All,
Is it possible to segment all traffic at the port level without the use of additional vlans? I was asked to find out if we can use an SDN implementation in such a matter that Client A cannot directly communicate with Client B even though they're on the same SDN-enabled access switch. My first thought was put everyone on a separate vlan but that doesn't scale well and I'm not sure how SDN switch to SDN controller handles traffic in this manner (not sure how SDN handles vlans period to be honest).
In a regular dataplane env I understand I would just put everyone on separate vlan, and give them appropriate layer 3 default gateways (svi) at the core layer, but I'm not sure if there's a way I can drill down to the port/collision domain level without breaking spanning-tree or just having a ton of vlans. Can anyone recommend any documentation on this that is not sales and slideshow fluff? Much appreciated!
No comments:
Post a Comment