Solved

inter vlan routing on layer 3 switch or firewall

Posted on 2014-02-11
3
1,451 Views
Last Modified: 2014-02-26
just looking to get some opinions on whether it is better to configure inter vlan routing on a layer 3 switch or do it directly on the firewall.

what do you guys prefer.

any suggestions on pros and cons of each method is welcomed.
0
Comment
Question by:nflnetwork29
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39851762
L3 switches usually supply the hardware (special ASICs) to do fast switching, while firewalls will most probably have to buffer the complete packet for analysis, fragmentation/reassembling etc. So L3 switches should perform better.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39853365
I agree with Qlemo and using layer 3 switch is so much easier than creating bunch of sub-interfaces for vlans on the firewall.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39853396
From a design perspective, you would want to contain your vlan routing at your distribution layer, not at your edge where a firewall would exist. So keep vlan routing at your Layer 3 switch and only route outbound internet traffic to thefirewall. The one exception is if you need these vlans to be secure between one another and need packet inspection. In that case you would want the firewall to route the traffic between the vlans or be some way in line of that traffic.
0

Featured Post

Schedule a Tour of the ATEN booth at InfoComm 2017

Tour the ATEN booth to see the the Latest Addition to the Modular Matrix Switch Series, New 4K HDMI Over IP Extender and more! Enter ATEN's Ultimate Giveaway Sweepstakes for a chance to win one of several great prizes, including an ATEN US7220 2-Port Thunderbolt 2 Sharing Switch!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question