Solved

Cisco Calayst 2900 Switch?

Posted on 2004-09-06
9
435 Views
Last Modified: 2008-01-09
I had two models of switch in our network. Both are 2950 series as C2950C-24 and C2950-24.

However, I would like to apply access control list to each interface, but C2950-24 could not let me doing so. I am just wondering if the problem comes to the IOS issues or the hardware issues.

I would not only like to apply ACL to each interface, but also by using policy-map and class-map, I would like to apply traffic shape on each interface as well. Does any recommandation on the model I should look for?
0
Comment
Question by:johntsai90
9 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 11995797
The 2950 is a Layer-2 only switch and as such does not support ACL's applied to interfaces. The 2950-EI, however, does support ACL's applied to the VLAN's.

-Don
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11996059
Most switches were designed with one function in mind - move packets as fast as possible, at layer 2.
What you are asking of the switch is for it to make very advanced routing decisions based on layer 3 traffic.
Some higher-end switches do have Layer 3 functionality, but not full traffic-management capabilities. Again, the whole idea of a switch is to move packets as fast as possible.
The Cisco 3750, with Enhanced feature set provides much more of the features that you are looking for with advanced QoS features
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_data_sheet09186a0080161371.html
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 11999052
ACL support on the 2950 has some limitations, which you may be trying to exceed.  See

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1216ea2/scg/swgacl.htm

policy-map and class-map relate only to routing, and you'll need a router or layer 3 switch to implement those.  Consider the 3350 models.

0
 

Author Comment

by:johntsai90
ID: 12003374
Yes, I knew that, but the funny part is why does my c2950c-24 can be applied to each interface, but not my c2950 switches? How do I get the QoS ACL on all c2950 switches?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:johntsai90
ID: 12013259
Also, I found out that by applying to each vlan, ACL isn't really working to block for per-port basis.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 12015224
Right, the ACL only affects traffic on the VLAN. Not the port.

-Don
0
 

Author Comment

by:johntsai90
ID: 12051537
Yes, so do you guys know which model from 2950 can support full functionality of ACL, I am not sure if it only for enhanced image IOS version?
0
 

Author Comment

by:johntsai90
ID: 12642937
Does anyone knows any Cisco switch can do the QoS properly? I am wondering does catalyst 2900T could do that? or it must be anything with enhanced image.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 377 total points
ID: 12643833
If what you're trying to accomplish is to control traffic on a per-port basis, then you'll need a layer-3 switch. A 3550 or better.

-Don
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now