Cisco Catalyst 500 Series - Segmenting VLAN and managing traffic

Posted on 2006-07-13
Medium Priority
Last Modified: 2008-02-01
I am attempting to implement a Cisco Catalyst 500 series switch.  I was under the impression that I could separate each port into its own VLAN.  These VLAN's would be able to be managed down to the speed or bandwidth of the throughput.

I have two networks that are connected to the same T-1 each with their own assignable public IP address.

I was hoping to keep one VLAN at approximately 256 k / 256 k or 1/4 of the T-1 and leave the remainder of the T-1 data to a separate and more robust network.
After discussing this option with CDW's service team they assured me this would be possible with this switch.

It seems after an extensive investigation that I am only able to either control the Duplex (Full, Half, auto) or the actual port speed (10, 100) or I could setup an etherport thereby creating a virtual GIG port by using more than one 10/100 port.  

This isn't what I had in mind, but maybe I am perceiving it differently than it was originally explained to me.

Thank you for your assistance.  
You guys are the best!  I have always found my answers from you.

Pete Ophoven
Network Administrator
Seattle, WA
Question by:peter_ophoven

Expert Comment

ID: 17104683
What they are probably thinking is for the switch to maybe mark the packet headers with QoS (DSCP/ToS) information. After which the packets can then be policed with little or no overhead at your router and achive the desired result.
LVL 10

Assisted Solution

naveedb earned 75 total points
ID: 17104844
As rage419 explained, this will be done on the router not on the switch. What kind of router do you have that connects to the T-1? ToS can be tagged on the switch and then the actual router will determine how much bandwidth should be assigned to each ToS value.

Accepted Solution

rage419 earned 600 total points
ID: 17105275
In your case, you may not even need the switch to do anything since you could police at the router (assuming the capability exists at the router) based on source IP or vlan if no other differentiation or classification is required and have less complexity. No real performance difference that I can think of in either case assuming again that the router would handle QoS in hardware.

Tagging the packet at the switch would add benefit only if you needed more granularity than just source IP and/or you also wanted to QoS traffic sourced from that switch elsewhere on the network as far as I know.
LVL 30

Assisted Solution

ded9 earned 75 total points
ID: 17106162

Author Comment

ID: 17109609
All comments are informative but also confusing to me.  

The design is one in which a CSU/DSU T-1 termination device (Edgelink 300 - installed by the data provider) providing a single ethernet port for data bandwidth.  In the beginning the data was providing internet to one office.  Now it is split up into two offices (and potentially three if this architecture works) all of which for security purposes must be kept separate from each other (which is the purpose of a VLAN).  

It seemed that plugging the Edgelink 300 T-1 Termination Device as the carrier for internet to the Cisco 500 series and then plug two sepate offices into this device will allow me to separate the offices.  Additionally though, I want to control the bandwidth to the separate offices (256 K 4 channels or 1/3 of the available data on one VLAN and the remaining on the second).

Each VLAN would then be configured by the router in each office (SonicWall 170) and (Cisco / Linksys WRV54 G) with its own assignable IP address.

I want to be able to control the bandwidth to each VLAN.
It doesn't seem like this Switch is the place to do that.  

It sounds more likely that I need a higher end router to police the traffice above the switch because this switch doesn't do what I need it to.


Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question