Solved

Cisco Calayst 2900 Switch?

Posted on 2004-09-06
9
441 Views
Last Modified: 2008-01-09
I had two models of switch in our network. Both are 2950 series as C2950C-24 and C2950-24.

However, I would like to apply access control list to each interface, but C2950-24 could not let me doing so. I am just wondering if the problem comes to the IOS issues or the hardware issues.

I would not only like to apply ACL to each interface, but also by using policy-map and class-map, I would like to apply traffic shape on each interface as well. Does any recommandation on the model I should look for?
0
Comment
Question by:johntsai90
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 11995797
The 2950 is a Layer-2 only switch and as such does not support ACL's applied to interfaces. The 2950-EI, however, does support ACL's applied to the VLAN's.

-Don
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11996059
Most switches were designed with one function in mind - move packets as fast as possible, at layer 2.
What you are asking of the switch is for it to make very advanced routing decisions based on layer 3 traffic.
Some higher-end switches do have Layer 3 functionality, but not full traffic-management capabilities. Again, the whole idea of a switch is to move packets as fast as possible.
The Cisco 3750, with Enhanced feature set provides much more of the features that you are looking for with advanced QoS features
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_data_sheet09186a0080161371.html
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 11999052
ACL support on the 2950 has some limitations, which you may be trying to exceed.  See

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1216ea2/scg/swgacl.htm

policy-map and class-map relate only to routing, and you'll need a router or layer 3 switch to implement those.  Consider the 3350 models.

0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:johntsai90
ID: 12003374
Yes, I knew that, but the funny part is why does my c2950c-24 can be applied to each interface, but not my c2950 switches? How do I get the QoS ACL on all c2950 switches?
0
 

Author Comment

by:johntsai90
ID: 12013259
Also, I found out that by applying to each vlan, ACL isn't really working to block for per-port basis.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 12015224
Right, the ACL only affects traffic on the VLAN. Not the port.

-Don
0
 

Author Comment

by:johntsai90
ID: 12051537
Yes, so do you guys know which model from 2950 can support full functionality of ACL, I am not sure if it only for enhanced image IOS version?
0
 

Author Comment

by:johntsai90
ID: 12642937
Does anyone knows any Cisco switch can do the QoS properly? I am wondering does catalyst 2900T could do that? or it must be anything with enhanced image.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 377 total points
ID: 12643833
If what you're trying to accomplish is to control traffic on a per-port basis, then you'll need a layer-3 switch. A 3550 or better.

-Don
0

Featured Post

Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question