HPE Community
Aruba & ProVision-based
1753766 Members
5552 Online
108799 Solutions
New Discussion юеВ

InterVLAN Communication Question

 
CFPiazza
Occasional Contributor

тАО12-12-2016 12:50 AM - edited тАО12-12-2016 01:13 AM

тАО12-12-2016 12:50 AM - edited тАО12-12-2016 01:13 AM

InterVLAN Communication Question

Hello everyone,

I've been bumpin' heads with a particular coworker of mine on a particular issue and it's not really about who's right or who's wrong, but we'd just like to find a solution to what it is we're trying to do. Here it is. I've been tasked with setting up VLANs on a network that contains multiple Procurve 2810-48Gs. My coworker wants each department to be it's own broadcast domain. He seems to think there is a way to do this on strictly layer 2, somehow by tagging the frames between VLANs, and avoiding any layer three involvement and subnetting. He thinks tagging frames will make Inter-VLAN communication possible without any routing or subnetting.

I've previously studied for the ICND 1 & 2 tests for Cisco, and with according to Cisco, you can't get two VLANs to communicate without routing and subnetting. Am I wrong? Can Procurves be configured to segment ports to a specific VLAN and still allow traffic to flow from host to network resources and the public internet without routing and subnetting? Maybe VLANs really don't need to communicate at all for hosts on each VLAN to be able to access certain resources and to communicate with the internet?

Thank you!

Corey Piazza

 

0 Kudos
4 REPLIES 4
parnassus
Honored Contributor

тАО12-12-2016 01:13 AM

тАО12-12-2016 01:13 AM

Re: InterVLAN Communication Debate

No, you aren't.

VLAN(s) - so operating at Layer 2 as isolated Broadcast Domains - require Layer 3 functionalities (basically "IP Routing" after each VLAN has been assigned an IP Address) to be enabled internally (if the Switch that defines/accepts those VLAN(s) is Layer 3 capable) or externally to let the traffic to flow each others (using an external Layer 3 dedicated device - a Layer 3 capable Switch, a Router or a Firewall - when your exact Switch doesn't provide those Layer 3 capabilities...or when you don't want to use them at that level preferring to demand the IP Routing duty to one of those devices) otherwise VLAN(s) remain isolated (that's their scope).


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
Vince-Whirlwind
Honored Contributor

тАО12-12-2016 03:20 PM

тАО12-12-2016 03:20 PM

Re: InterVLAN Communication Question

"each department to be it's own broadcast domain"
This is 1980s network design, which was made obsolete in the early 1990s by Windows NT.

It's definitely the wrong way to do VLANs. It's messy and complex to manage, provides no benefits and introduces risk.

The basic rule with VLANs is:
 - use as few VLANs per switch as possible
 - extend each VLAN to as few switches as possible

Essentially, a VLAN should equate with a switch, a wiring closet, or a physical location.

CFPiazza
Occasional Contributor

тАО01-19-2017 11:43 AM - edited тАО01-20-2017 10:39 AM

тАО01-19-2017 11:43 AM - edited тАО01-20-2017 10:39 AM

Re: InterVLAN Communication Question

I agree. I'm just not able to convince my coworker to this way of thinking. The design he is looking for is he wants every department to be on a separate VLAN with no communication between each other and each with their own connection to the internet. And he wants this done without any layer three and subnetting done...

0 Kudos
Erengard
Occasional Advisor

тАО03-29-2017 11:52 PM

тАО03-29-2017 11:52 PM

Re: InterVLAN Communication Question

You cant do it withouth layer 3, but you can do it with just layer 3 switches. Most switches (at least profesional ones with primium license) have routing capabilities now.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.