Cisco 3560G  and dual internet connection

Posted on 2009-04-21
Last Modified: 2012-05-06
I have a general question about the Cisco 3560G and how to best use it to route traffic.

We have two different connections to the internet, and old T1 and a new 4mb (Ethernet connection).

The network over all is a big un-managed switch network. There are 5 or so vlans all in the 3560G. The majority (80%) of 400 nodes are connected to stacked switches. Then these stacked switches are connect Cisco with  a single link. For example, three switches are connect to each other, and one switch is linked to the Cisco. Lastly, all nodes in the stack switches have as their default gateway the T1 firewall device which is also connected into a un-managed switch.

The network as-is is working. There are performance issue, but at the moment are untraceable. (ugh)

I was thinking of taking every un-managed switch and directly connecting it to the 3560 and assigning it a vlan. I thought this would help make the traffic flow more efficient.

As for the wan connections, I was thinking of assigning a ports on the Cisco as well and then somehow use the switch to "load balance" the traffic to the net.

I am looking for ideas on how to proceed to make the best use of this Cisco.
How do I best use the two WAN links?

Any ideas would be greatly appreciated.

Also, if you would like more info, let me know.

PS. Survey: What  this  question worth?

Question by:bdorsey63
    LVL 7

    Accepted Solution

    Hi there,

    Breaking the network to multiple broadcast domains (VLANs) it is a good idea.
    The logic of how many vlans you have to create depends on what is your network size. But keep in mind that by creating to many vlans you add administrative overhead and a complex topology.

    I would suggest you, if the budget is good, to replace all umnanaged switches with cisco switches and redisign your network!!!
    If you dont have the budget then try to create as many vlans as to keep a balance in your network. Lets say 5 vlans x 80 pc in each vlan so your traffic will better!!

    But with only one managed switch i can not see many things that you can do. Do not forget that a central switch without redundancy is always a single point of failure!!

    For the wan connection you could use the switch for load balancing, but always have in mind that it is a single switch. If it fails?
    Cisco switches supports a feature called etherchannel and you could use that to load balance!


    Author Comment

    Hau it,

    Thank you for the response

    Is the 80 pc per VLAN a "best practice". IS it your experience that this 80 is a sweet spot?

    How does the load balance work with ethernetchannel?

    Can you prioritize the traffic by port or ip?
    It looks to be active/ active and not active/passive?

    What is "best practice" for ethernetchannel?

    LVL 7

    Expert Comment

    80 pcs in a vlan is good. Its depends always on your traffic but in general its ok.

    Etherchannel can load balance in many ways based on source IP, destination IP, both, source mac destination mac or both.

    If you really want to prioritize traffic in the network you should consider QoS, nut that requires good machines

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now