hivnet012
asked on
Is it better to use an L3 Routed switchport or Trunk port to connect to the router?
Dear Experts i have a 3550 switch and i have vlans configured on it. I have acquired a Cyberoam Dual Wan router with ability to create vlan sub-interfaces on its LAN interface. Is it better to use the VLAN subinterface by trunking the connection between 3550 and router or using the 3550 routing port ability?
Also if i use the 3550 switch port to forwad to the router Vs using router VLAN subinterfaces, will there be a performance difference in terms of link speeds? Will i be able to create ip subnet based rules on the firewall?
Thanks for the great help!
Also if i use the 3550 switch port to forwad to the router Vs using router VLAN subinterfaces, will there be a performance difference in terms of link speeds? Will i be able to create ip subnet based rules on the firewall?
Thanks for the great help!
Neither method is "better," it just depends on your network topology and what your specific needs are. There wouldn't be much of a speed difference, unless the CPU/memory utilization on the 3550 is high. In which case, off-loading the VLAN management to the Cyberroam may help.
If the link speed on the router and The switch are the same and you use two ports on the router then the speeds should be equal. However if the router is using one port for in an out to the LAN or is only fast Ethernet then you will have reduced spee having the router handle cross vlan traffic.
ASKER
eeRoot; In the case of using the trunking option, does the 3550 need to be around? In case of using the routed port option will i be able to create ip subnet based rules on the firewall?
You could leave the 3550 in place so it serves as your VLAN and spanning tree root so the Cyberoam is only doing routing. Or you could remove the 3550 and have everything going through the Cyberoam. It depends on if you prefer have one device doing all your network management or having seperate boxes doing different tasks. Also, is the 3550 still under warranty? If not, you may want to look into removing it.
ASKER
Thansk eRoot;I don't have the luxury of getting another switch so i will keep the 3550! Please help me on the second part of the previous question as well! In case i use the routed port option, will i be able to create rules on the firewall based on the ip ranges that the vlans on the 3550 fall into?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Let me try to do the trunking eeRoot, i will update you if i works!
ASKER
I needed detail as per question but i got good pointers