Do we need routers aslo for communications between VLANs.
- posted
17 years ago
Do we need routers aslo for communications between VLANs.
Communication between VLANs is only possible with a router or a Layer 3 switch (technicaly is a L3 switch a router). So the answer to you're question is: yes, you need a router.
schreef in bericht news: snipped-for-privacy@m79g2000cwm.googlegroups.com...
No, a router is not necessary for communication between VLANs.
However, some connection between the VLANs would be needed. A crossover cable, for instance.
Other requirements would may to be met as well. For IP, the address and subnet mask of communicating endpoints would have to be configured properly to allow communication. For other protocols, such as DECnet or LAT, no special software configuration would be needed.
If the question you're asking is "do I need a router to connect the most commonly occurring instances of VLANs, such as those in an office or home, running IP with different subnets on each VLAN", then the answer is "yes, you need a router".
In addition:
Make sure the normal users are never in VLAN1 and make sure they can't access VLAN1. VLAN1 is the Managment VLAN and should be use to address switches and other network stuff. Only administrators should be able to access this VLAN.
"emekadavid" schreef in bericht news: snipped-for-privacy@h48g2000cwc.googlegroups.com...
From more and more people lately I'm hearing that it's best practice to NOT use VLAN 1 for management. The management VLAN can have any identity you want and moving away from #1 makes it more discrete. Also, all unconfigured port default to VLAN 1 so you move the management VLAN to another number to reduce the risk of an access port being in that VLAN.
BernieM
Yes, it seems VLAN 1 is only retained for CDP and VTP these days according to the experts in the field.
Aubrey
And it's not even necessary then. We created a seperate vlan for all layer-2 protocol conectivity (switchport native vlan) and don't even trunk vlan 1. Granted some of our older switches (3500XL) won't alllow vlan 1 to be removed from trunk links but the'ye being replaced this fin year.
BernieM
I do support an administrative vlan ... away from vlan 1 ... which is best practice. VLAN 1 is nothing 'special'. Please explain your post. How does not using vlan 1 make it more possible for users to gain access to files in other computers?
BernieM
your administrative VLAN could be implemented in a switch or router, there's no gainsaying. if you don't use an administrative vlan, then you're not segmenting the hosts and that makes it just one whole node for all your hosts. one node for all your hosts means if a user needs to access another host on that node, the frames are forwarded to all the hosts if the host is not on the switch's/router's table for that node else it just forwards it instantly if the MAC is in its table.
how can a host communicate with another host?
simple. by programm> >> >
whatever
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.