Solved

Cisco Calayst 2900 Switch?

Posted on 2004-09-06
9
434 Views
Last Modified: 2008-01-09
I had two models of switch in our network. Both are 2950 series as C2950C-24 and C2950-24.

However, I would like to apply access control list to each interface, but C2950-24 could not let me doing so. I am just wondering if the problem comes to the IOS issues or the hardware issues.

I would not only like to apply ACL to each interface, but also by using policy-map and class-map, I would like to apply traffic shape on each interface as well. Does any recommandation on the model I should look for?
0
Comment
Question by:johntsai90
9 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 11995797
The 2950 is a Layer-2 only switch and as such does not support ACL's applied to interfaces. The 2950-EI, however, does support ACL's applied to the VLAN's.

-Don
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11996059
Most switches were designed with one function in mind - move packets as fast as possible, at layer 2.
What you are asking of the switch is for it to make very advanced routing decisions based on layer 3 traffic.
Some higher-end switches do have Layer 3 functionality, but not full traffic-management capabilities. Again, the whole idea of a switch is to move packets as fast as possible.
The Cisco 3750, with Enhanced feature set provides much more of the features that you are looking for with advanced QoS features
http://www.cisco.com/en/US/products/hw/switches/ps5023/products_data_sheet09186a0080161371.html
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 11999052
ACL support on the 2950 has some limitations, which you may be trying to exceed.  See

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1216ea2/scg/swgacl.htm

policy-map and class-map relate only to routing, and you'll need a router or layer 3 switch to implement those.  Consider the 3350 models.

0
 

Author Comment

by:johntsai90
ID: 12003374
Yes, I knew that, but the funny part is why does my c2950c-24 can be applied to each interface, but not my c2950 switches? How do I get the QoS ACL on all c2950 switches?
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:johntsai90
ID: 12013259
Also, I found out that by applying to each vlan, ACL isn't really working to block for per-port basis.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 12015224
Right, the ACL only affects traffic on the VLAN. Not the port.

-Don
0
 

Author Comment

by:johntsai90
ID: 12051537
Yes, so do you guys know which model from 2950 can support full functionality of ACL, I am not sure if it only for enhanced image IOS version?
0
 

Author Comment

by:johntsai90
ID: 12642937
Does anyone knows any Cisco switch can do the QoS properly? I am wondering does catalyst 2900T could do that? or it must be anything with enhanced image.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 377 total points
ID: 12643833
If what you're trying to accomplish is to control traffic on a per-port basis, then you'll need a layer-3 switch. A 3550 or better.

-Don
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now