?
Solved

Flooding/PortStorm Control via Seperated VLAN

Posted on 2002-04-10
4
Medium Priority
?
327 Views
Last Modified: 2010-04-17
A simple question always confuse me,

Cisco switch equipped with Default Vlan, enable Flooding/PortStorm Control is the way to block the broadcast packet, which means network traffic will be reduced to minimum, if I am not in mistake. Is there any reason set a seperate vlan for a 100 user's network that include Support/Developer/sales/operation, if Flooding/PortStorm control enabled ? Will Seperate Vlan control network traffic better ?

Thanks,
0
Comment
Question by:joehuang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 6932114
How many nodes are attached to the switched network?  Usually broadcast traffic is not significant in well segmented LANs.
0
 

Author Comment

by:joehuang
ID: 6932584
Around 25 servers plus 80 workstations, there are 4 cisco switches-c2924, and I do not see any network traffic problem from the network monitor application for each switch.

Devide those node to 5 vlans is from a contract guy, even I mention that there is no network traffic problem here, but it seems that he is concerning other type of traffic ...  I would like to know any advantage about these vlan according to my network size.
0
 
LVL 11

Accepted Solution

by:
geoffryn earned 150 total points
ID: 6934173
With you network size, I doubt that you see any benefit at all from VLANs in terms of network traffic optimization.  If yo uVLAN everything, then you have to come up with a backend routing solution to route the vlan traffic. This seems complicated and a waste of effort.
0
 

Author Comment

by:joehuang
ID: 6935831
Yes, You are correct.

One of C3550 Layer 3 switch is to be a distribution layer for routing traffic to intranet/internet between vlan/firewall/intranet/internet.

Place web server in one of vlan behind firewall instead of place web server in DMZ zone, then open ICMP port in firewall in order to ping public ip address anywhere for monitoring purpose with CISCO Secure Server/IDS,It seems strange to me in security issue.
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question