Installation guide

A Sample VLAN Topology

Chapter 7

This topology also allows you to hide some functionality of the ShMM behind the Switch Blades. This

means that blades within the 14-Slot Shelf and devices outside of the 14-Slot Shelf are not allowed to

connect directly to the ShMMs. All ShMM management traffic (SNMP / IPMI) is routed through the

Switch Blades via one of these private LANs, and onto the externally-exposed management LAN. Not

connecting directly to the ShMM enhances the overall security of the 14-Slot Shelf.

IMPORTANT The ShMM command set is powerful enough to bring down or reboot the entire shelf. By

exposing only the management traffic you want through the Switch Blades, you allow the

ShMM to do its job without opening a major security hole for the complete 14-Slot Shelf.

In this sample, you will create five separate VLANs on the Ethernet Switch Blades to build your network

topology. You will have a topology that looks like Figure 7-3, and includes the following VLANs:

Figure 7-3 Simplified Block Diagram of the Sample VLAN Topology

• vlan1: Cross-connects each Ethernet Switch Blade to the opposite-side ShMM.

• vlan2: Creates a Management LAN for the entire 14-Slot Shelf.

• vlan3: Combines the remaining base interfaces (control plane) into a single VLAN.

• vlan4: Creates a switch-to-switch LAN, and includes the same-side ShMM.