Figure 1124 Using MLS to Create Layer 3 Partitions

In this case, VLANs have not been allowed to spread throughout the campus. Assume that that the campus represents two buildings. VLANs 1-10 have been contained with Building 1. VLANs 11-20 have been placed in Building 2. A pair of links connects the two buildings. Rather than simply creating ISL links that trunk all VLANs across to the other building, non-trunk links have been used. By placing each of these links in a unique VLAN, you are forcing the traffic to utilize Layer 3 switching before it can exit a building. Also, because VTP advertisements are sent only on trunk links, this prevents VTP's default tendency of spreading every VLAN to every switch.

Another strategy that helps create Layer 3 barriers in an MLS network is assigning a unique VTP domain to each building. VTP advertisements are only shared between Catalysts that have matching VTP domain names. If each building has a different VTP domain name, the VLANs are contained.

Was this article helpful?

0 0

Post a comment