Apologies that this make come across as a bit of a newbie question but I've never done ACL rules before on our Core stack so I'm not confident in this area.
We have a VLAN 97 which I don't want to be able to talk to any other VLAN besides a limited subset of IPs on VLAN 11 so that it can use the DNS servers that reside on this VLAN.
Let's say I want it to use the DNS Servers on VLAN 11 so 10.10.5.250 and 10.10.5.251 which have a /16 on that VLAN.
We typically use a /23 on our other VLANs but they can all be covered with a /16. See example:
VLAN 101 = 10.10.101.0/23
VLAN 103 = 10.10.103.0/23
VLAN 105 = 10.10.105/23
I don't care about these VLANs being able to see VLAN 97, that's fine. It's just VLAN 97 that I want to stop from seeing most of the network.
No comments:
Post a Comment