Switches, Hubs, and Modems
1745821 Members
4112 Online
108722 Solutions
New Discussion юеВ

VLANs on 2900, slower performance

 
SOLVED
Go to solution

VLANs on 2900, slower performance

My 2900-24 and 2900-48 switch configurations are attached.

We are seeing slowness, mainly in accessing the 10.0.0.0/24 net, but also connecting between other VLAN nets.

The management VLAN is 10.0.0.0/24. .1 is the firewall, .2 is the 24 port, and .3 is the 48 port. Other 1800-24 switches are on the 10 net, as well as some equipment that can't yet be moved.

The DHCP server passes out addresses for the 10 net, and includes 10.0.0.2 as the gateway. I've tried to balance the routing load on each switch.

The firewall knows about all VLANs, and directs traffic to the correct 2900.


Is there something I can optimize in the attached configs or on my firewall? The 10.0.0.0/24 net is my first concern, but the slowness in general needs to be addressed, too.


Thanks.
4 REPLIES 4
Pieter 't Hart
Honored Contributor

Re: VLANs on 2900, slower performance

"and includes 10.0.0.2 as the gateway."
do you really assign the same gateway for all vlan's?

the dhcp-server should have a different scope for each subnet and assign each subnet it's own default gateway
scope 10.10.1.0 -> gateway 10.10.1.1
scope 10.10.2.0 -> gateway 10.10.2.1
etc.

Pieter

Re: VLANs on 2900, slower performance

Sorry I was not clear on that.

My DHCP config is as you indicated - each VLAN gets the appropriate gateway.

I was trying to say that the gateway I'm distributing for the 10.0.0.0/24 network is the 2900-24 switch (10.0.0.2) and not the firewall (10.0.0.1).

The 2900-24 then points to the firewall for outbound traffic.

I thought this was better in order to reduce load on the firewall. Otherwise, if the gateway were set to the firewall, traffic destined for other VLANs would have to first hit the firewall, then hit the switch. Now it goes to the switch and only out to the firewall if need be.
cenk sasmaztin
Honored Contributor
Solution

Re: VLANs on 2900, slower performance

hi Daniel
please test new route entry


Running configuration:

; J9049A Configuration Editor; Created on release #T.13.23

hostname "MDF-2900-24G"
snmp-server location "MDF-LB-2nd-Floor"
web-management management-url ""
time timezone -400
time daylight-time-rule Continental-US-and-Canada
module 1 type J86xxA
module 3 type J90XXA
trunk A2-A3 Trk1 Trunk
ip routing
ip arp-age 5
vlan 1
name "DEFAULT_VLAN"
untagged 2,9,13,21-24,A1,A4,Trk1
ip helper-address 10.10.31.11
ip address 10.0.0.2 255.255.255.0
no untagged 1,3-8,10-12,14-20
exit
vlan 11
name "IDF-1"
ip helper-address 10.10.31.11
ip address 10.10.1.1 255.255.255.0
tagged 24,Trk1
exit
vlan 12
name "IDF-2"
ip helper-address 10.10.31.11
ip address 10.10.2.1 255.255.255.0
tagged 23,Trk1
exit
vlan 10
name "MDF"
ip helper-address 10.10.31.11
ip address 10.10.0.1 255.255.255.0
tagged Trk1
exit
vlan 13
name "IDF-3"
ip helper-address 10.10.31.11
ip address 10.10.3.1 255.255.255.0
tagged 22,Trk1
exit
vlan 14
name "IDF-4"
tagged Trk1
no ip address
exit
vlan 15
name "IDF-5"
ip helper-address 10.10.31.11
ip address 10.10.5.1 255.255.255.0
tagged 21,Trk1
exit
vlan 16
name "IDF-6"
tagged Trk1
no ip address
exit
vlan 17
name "IDF-7"
tagged Trk1
no ip address
exit
vlan 21
name "PRINT"
tagged 21-24,Trk1
no ip address
exit
vlan 31
name "SERVER"
untagged 1,3-8,10-12,14-20
ip address 10.10.31.1 255.255.255.0
exit
no stack
no ip ssh
ip route 0.0.0.0 0.0.0.0 10.0.0.1
ip route 10.10.0.0 255.255.0.0 10.0.0.3
spanning-tree
spanning-tree Trk1 priority 4
password manager




Running configuration:

; J9050A Configuration Editor; Created on release #T.13.23

hostname "MDF-2900-48G"
snmp-server location "MDF-LB-2nd-Floor"
time timezone -400
time daylight-time-rule Continental-US-and-Canada
module 1 type J86yyA
module 2 type J86xxA
module 3 type J90XXA
interface 36
speed-duplex 10-half
exit
trunk A2-A3 Trk1 Trunk
ip routing
ip arp-age 5
vlan 1
name "DEFAULT_VLAN"
untagged 9-10,30,37,42,45-A1,A4,Trk1
ip helper-address 10.10.31.11
ip address 10.0.0.3 255.255.255.0
no untagged 1-8,11-29,31-36,38-41,43-44
exit
vlan 10
name "MDF"
tagged Trk1
no ip address
exit
vlan 11
name "IDF-1"
tagged Trk1
no ip address
exit
vlan 12
name "IDF-2"
tagged Trk1
no ip address
exit
vlan 13
name "IDF-3"
tagged Trk1
no ip address
exit
vlan 14
name "IDF-4"
ip helper-address 10.10.31.11
ip address 10.10.4.1 255.255.255.0
tagged 45,Trk1
exit
vlan 15
name "IDF-5"
tagged Trk1
no ip address
exit
vlan 16
name "IDF-6"
ip helper-address 10.10.31.11
ip address 10.10.6.1 255.255.255.0
tagged 46,Trk1
exit
vlan 17
name "IDF-7"
untagged 1-8,12-16,18-29,31-35,38-41,43-44
ip helper-address 10.10.31.11
ip address 10.10.7.1 255.255.255.0
tagged Trk1
exit
vlan 21
name "PRINT"
untagged 11,17,36
ip helper-address 10.10.31.11
ip address 10.10.21.1 255.255.255.0
tagged 45-48,Trk1
exit
vlan 31
name "SERVER"
no ip address
exit
no stack
no ip ssh
ip route 0.0.0.0 0.0.0.0 10.0.0.1
ip route 10.10.0.0 255.255.0.0 10.0.0.2
spanning-tree
spanning-tree Trk1 priority 4
password manager
cenk

Re: VLANs on 2900, slower performance

Thanks for your time on this.

I've updated the routing entries.

I am still trying to gauge performance, but things seem to be going well.