Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions

_Communities

This Question is Answered
2412 Views 16 Replies Latest reply: Sep 6, 2011 6:54 PM by Paul Stewart - CCIE Security, CCSI RSS 1 2 Previous Next

Currently Being Moderated

How does this traffic pattern work....

Sep 1, 2011 9:32 AM

Steven Williams 3,266 posts since
Jan 26, 2009

I am going to try and explain this the best I can here....

 

If I have lets say 3 locations, a central location with a datacenter and 2 remote locations over 1gig fiber to the datacenter. The central location has clients and servers on vlan 1. The main location has a layer 3 switch that has layer 3 interfaces back to the remote locations. All clients at remote locations are also on vlan 1. The internet is also accessed through the central location as well. There is a layer 3 interface from the main location layer 3 switch to the firewall.

 

Now when clients at the remote location access server resources, there traffic comes over the WAN and then is essentially part of VLAN 1 at the main location? Is that correct? What about their internet traffic? They request the internet, it comes over the WAN, it doesn't match any route in the main site layer 3 switch so that switch will just hand it off to its default gateway (the Firewall), correct? So that traffic that needs to hit the internet will not hit VLAN 1, but traffic needing server resources will.

  • Conwyn 7,914 posts since
    Sep 10, 2008
    Currently Being Moderated
    1. Sep 1, 2011 9:48 AM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    Hi Hollywood

     

    Basically you have a large L2 LAN. So remote devices are similar to local.

     

    Regards Conwyn

  • ESummers 312 posts since
    Sep 10, 2010
    Currently Being Moderated
    2. Sep 1, 2011 10:52 AM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    I think you're on the right track if I'm reading your configuration correctly.  Are you trunking VLANs between remote sites and the main/central site?  If not, the VLANs are of local significance only.  Internet traffic (or any traffic for which the "main site switch" does not have a specific route) would be handed off to the default gateway.

  • Currently Being Moderated
    4. Sep 1, 2011 11:40 AM (in response to Conwyn)
    Re: How does this traffic pattern work....

    Conwyn, if you have L3 devices between them, that is not a large L2 LAN at all.  That is two LANs on either side of a L3 link.  That means at least 2 broadcast domains, etc.

     

    Hollywood, if you have L3 paths between the clients at the remote sites all the way to the firewall interface headed to the internet, and the routing takes them straight up that path, they will not be assigned to VLAN1 at the main site. 

  • Gordon Lang 43 posts since
    Jun 28, 2010
    Currently Being Moderated
    5. Sep 1, 2011 1:14 PM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    The L3 switch receives routed packets from the WAN, and then it delivers the packet according to the routing table.  If the destination ip address of the packet matches a "connected" route (e.g. "interface vlan 1"),  then the packet is shoveled out (vlan 1) to the destination MAC address found in the ARP table.  Otherwise, the packet is forwarded to the next-hop ip address specified in the matching route.

     

    So packets coming from remote sites will only traverse vlan 1 if the destination ip address belongs on vlan 1.  Packet delivery from one routed interface to another routed interface does not involve any vlan at all.

     

    I have argued with some (CCNA level) people who claim that such traffic actually traverses vlan 1.  In spite of the fact that they could not prove it, they maintained their assertion against all sorts of compelling arguments.  The whole basis for their tenacity on this issue is based on the belief that all packets in a L3 switch must be associated with a vlan, and vlan 1 is the default vlan.  But there is no technical reason why a routed packet must be associated with any vlan.  I have setup a port monitor of vlan 1 and captured traffic, but I never saw any routed packets -- only packets that actually belong to vlan 1.

     

    So unless somebody knows of special cases where packets forwarded by an L3 switch from one routed interface to another routed interface are actually visible on vlan 1, I have to say that those individuals who claim that such packets actually traverse vlan 1 are profoundly misguided.

     

    Does any part of this rant actually help?

  • Currently Being Moderated
    7. Sep 1, 2011 5:28 PM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    VLANs do not have a "speed", per se, you are constrained by the speed of links it traverses, the backplane capacity of the devices you are going across.  That is like saying an IP subnet has a speed, if you catch the comparison.

  • ESummers 312 posts since
    Sep 10, 2010
    Currently Being Moderated
    8. Sep 1, 2011 6:03 PM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    Whether you have 2 or 50 remote sites probably won't make as much difference to the vlan 1 on the "main switch" in this instance as it would to the main switch itself or the server that all of those sites are accessing.   Remember that the vlan is simply segregating ports on the switch.  Regardless of whether or not the vlan is there, the switch is still going to exhibit switching behavior...meaning if it has a mapping of the destination MAC and port, it will switch the traffic directly to that port.  Broadcast traffic would be flooded, but you already noted that your remote sites are interconnected to the main via L3 links (hence separate broadcast domains).

     

    Assuming your hardware is relatively new your likely bottleneck will be the links connecting the remote sites to main site (as Travis noted), or the link to the server (or server itself) if everyone decides to hammer it first thing in the morning to download their music.

  • ESummers 312 posts since
    Sep 10, 2010
    Currently Being Moderated
    10. Sep 2, 2011 6:22 AM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    Yes, 20gig trunk is definitely the bottleneck.    (j/k)

  • Currently Being Moderated
    12. Sep 2, 2011 6:40 AM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    As usual the WAN is the bottleneck, but at 1Gbps unless you are pushing lots of data, no worries.

  • Jared 5,498 posts since
    Jul 27, 2008
    Currently Being Moderated
    13. Sep 5, 2011 9:48 AM (in response to Steven Williams)
    Re: How does this traffic pattern work....

    ok, I am curious.  Do you ever monitor the utilization of your 1 gig wan links?  I have a similar setup and really.  Those links are gonna last me a while.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)