to give the request a path back for the request.
  The usefulness for the DVA feature, is not particularly limited to the switch as the switch will correctly assign the VLAN for you, as VS the L3 switch mode, you're dealing with IP addresses. In any scenario, you're going to require a router to get to the internet since the switch does not support NAT.
  Additionally, if you're router does not support VLAN, the L3 switch feature would still be the solution since you should be able to make a static route pointing back to the switch to allow any subnet to traverse the single media. It would still beg the question, how to assign VLAN dynamically.
  The answer, although (in my opinion is terrible) would be GVRP.  But, this application would require ALL of your network cards to be GVRP Enable / Capable which most likely is not the scenario for you (or most anyone else for that matter).

• Route or switch on the core Layer

                     I am working on a new network design for my company with four buildings, I have used building distribution method for all buildings, my design seems to be functioning properly, I have configured vlans and eigrp routing on the distribution switches as you can see on the diagram, but used the four core layer switches just for switching not routing and I did not configure any routing on them, I would like to know if this is good design or do I need to configure routing on the Core Layer as well

  There is no right or wrong answer to this. Originally the recommendation was to switch in the core ie. use only L2 because L2 switching as fast and L3 routing was slow.  But then L3 switches appreared and the recommendation was to use L3 to connect to the core.
  But both are just recommendations. You don't have to follow the guidelines slavishly.
  Having said that, looking at your design there are a lot of redundant paths between switches. This means lots of loops and using L2 will mean blocked paths in the core and potentially blocked paths to and from the core. If you used L3 connections from the distrbution to the core and between the cores you would be able to utilise all the links and hence get more bandwidth.
  In addition if a link failed you would not be reliant on STP to bring up a redundant path as all paths would be in use (although you should still run STP).
  Couple of other points -
  1) you have 4 switches in the core - what is the reasoning behind this ? is it distance limitations between buildings ?
  2) your addressing. Ideally you would want to be able to summarise from one building to the other so it would make more sense to have all the 192.168.x.x networks in one building and all the 10.x.x.x networks in the other. Actually it would make more sense to decide on an IP range ie. 10.x.x.x or 192.168.x.x (not both) and then use summarised ranges for each building.
  Jon