VLANS trunking

Hi

I have following netowork:

VLAN1 VLAN1 VLAN2 VLAN2 VLAN1 VLAN1 host1--------------switch1-------------switch2-------------host2

Everything ports are in trunking mode. If I send packet from host1 to host2 I want to stop packet on switch1. Is this scheme OK? Or how to reorganize configuration (where to place trunk or access mode) If it isn't correct .

Reply to
bison
Loading thread data ...

Hi

I have following netowork:

VLAN1 VLAN1 VLAN2 VLAN2 VLAN1 VLAN1 host1--------------switch1-------------switch2-------------host2

Everything ports are in trunking mode. If I send packet from host1 to host2 I want to stop packet on switch1. Is this scheme OK? Or how to reorganize configuration (where to place trunk or access mode) If it isn't correct .

Reply to
bison

Hi

I have following netowork:

VLAN1 VLAN1 VLAN2 VLAN2 VLAN1 VLAN1 host1--------------switch1-------------switch2-------------host2

Everything ports are in trunking mode. If I send packet from host1 to host2 I want to stop packet on switch1. Is this scheme OK? Or how to reorganize configuration (where to place trunk or access mode) If it isn't correct .

Reply to
bison

Hi

I have following netowork:

VLAN1 VLAN1 VLAN2 VLAN2 VLAN1 VLAN1 host1--------------switch1-------------switch2-------------host2

Everything ports are in trunking mode. If I send packet from host1 to host2 I want to stop packet on switch1. Is this scheme OK? Or how to reorganize configuration (where to place trunk or access mode) If it isn't correct .

Reply to
bison

Unless you trunk VLAN 1 between switch1 and switch2 hosts 1 and 2 can't communicate.

BernieM

Reply to
BernieM

Only a port of sw1 and corrispective connection on sw2 need to be in trunking mode, other ports on sw1 and sw2 can be inserted on VLAN1 or VLAN2. SW1 and SW2 are joined by trunk in the same logical switch that contain the two differents VLANs

If you want stoping packets transmit from host1 to host2 you need insert by two hosts a router with a specific ACL for the two IP address by host1 and host2 to deny traffic....or simple move an host in other VLAN2!!! ;)))

Reply to
Gibo®

Vlan 1 is generally untagged so it should go through, depending on the switches' OS/mfr

Reply to
jw

It means that connection switch1 and switch2 shouldn't have trunk mode?

How will work above scheme If I turn on every port in access mode ?

Reply to
bison

U¿ytkownik "jw" napisa³ w wiadomo¶ci news:3x0kg.467$ snipped-for-privacy@ursa-nb00s0.nbnet.nb.ca...

For example on Cisco Catalyst 2950 how to this work for VLAN1?

Reply to
bison

Oh, ok thanks, wasn't aware of that. So for the requirement to "stop packets on switch 1" there's going to have to be some form of layer-3 security ie. acl etc.

BernieM

Reply to
BernieM

From what jw was saying I was incorrect so traffic should pass from host1 to host2 with a trunk between switch1 and switch2 regardless of whether vlan 1 is specifically trunked. To 'stop packets on switch1' you're going to need some form of IP or mac-based acl.

BernieM

Reply to
BernieM

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.